{"id":4315,"name":"@fastify/static","ecosystem":"npm","repository_url":"https://github.com/fastify/fastify-static","issues_count":392,"created_at":"2025-06-06T16:30:25.668Z","updated_at":"2025-06-06T16:30:25.668Z","purl":"pkg:npm/@fastify/static","metadata":{"id":4375501,"name":"@fastify/static","ecosystem":"npm","description":"Plugin for serving static files as fast as possible.","homepage":"https://github.com/fastify/fastify-static","licenses":"MIT","normalized_licenses":["MIT"],"repository_url":"https://github.com/fastify/fastify-static","keywords_array":["fastify","static"],"namespace":"fastify","versions_count":38,"first_release_published_at":"2022-04-27T15:33:51.282Z","latest_release_published_at":"2025-05-21T07:47:48.927Z","latest_release_number":"8.2.0","last_synced_at":"2025-06-06T02:03:05.722Z","created_at":"2022-05-24T13:29:20.028Z","updated_at":"2025-06-06T02:03:05.724Z","registry_url":"https://www.npmjs.com/package/@fastify/static","install_command":"npm install @fastify/static","documentation_url":null,"metadata":{"funding":[{"type":"github","url":"https://github.com/sponsors/fastify"},{"type":"opencollective","url":"https://opencollective.com/fastify"}],"dist-tags":{"next":"8.0.0","latest":"8.2.0"}},"repo_metadata":{"id":24148894,"uuid":"100581886","full_name":"fastify/fastify-static","owner":"fastify","description":"Plugin for serving static files as fast as possible","archived":false,"fork":false,"pushed_at":"2024-05-13T12:56:40.000Z","size":598,"stargazers_count":411,"open_issues_count":8,"forks_count":90,"subscribers_count":19,"default_branch":"master","last_synced_at":"2024-05-22T02:42:30.065Z","etag":null,"topics":["fastify","fastify-plugin","file-server","static"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/fastify.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"fastify","open_collective":"fastify"}},"created_at":"2017-08-17T08:43:43.000Z","updated_at":"2024-05-31T23:48:46.625Z","dependencies_parsed_at":"2024-03-04T13:56:49.002Z","dependency_job_id":"c0bf5cc7-5c2c-4acf-83e6-7e0d301cd9dc","html_url":"https://github.com/fastify/fastify-static","commit_stats":{"total_commits":379,"total_committers":75,"mean_commits":5.053333333333334,"dds":0.7862796833773087,"last_synced_commit":"84881c1c9e1d43ea2c41c8ab38e51b6b0788ddf3"},"previous_names":[],"tags_count":82,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fastify","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":214941138,"owners_count":15806302,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"fastify","name":"Fastify","uuid":"24939410","kind":"organization","description":"Fast and low overhead web framework, for Node.js","email":null,"website":"https://fastify.dev","location":null,"twitter":"fastifyjs","company":null,"icon_url":"https://avatars.githubusercontent.com/u/24939410?v=4","repositories_count":134,"last_synced_at":"2024-05-20T14:39:25.072Z","metadata":{"has_sponsors_listing":true,"funding":{"github":"fastify","open_collective":"fastify"}},"html_url":"https://github.com/fastify","funding_links":["https://github.com/sponsors/fastify","https://opencollective.com/fastify"],"total_stars":52665,"followers":735,"following":0,"created_at":"2022-11-02T16:30:46.974Z","updated_at":"2024-05-20T14:39:53.540Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fastify","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fastify/repositories"},"tags":[{"name":"v7.0.4","sha":"27b42dba219783bd92f24b96efc82d8f1dfef287","kind":"commit","published_at":"2024-05-07T14:58:29.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v7.0.4","html_url":"https://github.com/fastify/fastify-static/releases/tag/v7.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v7.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v7.0.4/manifests"},{"name":"v7.0.3","sha":"de16de945bad696a3fecea861da256d226cedf48","kind":"tag","published_at":"2024-04-04T02:18:44.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v7.0.3","html_url":"https://github.com/fastify/fastify-static/releases/tag/v7.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v7.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v7.0.3/manifests"},{"name":"v7.0.2","sha":"75bbed50fd396d0245ab755cfe2a362be29c940e","kind":"commit","published_at":"2024-03-29T12:48:50.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v7.0.2","html_url":"https://github.com/fastify/fastify-static/releases/tag/v7.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v7.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v7.0.2/manifests"},{"name":"v7.0.1","sha":"515f1324fc3bbf7ed33339316c99ebb0e2a35217","kind":"commit","published_at":"2024-02-07T18:56:51.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v7.0.1","html_url":"https://github.com/fastify/fastify-static/releases/tag/v7.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v7.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v7.0.1/manifests"},{"name":"v7.0.0","sha":"f1a248b152f2193c556698a749159a1173124462","kind":"commit","published_at":"2024-02-01T16:10:24.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v7.0.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v7.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v7.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v7.0.0/manifests"},{"name":"v6.12.0","sha":"37056ce4a277004bb118a4ef0b92bdbaf4bf4d20","kind":"commit","published_at":"2023-10-29T14:33:30.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v6.12.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v6.12.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.12.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.12.0/manifests"},{"name":"v6.11.2","sha":"d40ce2d33481da7abcd261b1e8699ef31a9e2854","kind":"commit","published_at":"2023-09-17T08:31:38.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v6.11.2","html_url":"https://github.com/fastify/fastify-static/releases/tag/v6.11.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.11.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.11.2/manifests"},{"name":"v6.11.1","sha":"2471a4c2413f7958b0045073e70d81b1bd85b57d","kind":"commit","published_at":"2023-09-14T05:56:19.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v6.11.1","html_url":"https://github.com/fastify/fastify-static/releases/tag/v6.11.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.11.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.11.1/manifests"},{"name":"v6.11.0","sha":"bbbc619d966dba3e742af097d9b625aad34e96bf","kind":"commit","published_at":"2023-09-01T20:01:17.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v6.11.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v6.11.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.11.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.11.0/manifests"},{"name":"v6.10.2","sha":"4e2a83a205b4930dad34e4d0c2f1e633c03f7a3d","kind":"commit","published_at":"2023-05-25T16:35:29.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v6.10.2","html_url":"https://github.com/fastify/fastify-static/releases/tag/v6.10.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.10.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.10.2/manifests"},{"name":"v6.10.1","sha":"5bcc31478a7c6ff710e526f8aa5851a807cb756b","kind":"commit","published_at":"2023-04-13T17:15:55.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v6.10.1","html_url":"https://github.com/fastify/fastify-static/releases/tag/v6.10.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.10.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.10.1/manifests"},{"name":"v6.10.0","sha":"38aab03137b688f580dec52cc4621b7995614c55","kind":"commit","published_at":"2023-04-02T09:46:58.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v6.10.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v6.10.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.10.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.10.0/manifests"},{"name":"v6.9.0","sha":"2fc5836ce26855b9d428f2b9149a9b61e6efda18","kind":"commit","published_at":"2023-02-10T15:25:39.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v6.9.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v6.9.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.9.0/manifests"},{"name":"v6.8.0","sha":"c26d54c673941e77f5360fe37146e2e75f732b33","kind":"commit","published_at":"2023-01-30T13:52:35.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v6.8.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v6.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.8.0/manifests"},{"name":"v6.7.0","sha":"c95eaf7bf20489007c7d85f5516c421b2d6b4334","kind":"commit","published_at":"2023-01-26T10:00:33.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v6.7.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v6.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.7.0/manifests"},{"name":"v6.6.1","sha":"8dab6ec5c4525cbe132ec1b7863d884392288406","kind":"commit","published_at":"2023-01-11T10:48:57.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v6.6.1","html_url":"https://github.com/fastify/fastify-static/releases/tag/v6.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.6.1/manifests"},{"name":"v6.6.0","sha":"1f857664d77572d104ea21a0f0a1ce3b523d0949","kind":"commit","published_at":"2022-12-04T23:30:35.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v6.6.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v6.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.6.0/manifests"},{"name":"v6.5.1","sha":"95efb4ba88b96eb620294fddcf3368d2c048122c","kind":"commit","published_at":"2022-11-22T07:20:26.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v6.5.1","html_url":"https://github.com/fastify/fastify-static/releases/tag/v6.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.5.1/manifests"},{"name":"v6.5.0","sha":"b5df71cea958e9aec1e761c938fe0f3292bf6241","kind":"commit","published_at":"2022-07-30T11:24:25.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v6.5.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v6.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.5.0/manifests"},{"name":"v6.4.1","sha":"98740b8f42fbede0fadc438afe52e9614ea206d5","kind":"commit","published_at":"2022-07-23T12:10:06.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v6.4.1","html_url":"https://github.com/fastify/fastify-static/releases/tag/v6.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.4.1/manifests"},{"name":"v6.4.0","sha":"aeb37cf4c7376d749364c1d04321f8340a46bcb6","kind":"commit","published_at":"2022-05-23T15:31:19.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v6.4.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v6.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.4.0/manifests"},{"name":"v6.3.0","sha":"c293d8c4b917e00ec0d9e988ad3d9cb4cf7c7dff","kind":"commit","published_at":"2022-05-18T23:43:12.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v6.3.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v6.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.3.0/manifests"},{"name":"v6.2.0","sha":"4cafcb21e247a6557182426f2d3287a0814e3312","kind":"commit","published_at":"2022-05-18T10:16:14.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v6.2.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v6.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.2.0/manifests"},{"name":"v6.1.0","sha":"39c1a1b70612e8c5cd76aa8d25ee3b4ffe924fb2","kind":"commit","published_at":"2022-05-15T12:52:24.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v6.1.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v6.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.1.0/manifests"},{"name":"v6.0.0","sha":"510d56dc5370b8c1fc269b6fbc72c3b94ba9c60c","kind":"commit","published_at":"2022-05-06T11:31:16.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v6.0.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v6.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v6.0.0/manifests"},{"name":"v5.0.2","sha":"dee5d8014c0831dc4721f3b09062a75d7348eead","kind":"commit","published_at":"2022-05-04T09:01:04.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v5.0.2","html_url":"https://github.com/fastify/fastify-static/releases/tag/v5.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v5.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v5.0.2/manifests"},{"name":"v5.0.1","sha":"17de68197de1d69d119e2f89b8642fcbf0521183","kind":"commit","published_at":"2022-05-01T18:06:05.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v5.0.1","html_url":"https://github.com/fastify/fastify-static/releases/tag/v5.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v5.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v5.0.1/manifests"},{"name":"v5.0.0","sha":"1c4f9334c543c179215c1a9977ae219b96cc0431","kind":"commit","published_at":"2022-04-27T15:33:26.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v5.0.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v5.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v5.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v5.0.0/manifests"},{"name":"v4.6.1","sha":"b4af312230fb92d115371b825a93c3ee56a2f331","kind":"commit","published_at":"2022-03-18T08:47:05.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v4.6.1","html_url":"https://github.com/fastify/fastify-static/releases/tag/v4.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.6.1/manifests"},{"name":"v4.6.0","sha":"282eb011fca3aeb69d609c619128f2558c56fb08","kind":"commit","published_at":"2022-03-17T09:31:21.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v4.6.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v4.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.6.0/manifests"},{"name":"v4.5.0","sha":"ac66bf138a46604bb5965d77edf2a549095d35b0","kind":"commit","published_at":"2021-11-03T14:40:09.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v4.5.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v4.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.5.0/manifests"},{"name":"v4.4.2","sha":"ad66ca18230e1a565513eefaa8cad008c13b2b65","kind":"commit","published_at":"2021-10-12T18:41:13.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v4.4.2","html_url":"https://github.com/fastify/fastify-static/releases/tag/v4.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.4.2/manifests"},{"name":"v4.4.1","sha":"f324f8b5013a130885c4857aad50afa113f21eae","kind":"commit","published_at":"2021-10-11T12:50:06.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v4.4.1","html_url":"https://github.com/fastify/fastify-static/releases/tag/v4.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.4.1/manifests"},{"name":"v4.4.0","sha":"bbdf96f1acfec010cf4f8436b05bfa6b161e1f49","kind":"commit","published_at":"2021-10-07T10:23:44.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v4.4.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v4.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.4.0/manifests"},{"name":"v4.3.0","sha":"33bc265bc95a9cc65fab062f5695e39e2621cfd8","kind":"commit","published_at":"2021-10-06T11:00:29.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v4.3.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v4.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.3.0/manifests"},{"name":"v4.2.4","sha":"d97b2cf6a0353e784ad2674aaecd6508ac74130d","kind":"commit","published_at":"2021-10-05T16:57:17.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v4.2.4","html_url":"https://github.com/fastify/fastify-static/releases/tag/v4.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.2.4/manifests"},{"name":"v4.2.3","sha":"526d1549f1af4b3878af5ba94bb8675cb9334992","kind":"commit","published_at":"2021-08-05T08:44:01.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v4.2.3","html_url":"https://github.com/fastify/fastify-static/releases/tag/v4.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.2.3/manifests"},{"name":"v4.2.2","sha":"2a1ebd8005a5ce7f29055a5d5d016af0002c3239","kind":"commit","published_at":"2021-05-21T12:48:10.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v4.2.2","html_url":"https://github.com/fastify/fastify-static/releases/tag/v4.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.2.2/manifests"},{"name":"v4.2.1","sha":"d479900bbfe0321d6c7edd2a19e01f7cbccd5372","kind":"commit","published_at":"2021-05-19T07:53:58.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v4.2.1","html_url":"https://github.com/fastify/fastify-static/releases/tag/v4.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.2.1/manifests"},{"name":"v4.2.0","sha":"ef4d1e13e51113448e80c9a644603e570db66a54","kind":"commit","published_at":"2021-05-17T07:53:03.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v4.2.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v4.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.2.0/manifests"},{"name":"v4.1.0","sha":"f6d59f93005471061b0924dc588149145e075df8","kind":"commit","published_at":"2021-05-07T16:31:35.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v4.1.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v4.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.1.0/manifests"},{"name":"v4.0.1","sha":"1930b56a99c48e3d832ecf944517b859c41136ff","kind":"commit","published_at":"2021-02-22T11:54:35.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v4.0.1","html_url":"https://github.com/fastify/fastify-static/releases/tag/v4.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.0.1/manifests"},{"name":"v4.0.0","sha":"679facf714c165d070e2053b4e1985c4aef20c7e","kind":"commit","published_at":"2021-02-18T09:55:47.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v4.0.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v4.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v4.0.0/manifests"},{"name":"v3.5.0","sha":"679facf714c165d070e2053b4e1985c4aef20c7e","kind":"commit","published_at":"2021-02-18T09:55:47.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v3.5.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v3.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v3.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v3.5.0/manifests"},{"name":"v3.4.0","sha":"7744420bb96bcc7990764f82cdffaf2ecd9227d7","kind":"commit","published_at":"2021-01-14T11:51:01.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v3.4.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v3.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v3.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v3.4.0/manifests"},{"name":"v3.3.1","sha":"756b95d4bb5b8310c1bbc97b4fa616cd42a6c6dc","kind":"commit","published_at":"2021-01-05T16:35:09.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v3.3.1","html_url":"https://github.com/fastify/fastify-static/releases/tag/v3.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v3.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v3.3.1/manifests"},{"name":"v3.3.0","sha":"33d7be990810ab03c309a4a31f71004c17acb465","kind":"commit","published_at":"2020-10-20T08:32:14.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v3.3.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v3.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v3.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v3.3.0/manifests"},{"name":"v3.2.1","sha":"ca9da85233796748329539ead5dc480460e3cd9f","kind":"commit","published_at":"2020-10-04T12:17:29.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v3.2.1","html_url":"https://github.com/fastify/fastify-static/releases/tag/v3.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v3.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v3.2.1/manifests"},{"name":"3.2.0","sha":"779ce813b48bf33a044ba300f53bca88c23f2fcd","kind":"commit","published_at":"2020-07-20T08:44:59.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/3.2.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/3.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/3.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/3.2.0/manifests"},{"name":"v3.1.0","sha":"d1f2edfe58b8aaced3f44251496c138fdc491190","kind":"commit","published_at":"2020-07-01T16:44:00.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v3.1.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v3.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v3.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v3.1.0/manifests"},{"name":"v3.0.1","sha":"c29d6c21d21647f5d22d95a962c1f8f38cd7c70e","kind":"commit","published_at":"2020-06-12T22:58:55.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v3.0.1","html_url":"https://github.com/fastify/fastify-static/releases/tag/v3.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v3.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v3.0.1/manifests"},{"name":"v3.0.0","sha":"8ef1eb8ef7f684437c1581024b4f9280efe022df","kind":"commit","published_at":"2020-05-04T10:21:26.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v3.0.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v3.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v3.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v3.0.0/manifests"},{"name":"v2.7.0","sha":"4c5aaa35c75aabae96f79282904d8b53628552d8","kind":"commit","published_at":"2020-04-20T21:07:26.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v2.7.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v2.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.7.0/manifests"},{"name":"v2.6.0","sha":"e1ad93bed4f84014678ca8f7a5e48022340bf14c","kind":"commit","published_at":"2020-01-26T18:19:29.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v2.6.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v2.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.6.0/manifests"},{"name":"v2.5.1","sha":"07b09b29abf9a64825e0209d5462dbcea5a4d945","kind":"commit","published_at":"2019-11-29T07:51:35.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v2.5.1","html_url":"https://github.com/fastify/fastify-static/releases/tag/v2.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.5.1/manifests"},{"name":"v2.5.0","sha":"0e48bf2d219a984b81f328c37352bf0d26fc047a","kind":"commit","published_at":"2019-06-17T10:55:54.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v2.5.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v2.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.5.0/manifests"},{"name":"v2.4.0","sha":"9ed21d886393fa991f4b5fc077889aefa2aed145","kind":"commit","published_at":"2019-03-27T14:45:08.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v2.4.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v2.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.4.0/manifests"},{"name":"v2.3.4","sha":"b5c73bfa1b0ae678877725567be10191ac1f39dd","kind":"commit","published_at":"2019-02-25T08:57:41.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v2.3.4","html_url":"https://github.com/fastify/fastify-static/releases/tag/v2.3.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.3.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.3.4/manifests"},{"name":"v2.3.3","sha":"e24f834ec9d89184d47f4bca38b37ecad902f3c3","kind":"commit","published_at":"2019-02-22T07:18:20.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v2.3.3","html_url":"https://github.com/fastify/fastify-static/releases/tag/v2.3.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.3.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.3.3/manifests"},{"name":"v2.3.2","sha":"ddea1b4c87b2339bab0e1f9b6f0a60b963563d2a","kind":"commit","published_at":"2019-02-14T16:42:48.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v2.3.2","html_url":"https://github.com/fastify/fastify-static/releases/tag/v2.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.3.2/manifests"},{"name":"v2.3.1","sha":"bc29cfcfd2846efd5501fc3f2c47b4792f5ea068","kind":"commit","published_at":"2019-02-12T23:21:40.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v2.3.1","html_url":"https://github.com/fastify/fastify-static/releases/tag/v2.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.3.1/manifests"},{"name":"v2.3.0","sha":"e3b353a39c74158ca18eb0587b9f119cc79fa60c","kind":"commit","published_at":"2019-02-10T18:56:48.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v2.3.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v2.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.3.0/manifests"},{"name":"v2.2.0","sha":"8463deeaccb0102a23df67b4f0c76a44bf0df2d8","kind":"commit","published_at":"2019-02-05T22:07:56.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v2.2.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v2.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.2.0/manifests"},{"name":"v1.1.0","sha":"cd5c3c3dbe7529648a52349781392f954e3b0c63","kind":"commit","published_at":"2019-01-05T16:46:36.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v1.1.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v1.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v1.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v1.1.0/manifests"},{"name":"v2.1.0","sha":"3bf9b8811980fe66476ad60746133f24adabc249","kind":"commit","published_at":"2019-01-05T16:26:50.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v2.1.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v2.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.1.0/manifests"},{"name":"v2.0.0","sha":"e43a9e7ac394668b82449cd8557bb95b01b221ed","kind":"commit","published_at":"2018-12-05T00:21:13.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v2.0.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v2.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v2.0.0/manifests"},{"name":"v1.0.0","sha":"f2f5113c95580b2e14c6a32e91b76e7097745c54","kind":"commit","published_at":"2018-12-04T09:51:06.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v1.0.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v1.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v1.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v1.0.0/manifests"},{"name":"v0.14.0","sha":"f3633c67f744623c300548fe5434b5025b5f7e42","kind":"commit","published_at":"2018-08-16T21:01:31.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v0.14.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v0.14.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.14.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.14.0/manifests"},{"name":"v0.13.0","sha":"5423247a51e3524b9c733b676d9c59549a2b4483","kind":"commit","published_at":"2018-08-13T17:54:17.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v0.13.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v0.13.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.13.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.13.0/manifests"},{"name":"v0.12.0","sha":"61cb4d5ab718756116a083255b90e650aaa2757c","kind":"commit","published_at":"2018-05-21T11:50:48.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v0.12.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v0.12.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.12.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.12.0/manifests"},{"name":"v0.11.0","sha":"2b5d18845ab080c11cbaf33063fd01e3fdc2213b","kind":"tag","published_at":"2018-05-09T23:12:04.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v0.11.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v0.11.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.11.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.11.0/manifests"},{"name":"v0.10.0","sha":"602c8cf21b635137cf2c6210c2addc538ad3d9eb","kind":"commit","published_at":"2018-04-10T17:01:58.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v0.10.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v0.10.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.10.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.10.0/manifests"},{"name":"v0.9.0","sha":"0d82378d2c455124e0d35182a00276da6d535b45","kind":"tag","published_at":"2018-03-28T21:57:03.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v0.9.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v0.9.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.9.0/manifests"},{"name":"v0.8.0","sha":"7a3dcc8bf33ced868470ecbe58833609c9d8fee9","kind":"tag","published_at":"2018-02-03T16:58:42.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v0.8.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v0.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.8.0/manifests"},{"name":"v0.6.0","sha":"9ed2fc4e44a2a9945895dff6c07ff872ec31dc48","kind":"commit","published_at":"2018-01-08T15:14:30.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v0.6.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v0.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.6.0/manifests"},{"name":"v0.5.0","sha":"c1bb5a95bad2cdc2ed19f0b26c1de4a25a17c1e5","kind":"commit","published_at":"2017-12-21T09:36:55.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v0.5.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v0.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.5.0/manifests"},{"name":"v0.4.1","sha":"f020356f8b070cf95f6792e04986c01932bd1a1c","kind":"tag","published_at":"2017-11-18T15:30:48.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v0.4.1","html_url":"https://github.com/fastify/fastify-static/releases/tag/v0.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.4.1/manifests"},{"name":"v0.4.0","sha":"233d14bf12105917926ebba55b9a4d73004c751e","kind":"tag","published_at":"2017-11-18T15:23:22.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v0.4.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v0.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.4.0/manifests"},{"name":"v0.3.0","sha":"988a6a3dd343babd37214e671319e72680a28301","kind":"tag","published_at":"2017-10-18T20:28:02.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v0.3.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v0.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.3.0/manifests"},{"name":"v0.2.1","sha":"e17fc546d1cfdfeef819065b7c40a9704589022b","kind":"tag","published_at":"2017-10-02T20:22:58.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v0.2.1","html_url":"https://github.com/fastify/fastify-static/releases/tag/v0.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.2.1/manifests"},{"name":"v0.2.0","sha":"8ac945708ab264efeb687c4619aaa1c3ca4d1915","kind":"tag","published_at":"2017-09-28T19:14:15.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v0.2.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v0.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.2.0/manifests"},{"name":"v0.1.0","sha":"bad40ad3e413d4500674d2f0864ee50079af89b6","kind":"commit","published_at":"2017-09-06T18:52:32.000Z","download_url":"https://codeload.github.com/fastify/fastify-static/tar.gz/v0.1.0","html_url":"https://github.com/fastify/fastify-static/releases/tag/v0.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fastify%2Ffastify-static/tags/v0.1.0/manifests"}]},"repo_metadata_updated_at":"2024-09-07T19:44:55.130Z","dependent_packages_count":280,"downloads":4706292,"downloads_period":"last-month","dependent_repos_count":2807,"rankings":{"downloads":0.21131438929969013,"dependent_repos_count":0.4313238139673138,"dependent_packages_count":0.23399550632063768,"stargazers_count":3.3678185271413876,"forks_count":3.2788068138696795,"docker_downloads_count":0.15103330177942756,"average":1.279048725396356},"purl":"pkg:npm/%40fastify/static","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/npm/@fastify/static","docker_dependents_count":212,"docker_downloads_count":161092822,"usage_url":"https://repos.ecosyste.ms/usage/npm/@fastify/static","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/npm/@fastify/static/dependencies","status":null,"funding_links":["https://github.com/sponsors/fastify","https://opencollective.com/fastify"],"critical":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@fastify%2Fstatic/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@fastify%2Fstatic/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@fastify%2Fstatic/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@fastify%2Fstatic/related_packages","maintainers":[{"uuid":"simenb","login":"simenb","name":null,"email":"sbekkhus91@gmail.com","url":null,"packages_count":262,"html_url":"https://www.npmjs.com/~simenb","role":null,"created_at":"2022-11-15T17:45:07.847Z","updated_at":"2022-11-15T17:45:07.847Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/simenb/packages"},{"uuid":"matteo.collina","login":"matteo.collina","name":null,"email":"hello@matteocollina.com","url":null,"packages_count":604,"html_url":"https://www.npmjs.com/~matteo.collina","role":null,"created_at":"2022-11-15T17:45:08.554Z","updated_at":"2022-11-15T17:45:08.554Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/matteo.collina/packages"},{"uuid":"airhorns","login":"airhorns","name":null,"email":"harry@harry.me","url":null,"packages_count":202,"html_url":"https://www.npmjs.com/~airhorns","role":null,"created_at":"2022-11-15T17:45:10.868Z","updated_at":"2022-11-15T17:45:10.868Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/airhorns/packages"},{"uuid":"galvez","login":"galvez","name":null,"email":"jonasgalvez@gmail.com","url":null,"packages_count":198,"html_url":"https://www.npmjs.com/~galvez","role":null,"created_at":"2022-11-15T17:45:07.689Z","updated_at":"2022-11-15T17:45:07.689Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/galvez/packages"},{"uuid":"delvedor","login":"delvedor","name":null,"email":"tommydelved@gmail.com","url":null,"packages_count":306,"html_url":"https://www.npmjs.com/~delvedor","role":null,"created_at":"2022-11-15T17:45:08.485Z","updated_at":"2022-11-15T17:45:08.485Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/delvedor/packages"},{"uuid":"kibertoad","login":"kibertoad","name":null,"email":"iselwin@gmail.com","url":null,"packages_count":269,"html_url":"https://www.npmjs.com/~kibertoad","role":null,"created_at":"2022-11-15T17:45:11.097Z","updated_at":"2022-11-15T17:45:11.097Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/kibertoad/packages"},{"uuid":"jsumners","login":"jsumners","name":null,"email":"james.sumners@gmail.com","url":null,"packages_count":261,"html_url":"https://www.npmjs.com/~jsumners","role":null,"created_at":"2022-11-15T17:45:08.808Z","updated_at":"2022-11-15T17:45:08.808Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/jsumners/packages"},{"uuid":"starptech","login":"starptech","name":null,"email":"deusdustin@gmail.com","url":null,"packages_count":249,"html_url":"https://www.npmjs.com/~starptech","role":null,"created_at":"2022-11-15T17:45:08.414Z","updated_at":"2022-11-15T17:45:08.414Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/starptech/packages"},{"uuid":"coopflow","login":"coopflow","name":null,"email":"community@coopflow.com","url":null,"packages_count":141,"html_url":"https://www.npmjs.com/~coopflow","role":null,"created_at":"2022-11-15T17:45:08.133Z","updated_at":"2022-11-15T17:45:08.133Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/coopflow/packages"},{"uuid":"simoneb","login":"simoneb","name":null,"email":"simone.busoli@gmail.com","url":null,"packages_count":303,"html_url":"https://www.npmjs.com/~simoneb","role":null,"created_at":"2022-11-15T17:45:08.235Z","updated_at":"2022-11-15T17:45:08.235Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/simoneb/packages"},{"uuid":"rafaelgss","login":"rafaelgss","name":null,"email":"rafael.nunu@hotmail.com","url":null,"packages_count":183,"html_url":"https://www.npmjs.com/~rafaelgss","role":null,"created_at":"2022-11-15T17:45:08.353Z","updated_at":"2022-11-15T17:45:08.353Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/rafaelgss/packages"},{"uuid":"allevo","login":"allevo","name":null,"email":"tomallevi@gmail.com","url":null,"packages_count":205,"html_url":"https://www.npmjs.com/~allevo","role":null,"created_at":"2022-11-15T17:45:08.710Z","updated_at":"2022-11-15T17:45:08.710Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/allevo/packages"},{"uuid":"zekth","login":"zekth","name":null,"email":"vince.legoff@gmail.com","url":null,"packages_count":153,"html_url":"https://www.npmjs.com/~zekth","role":null,"created_at":"2022-11-15T17:45:08.929Z","updated_at":"2022-11-15T17:45:08.929Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/zekth/packages"},{"uuid":"eomm","login":"eomm","name":null,"email":"behemoth89@gmail.com","url":null,"packages_count":195,"html_url":"https://www.npmjs.com/~eomm","role":null,"created_at":"2022-11-15T17:45:09.969Z","updated_at":"2022-11-15T17:45:09.969Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/eomm/packages"},{"uuid":"fox1t","login":"fox1t","name":null,"email":"maksim@sinik.it","url":null,"packages_count":167,"html_url":"https://www.npmjs.com/~fox1t","role":null,"created_at":"2022-11-15T17:45:10.628Z","updated_at":"2022-11-15T17:45:10.628Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/fox1t/packages"},{"uuid":"climba03003","login":"climba03003","name":null,"email":"kaka@kakawebsitedemo.com","url":null,"packages_count":192,"html_url":"https://www.npmjs.com/~climba03003","role":null,"created_at":"2022-11-15T17:45:11.786Z","updated_at":"2022-11-15T17:45:11.786Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/climba03003/packages"},{"uuid":"fdawgs","login":"fdawgs","name":null,"email":"frazer.dev@icloud.com","url":null,"packages_count":83,"html_url":"https://www.npmjs.com/~fdawgs","role":null,"created_at":"2022-11-15T17:45:13.691Z","updated_at":"2022-11-15T17:45:13.691Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/fdawgs/packages"},{"uuid":"metcoder95","login":"metcoder95","name":null,"email":"me@metcoder.dev","url":null,"packages_count":163,"html_url":"https://www.npmjs.com/~metcoder95","role":null,"created_at":"2023-04-13T02:16:31.015Z","updated_at":"2023-04-13T02:16:31.015Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/metcoder95/packages"},{"uuid":"is2ei","login":"is2ei","name":null,"email":"is2ei.horie@gmail.com","url":null,"packages_count":17,"html_url":"https://www.npmjs.com/~is2ei","role":null,"created_at":"2022-11-15T17:45:12.712Z","updated_at":"2022-11-15T17:45:12.712Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/is2ei/packages"},{"uuid":"gurgunday","login":"gurgunday","name":null,"email":"gurgun.dayioglu@icloud.com","url":null,"packages_count":161,"html_url":"https://www.npmjs.com/~gurgunday","role":null,"created_at":"2023-09-06T08:53:02.194Z","updated_at":"2023-09-06T08:53:02.194Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/gurgunday/packages"}],"registry":{"name":"npmjs.org","url":"https://registry.npmjs.org","ecosystem":"npm","default":true,"packages_count":5006545,"maintainers_count":1012936,"namespaces_count":295512,"keywords_count":700181,"github":"npm","metadata":{"funded_packages_count":150239},"icon_url":"https://github.com/npm.png","created_at":"2022-04-04T15:19:23.081Z","updated_at":"2025-06-06T05:58:05.971Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/namespaces"}},"unique_repositories_count":176,"unique_repositories_count_past_30_days":11,"recent_issues":[{"uuid":"4666489095","node_id":"PR_kwDORLmYbs7mm42w","number":308,"state":"open","title":"chore(deps): bump the minor-and-patch group across 1 directory with 11 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T15:27:40.000Z","updated_at":"2026-06-15T15:29:36.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"minor-and-patch","update_count":11,"packages":[{"name":"@fastify/static","old_version":"9.1.1","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"},{"name":"@asyncapi/cli","old_version":"6.0.0","new_version":"6.0.2","repository_url":"https://github.com/asyncapi/cli"},{"name":"@playwright/test","old_version":"1.59.1","new_version":"1.61.0","repository_url":"https://github.com/microsoft/playwright"},{"name":"@types/node","old_version":"25.6.0","new_version":"25.9.3","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"@types/vscode","old_version":"1.116.0","new_version":"1.120.0","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"esbuild","old_version":"0.28.0","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"},{"name":"eslint","old_version":"10.2.0","new_version":"10.5.0","repository_url":"https://github.com/eslint/eslint"},{"name":"knip","old_version":"6.4.1","new_version":"6.16.1","repository_url":"https://github.com/webpro-nl/knip"},{"name":"prettier","old_version":"3.8.3","new_version":"3.8.4","repository_url":"https://github.com/prettier/prettier"},{"name":"tsx","old_version":"4.21.0","new_version":"4.22.4","repository_url":"https://github.com/privatenumber/tsx"},{"name":"typescript-eslint","old_version":"8.58.2","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"}],"path":null,"ecosystem":"npm"},"body":"Bumps the minor-and-patch group with 11 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `9.1.1` | `9.1.3` |\n| [@asyncapi/cli](https://github.com/asyncapi/cli) | `6.0.0` | `6.0.2` |\n| [@playwright/test](https://github.com/microsoft/playwright) | `1.59.1` | `1.61.0` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.6.0` | `25.9.3` |\n| [@types/vscode](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/vscode) | `1.116.0` | `1.120.0` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.28.0` | `0.28.1` |\n| [eslint](https://github.com/eslint/eslint) | `10.2.0` | `10.5.0` |\n| [knip](https://github.com/webpro-nl/knip/tree/HEAD/packages/knip) | `6.4.1` | `6.16.1` |\n| [prettier](https://github.com/prettier/prettier) | `3.8.3` | `3.8.4` |\n| [tsx](https://github.com/privatenumber/tsx) | `4.21.0` | `4.22.4` |\n| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.58.2` | `8.61.0` |\n\n\nUpdates `@fastify/static` from 9.1.1 to 9.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: support wildcard prefixes with route params by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/576\"\u003efastify/fastify-static#576\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: resolve wildcard paths in encapsulated contexts by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/574\"\u003efastify/fastify-static#574\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/880c1a6c9118c7ff7c74a5727e5697237183d5cf\"\u003e\u003ccode\u003e880c1a6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/7f92da5bf2366ccd2e0082e77d5222a7cb47d152\"\u003e\u003ccode\u003e7f92da5\u003c/code\u003e\u003c/a\u003e fix: support wildcard prefixes with route params (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/b0a66d5270a1ee1535e0c786d9beac2c7c7619c6\"\u003e\u003ccode\u003eb0a66d5\u003c/code\u003e\u003c/a\u003e Bumped v9.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/32af86372ab45d3799408d5b56fc7f7d3003e5de\"\u003e\u003ccode\u003e32af863\u003c/code\u003e\u003c/a\u003e fix: resolve wildcard paths in encapsulated contexts (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@asyncapi/cli` from 6.0.0 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/asyncapi/cli/releases\"\u003e@​asyncapi/cli's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec3a77ba: fix: skip request body validation gracefully instead of throwing error for unsupported paths\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ee6e6c95: Fix GitHub URL parsing for branches with slashes and file extension detection for multi-dot filenames\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/asyncapi/cli/blob/master/CHANGELOG.md\"\u003e@​asyncapi/cli's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.0.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec3a77ba: fix: skip request body validation gracefully instead of throwing error for unsupported paths\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ee6e6c95: Fix GitHub URL parsing for branches with slashes and file extension detection for multi-dot filenames\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asyncapi/cli/commit/fb73ff3a429c1bc6a14c1b89f12601288677b9fa\"\u003e\u003ccode\u003efb73ff3\u003c/code\u003e\u003c/a\u003e chore(release): release and bump versions of packages (\u003ca href=\"https://redirect.github.com/asyncapi/cli/issues/2234\"\u003e#2234\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asyncapi/cli/commit/c3a77ba3dbc5ebaa5732a3e50da1ce7f9aed9bcd\"\u003e\u003ccode\u003ec3a77ba\u003c/code\u003e\u003c/a\u003e fix: request body validation is skipped for some paths or HTTP methods (\u003ca href=\"https://redirect.github.com/asyncapi/cli/issues/2205\"\u003e#2205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asyncapi/cli/commit/6cc220f1be6e883d4a1995570d0cb43f7fc60a4f\"\u003e\u003ccode\u003e6cc220f\u003c/code\u003e\u003c/a\u003e chore(release): release and bump versions of packages (\u003ca href=\"https://redirect.github.com/asyncapi/cli/issues/2233\"\u003e#2233\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asyncapi/cli/commit/204343d08e0a3429bf4dc71c27eaa3f83c4bb36e\"\u003e\u003ccode\u003e204343d\u003c/code\u003e\u003c/a\u003e chore(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.6.0 to 1.9.1 in /.github/workflows/scr...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asyncapi/cli/commit/14a66dbf247e703c1864a7a24630a83c98d5afa5\"\u003e\u003ccode\u003e14a66db\u003c/code\u003e\u003c/a\u003e chore(deps): bump path-to-regexp from 8.3.0 to 8.4.2 (\u003ca href=\"https://redirect.github.com/asyncapi/cli/issues/2100\"\u003e#2100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asyncapi/cli/commit/e6e6c95292b677f310daaa8eb903953b6508cbbd\"\u003e\u003ccode\u003ee6e6c95\u003c/code\u003e\u003c/a\u003e fix: cli fails when with slash-based branches  (\u003ca href=\"https://redirect.github.com/asyncapi/cli/issues/2216\"\u003e#2216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asyncapi/cli/commit/52361266e7a31ce292dc036b1487d442f5fbf4c8\"\u003e\u003ccode\u003e5236126\u003c/code\u003e\u003c/a\u003e ci: update of files from global .github repo (\u003ca href=\"https://redirect.github.com/asyncapi/cli/issues/2232\"\u003e#2232\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asyncapi/cli/commit/68ecaca24ea80c044c1e49083ecd76e609f089ce\"\u003e\u003ccode\u003e68ecaca\u003c/code\u003e\u003c/a\u003e ci: update of files from global .github repo (\u003ca href=\"https://redirect.github.com/asyncapi/cli/issues/2231\"\u003e#2231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asyncapi/cli/commit/ca8a24e22cb8c6f508d2ad705f422094bb754af5\"\u003e\u003ccode\u003eca8a24e\u003c/code\u003e\u003c/a\u003e ci: update of files from global .github repo (\u003ca href=\"https://redirect.github.com/asyncapi/cli/issues/2230\"\u003e#2230\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asyncapi/cli/commit/1142aa58f3af9582c45edbbb7faf2e7fdbb7e2b0\"\u003e\u003ccode\u003e1142aa5\u003c/code\u003e\u003c/a\u003e ci: update of files from global .github repo (\u003ca href=\"https://redirect.github.com/asyncapi/cli/issues/2220\"\u003e#2220\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/asyncapi/cli/compare/v6.0.0...v6.0.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@playwright/test` from 1.59.1 to 1.61.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/microsoft/playwright/releases\"\u003e@​playwright/test's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.61.0\u003c/h2\u003e\n\u003ch2\u003e🔑 WebAuthn passkeys\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-credentials\"\u003eCredentials\u003c/a\u003e virtual authenticator, available via \u003ca href=\"https://playwright.dev/docs/api/class-browsercontext#browser-context-credentials\"\u003ebrowserContext.credentials\u003c/a\u003e, lets tests register passkeys and answer \u003ccode\u003enavigator.credentials.create()\u003c/code\u003e / \u003ccode\u003enavigator.credentials.get()\u003c/code\u003e ceremonies in the page — no real hardware key required, works in all browsers:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003econst context = await browser.newContext();\r\n\u003cp\u003e// Seed a passkey your backend provisioned for a test user.\u003cbr /\u003e\nawait context.credentials.create('example.com', {\u003cbr /\u003e\nid: credentialId,\u003cbr /\u003e\nuserHandle,\u003cbr /\u003e\nprivateKey,\u003cbr /\u003e\npublicKey,\u003cbr /\u003e\n});\u003cbr /\u003e\nawait context.credentials.install();\u003c/p\u003e\n\u003cp\u003econst page = await context.newPage();\u003cbr /\u003e\nawait page.goto('\u003ca href=\"https://example.com/login\"\u003ehttps://example.com/login\u003c/a\u003e');\u003cbr /\u003e\n// The page's navigator.credentials.get() is answered with the seeded passkey.\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eYou can also let the app register a passkey once in a setup test, read it back with \u003ca href=\"https://playwright.dev/docs/api/class-credentials#credentials-get\"\u003ecredentials.get()\u003c/a\u003e, and seed it into later tests — see \u003ca href=\"https://playwright.dev/docs/api/class-credentials\"\u003eCredentials\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003e🗃️ Web Storage\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-webstorage\"\u003eWebStorage\u003c/a\u003e API, available via \u003ca href=\"https://playwright.dev/docs/api/class-page#page-local-storage\"\u003epage.localStorage\u003c/a\u003e and \u003ca href=\"https://playwright.dev/docs/api/class-page#page-session-storage\"\u003epage.sessionStorage\u003c/a\u003e, reads and writes the page's storage for the current origin:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait page.localStorage.setItem('token', 'abc');\r\nconst token = await page.localStorage.getItem('token');\r\nconst items = await page.sessionStorage.items();\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eNew APIs\u003c/h2\u003e\n\u003ch3\u003eNetwork\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://playwright.dev/docs/api/class-apiresponse#api-response-security-details\"\u003eapiResponse.securityDetails()\u003c/a\u003e and \u003ca href=\"https://playwright.dev/docs/api/class-apiresponse#api-response-server-addr\"\u003eapiResponse.serverAddr()\u003c/a\u003e mirror the browser-side \u003ca href=\"https://playwright.dev/docs/api/class-response#response-security-details\"\u003eresponse.securityDetails()\u003c/a\u003e and \u003ca href=\"https://playwright.dev/docs/api/class-response#response-server-addr\"\u003eresponse.serverAddr()\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBrowser and Screencast\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNew option \u003ccode\u003eartifactsDir\u003c/code\u003e in \u003ca href=\"https://playwright.dev/docs/api/class-browsertype#browser-type-connect-over-cdp\"\u003ebrowserType.connectOverCDP()\u003c/a\u003e controls where artifacts such as traces and downloads are stored when attached to an existing browser.\u003c/li\u003e\n\u003cli\u003eNew option \u003ccode\u003ecursor\u003c/code\u003e in \u003ca href=\"https://playwright.dev/docs/api/class-screencast#screencast-show-actions\"\u003escreencast.showActions()\u003c/a\u003e controls the cursor decoration rendered for pointer actions.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eonFrame\u003c/code\u003e callback in \u003ca href=\"https://playwright.dev/docs/api/class-screencast#screencast-start\"\u003escreencast.start()\u003c/a\u003e now receives a \u003ccode\u003etimestamp\u003c/code\u003e of when the frame was presented by the browser.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTest runner\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ca href=\"https://playwright.dev/docs/api/class-testoptions#test-options-video\"\u003etestOptions.video\u003c/a\u003e option now supports the same set of modes as \u003ccode\u003etrace\u003c/code\u003e: new \u003ccode\u003e'on-all-retries'\u003c/code\u003e, \u003ccode\u003e'retain-on-first-failure'\u003c/code\u003e and \u003ccode\u003e'retain-on-failure-and-retries'\u003c/code\u003e values. See the \u003ca href=\"https://playwright.dev/docs/test-use-options#video-modes\"\u003evideo modes table\u003c/a\u003e for which runs are recorded and kept in each mode.\u003c/li\u003e\n\u003cli\u003eSupported \u003ccode\u003eexpect.soft.poll(...)\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-fullconfig#full-config-argv\"\u003efullConfig.argv\u003c/a\u003e — a snapshot of \u003ccode\u003eprocess.argv\u003c/code\u003e from the runner process, handy for reading custom arguments passed after the \u003ccode\u003e--\u003c/code\u003e separator.\u003c/li\u003e\n\u003cli\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-fullconfig#full-config-fail-on-flaky-tests\"\u003efullConfig.failOnFlakyTests\u003c/a\u003e mirrors the config option, so reporters can explain why a flaky run failed.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://playwright.dev/docs/api/class-testinfo#test-info-errors\"\u003etestInfo.errors\u003c/a\u003e now lists each sub-error of an \u003ccode\u003eAggregateError\u003c/code\u003e as a separate entry.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/1cc5a90cfa3eaa430b1a991963100f95126caa47\"\u003e\u003ccode\u003e1cc5a90\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/41295\"\u003e#41295\u003c/a\u003e): chore: PLAYWRIGHT_TRACING_NO_WEBSOCKET_FRAMES and PLAYWR...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/a6772bdede34028cbbd417a3b3d778801899e870\"\u003e\u003ccode\u003ea6772bd\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/41280\"\u003e#41280\u003c/a\u003e): Revert \u0026quot;fix(trace-viewer): add keyboard navigation to `N...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/8133dcf97d52818d36022ed37797a616ff6cb934\"\u003e\u003ccode\u003e8133dcf\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/41283\"\u003e#41283\u003c/a\u003e): docs: add Ubuntu 26.04 and Node.js 26.x to system requir...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/812432e070afec9e44d22e95915f975965b7d5b7\"\u003e\u003ccode\u003e812432e\u003c/code\u003e\u003c/a\u003e chore: mark v1.61.0 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/41277\"\u003e#41277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/ac05145c8d9eb1303c8f3bfd4d860b6d1ca261ae\"\u003e\u003ccode\u003eac05145\u003c/code\u003e\u003c/a\u003e fix(fetch): report serverAddr and securityDetails for reused sockets (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/41267\"\u003e#41267\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/056efc9f5c0a870d0944e53a835d6283a77f200f\"\u003e\u003ccode\u003e056efc9\u003c/code\u003e\u003c/a\u003e fix(trace-viewer): add keyboard navigation to \u003ccode\u003eNetworkFilters\u003c/code\u003e component (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/41\"\u003e#41\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/41f7b9a0db0d1ada12ff0d9244393eea8f81b796\"\u003e\u003ccode\u003e41f7b9a\u003c/code\u003e\u003c/a\u003e chore: fixes uncovered by the .NET 1.61 roll (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/41266\"\u003e#41266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/ba507783ae48724a1882f6423d8e8ec208bf366a\"\u003e\u003ccode\u003eba50778\u003c/code\u003e\u003c/a\u003e fix(mcp): assign caps as array for legacy --vision flag (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/41253\"\u003e#41253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/b8ee5ae27fd068e3744852209dfcb5c1a142909f\"\u003e\u003ccode\u003eb8ee5ae\u003c/code\u003e\u003c/a\u003e docs: release notes for v1.61 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/41261\"\u003e#41261\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/49c1f694c9bc06c9d1f6966afe8b6dfd4f388b3e\"\u003e\u003ccode\u003e49c1f69\u003c/code\u003e\u003c/a\u003e fix(trace viewer): load trace from a local file (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/41263\"\u003e#41263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/playwright/compare/v1.59.1...v1.61.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 25.6.0 to 25.9.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/vscode` from 1.116.0 to 1.120.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/vscode\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.28.0 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\n{\n  using x = new Resource()\n  x.activate()\n}\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nnew (foo()`bar`)()\nnew (foo()?.bar)()\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.28.0...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eslint` from 10.2.0 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint/eslint/releases\"\u003eeslint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.5.0\u003c/h2\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/5ca8c5278edea1fd84d3ba83d8ea3f52fb3831ad\"\u003e\u003ccode\u003e5ca8c52\u003c/code\u003e\u003c/a\u003e feat: correct stack tracking in max-nested-callbacks (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20973\"\u003e#20973\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b5657837604fa5e8cf1278074782025cadd34b6c\"\u003e\u003ccode\u003eb565783\u003c/code\u003e\u003c/a\u003e feat: report no-with violations at the with keyword (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20971\"\u003e#20971\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/2ce032fbc72a1a80c024c084a4f382fb6dece684\"\u003e\u003ccode\u003e2ce032f\u003c/code\u003e\u003c/a\u003e feat: report max-lines-per-function violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20966\"\u003e#20966\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/732cb3e09d5b8b809b5f461d118a5d9fdcd6427f\"\u003e\u003ccode\u003e732cb3e\u003c/code\u003e\u003c/a\u003e feat: report max-nested-callbacks violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20967\"\u003e#20967\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f9c138a0ba7d8e37aed39aef4a3ff1cae8c669f7\"\u003e\u003ccode\u003ef9c138a\u003c/code\u003e\u003c/a\u003e feat: report max-depth violations on keywords (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20943\"\u003e#20943\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/bdb496cc0d54b6d0a023aef9abd5f040ccff2101\"\u003e\u003ccode\u003ebdb496c\u003c/code\u003e\u003c/a\u003e feat: correct max-depth handling for else-if chains (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20944\"\u003e#20944\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c29687354a7f96093f57f7d73eecb866ad5e2953\"\u003e\u003ccode\u003ec296873\u003c/code\u003e\u003c/a\u003e feat: update error loc in \u003ccode\u003emax-statements\u003c/code\u003e to function header (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20907\"\u003e#20907\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/8ae1b5b856dc031cd6c701d89a4df7da4772cd56\"\u003e\u003ccode\u003e8ae1b5b\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/ca7eb90127dcad917188bb1342623f02a272e781\"\u003e\u003ccode\u003eca7eb90\u003c/code\u003e\u003c/a\u003e docs: update Node.js prerequisites to include ICU support (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20962\"\u003e#20962\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f99b47a6799be25321552402a49303bb06a43fe4\"\u003e\u003ccode\u003ef99b47a\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/acf03d4eed31d259c7dc62af5b9640629784f7cc\"\u003e\u003ccode\u003eacf03d4\u003c/code\u003e\u003c/a\u003e docs: clarify precedence of parserOptions over languageOptions (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20926\"\u003e#20926\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b18bf58c5ac748415ffffdff2d96980fbd6a57e8\"\u003e\u003ccode\u003eb18bf58\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20959\"\u003e#20959\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c2d1444df77cb42e5a0b89ab70496879d180a54d\"\u003e\u003ccode\u003ec2d1444\u003c/code\u003e\u003c/a\u003e refactor: replace areAllSegmentsUnreachable with !isAnySegmentReachable (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20951\"\u003e#20951\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/243b8c56014bbbe63771185b0731d8dd4d1316e9\"\u003e\u003ccode\u003e243b8c5\u003c/code\u003e\u003c/a\u003e chore: enhance config-rule to support oneOf, anyOf, and nested schemas (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20788\"\u003e#20788\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/217b2a91f46137c5ffd693965e71306c4c15ea6b\"\u003e\u003ccode\u003e217b2a9\u003c/code\u003e\u003c/a\u003e test: add unit tests for ParserService (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20949\"\u003e#20949\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/72003e781d76bd4ee0d98a6601730d0b829070f9\"\u003e\u003ccode\u003e72003e7\u003c/code\u003e\u003c/a\u003e test: add location information to error messages in \u003ccode\u003emax-statements\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20945\"\u003e#20945\u003c/a\u003e) (lumir)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/7797c266977b0bc4971aa79721813d480de72cd1\"\u003e\u003ccode\u003e7797c26\u003c/code\u003e\u003c/a\u003e refactor: deduplicate isAnySegmentReachable across rules (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20890\"\u003e#20890\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/67c46fa6e4f34e88cc6bc82f8a0dcc917c65d257\"\u003e\u003ccode\u003e67c46fa\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20938\"\u003e#20938\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/95d8c7a99f991abd8ab618d0ee2cbd4f58effc29\"\u003e\u003ccode\u003e95d8c7a\u003c/code\u003e\u003c/a\u003e chore: update dependency \u003ccode\u003e@​eslint/json\u003c/code\u003e to v2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20934\"\u003e#20934\u003c/a\u003e) (renovate[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/cf9e496205142cd4971b9f98aed85866d1010b9c\"\u003e\u003ccode\u003ecf9e496\u003c/code\u003e\u003c/a\u003e chore: update \u003ccode\u003e@​arethetypeswrong/cli\u003c/code\u003e to 0.18.3 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20933\"\u003e#20933\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/fb6d3960cacc51fc12383fa5ded2382adbf90c1c\"\u003e\u003ccode\u003efb6d396\u003c/code\u003e\u003c/a\u003e test: run type tests with TypeScript 7 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20868\"\u003e#20868\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.4.1\u003c/h2\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e557467db7496220eebcbe2ac5ea6d38c12bb1ec\"\u003e\u003ccode\u003ee557467\u003c/code\u003e\u003c/a\u003e fix: update \u003ccode\u003e@eslint/plugin-kit\u003c/code\u003e version to 0.7.2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20930\"\u003e#20930\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d4ce898796ca22c3b96aa70d3014cb85f4bac1cd\"\u003e\u003ccode\u003ed4ce898\u003c/code\u003e\u003c/a\u003e fix: propagate failures from delegated commands (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20917\"\u003e#20917\u003c/a\u003e) (Minh Vu)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f4f3507460bc016b5be979c05d2969793f570cbf\"\u003e\u003ccode\u003ef4f3507\u003c/code\u003e\u003c/a\u003e fix: prefer-arrow-callback invalid autofix with newline after \u003ccode\u003easync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20916\"\u003e#20916\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c5bc78b37e08b9054a11f0cc2d81808bb24acb85\"\u003e\u003ccode\u003ec5bc78b\u003c/code\u003e\u003c/a\u003e fix: false positive for reference in \u003ccode\u003efinally\u003c/code\u003e block (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20655\"\u003e#20655\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/27538c01f5df4e9306f6f4ba867b2dd6307fae59\"\u003e\u003ccode\u003e27538c0\u003c/code\u003e\u003c/a\u003e fix: add missing CodePath and CodePathSegment types (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20853\"\u003e#20853\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/61b0add61ffc52665562be7bb96f526690a78b30\"\u003e\u003ccode\u003e61b0add\u003c/code\u003e\u003c/a\u003e docs: remove deprecated rule from related rules of \u003ccode\u003emax-params\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20921\"\u003e#20921\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/305d5b91aeac24d36fde42f75625a8f183d4ce43\"\u003e\u003ccode\u003e305d5b9\u003c/code\u003e\u003c/a\u003e docs: remove deprecated rules from related rules section (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20911\"\u003e#20911\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/49b0202d01918b8061720d586dffd7c68047090c\"\u003e\u003ccode\u003e49b0202\u003c/code\u003e\u003c/a\u003e docs: fix \u003ccode\u003edisplay: none\u003c/code\u003e of ad (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20901\"\u003e#20901\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/9067f9492ec998afc5b4f057a477ecf6ebd45e44\"\u003e\u003ccode\u003e9067f94\u003c/code\u003e\u003c/a\u003e docs: switch build to Node.js 24 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20893\"\u003e#20893\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c91b0417e3420c76807ce1fa2aea76e2de87ab86\"\u003e\u003ccode\u003ec91b041\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e349265cb37f3ebc837e178e48a725bb782bd870\"\u003e\u003ccode\u003ee349265\u003c/code\u003e\u003c/a\u003e docs: clarify semver strings in rule deprecation objects (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20885\"\u003e#20885\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b0e466b6ab47bfc7de43d8de0c315d8ee83aa584\"\u003e\u003ccode\u003eb0e466b\u003c/code\u003e\u003c/a\u003e test: add \u003ccode\u003edata\u003c/code\u003e property to invalid tests cases for rules (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20924\"\u003e#20924\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f78838bc4c86d487e1bcc7cede260c4467721c46\"\u003e\u003ccode\u003ef78838b\u003c/code\u003e\u003c/a\u003e test: add CodePath type coverage (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20904\"\u003e#20904\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1daa4bd734b79a62e317d0394394a6b38cff49f9\"\u003e\u003ccode\u003e1daa4bd\u003c/code\u003e\u003c/a\u003e chore: update \u003ccode\u003eeslint-plugin-eslint-comments\u003c/code\u003e test data to latest commit (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20922\"\u003e#20922\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/002942ce988ea28b78e0a2f3b074081e638b552c\"\u003e\u003ccode\u003e002942c\u003c/code\u003e\u003c/a\u003e ci: declare contents:read on update-readme workflow (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20919\"\u003e#20919\u003c/a\u003e) (Arpit Jain)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/64bca24e7bed35bc3c864fc625cb2d89eca87d5b\"\u003e\u003ccode\u003e64bca24\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20912\"\u003e#20912\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/de3b672a267e32607db04176ce4775664acb3145\"\u003e\u003ccode\u003ede3b672\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/362a5185134290db696d39f97c9da609ded54040\"\u003e\u003ccode\u003e362a518\u003c/code\u003e\u003c/a\u003e Build: changelog update for 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/5ca8c5278edea1fd84d3ba83d8ea3f52fb3831ad\"\u003e\u003ccode\u003e5ca8c52\u003c/code\u003e\u003c/a\u003e feat: correct stack tracking in max-nested-callbacks (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20973\"\u003e#20973\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b5657837604fa5e8cf1278074782025cadd34b6c\"\u003e\u003ccode\u003eb565783\u003c/code\u003e\u003c/a\u003e feat: report no-with violations at the with keyword (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20971\"\u003e#20971\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/2ce032fbc72a1a80c024c084a4f382fb6dece684\"\u003e\u003ccode\u003e2ce032f\u003c/code\u003e\u003c/a\u003e feat: report max-lines-per-function violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20966\"\u003e#20966\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/732cb3e09d5b8b809b5f461d118a5d9fdcd6427f\"\u003e\u003ccode\u003e732cb3e\u003c/code\u003e\u003c/a\u003e feat: report max-nested-callbacks violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20967\"\u003e#20967\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f9c138a0ba7d8e37aed39aef4a3ff1cae8c669f7\"\u003e\u003ccode\u003ef9c138a\u003c/code\u003e\u003c/a\u003e feat: report max-depth violations on keywords (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20943\"\u003e#20943\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/8ae1b5b856dc031cd6c701d89a4df7da4772cd56\"\u003e\u003ccode\u003e8ae1b5b\u003c/code\u003e\u003c/a\u003e docs: Update README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/ca7eb90127dcad917188bb1342623f02a272e781\"\u003e\u003ccode\u003eca7eb90\u003c/code\u003e\u003c/a\u003e docs: update Node.js prerequisites to include ICU support (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20962\"\u003e#20962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b18bf58c5ac748415ffffdff2d96980fbd6a57e8\"\u003e\u003ccode\u003eb18bf58\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20959\"\u003e#20959\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eslint/eslint/compare/v10.2.0...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `knip` from 6.4.1 to 6.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpro-nl/knip/releases\"\u003eknip's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease 6.16.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eResolve SvelteKit ./$types in monorepos (resolve \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1778\"\u003e#1778\u003c/a\u003e) (370ef4cefec6540ee7d58249cc402f479ec76405)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 6.16.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate sponsors data + fix sponsors layout on narrow screen (fadf13aad5ebc36f7bc2fbc7615bfa77681d3660)\u003c/li\u003e\n\u003cli\u003eDetect binaries and entry files in node:child_process calls (fc3598cfac640a2ae53b0113883574bf15bc5d47)\u003c/li\u003e\n\u003cli\u003eIt works™ (2d9ce845121484ef3ff84e4a761cfd98891d6c09)\u003c/li\u003e\n\u003cli\u003eExtend known issues doc w/ workaround (close \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1763\"\u003e#1763\u003c/a\u003e) (fcd444bf4c6b2ddc5d7bb0ebfd6f3991cf5d0be2)\u003c/li\u003e\n\u003cli\u003eSupport ignoreExportsUsedInFile per workspace (close \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1495\"\u003e#1495\u003c/a\u003e) (4b898a971105d865d86d4dc81bc694721bff8793)\u003c/li\u003e\n\u003cli\u003efeat(vscode): add \u003ccode\u003eworkspaceRoot\u003c/code\u003e config option to enable use in a VSCode workspace that does not have package.json at the workspace root (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1667\"\u003e#1667\u003c/a\u003e) (7c1ebef6ab6d1c5a7f2f920d4243241246b53f4b) - thanks \u003ca href=\"https://github.com/anmilleriii\"\u003e\u003ccode\u003e@​anmilleriii\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReplace minimist with node:util.parseArgs (resolve \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1492\"\u003e#1492\u003c/a\u003e) (b360c5ce1acfbb2cbd5f4e92ecca6c9b461ae094)\u003c/li\u003e\n\u003cli\u003ePreserve minimist numeric coercion and --no-x negation (c12153ce0601378354421e454a6b6bbab74ae9fb)\u003c/li\u003e\n\u003cli\u003eSimplify parseArgs adapter (ba15e413be7515620e4224b21483a1a87659dc34)\u003c/li\u003e\n\u003cli\u003eDetect and credit registered custom elements (resolve \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1394\"\u003e#1394\u003c/a\u003e) (62dcda5fa46ccf6bdd94175b725fd38678049319)\u003c/li\u003e\n\u003cli\u003eAdd Lit and FAST plugins to detect \u003ca href=\"https://github.com/customElement\"\u003e\u003ccode\u003e@​customElement\u003c/code\u003e\u003c/a\u003e classes (348d2c9decf09bb61ab47477bc6cc57e4b089ec3)\u003c/li\u003e\n\u003cli\u003eAdd new testimonials (77fd7ed7dffaccfa8bc024105fe81dbe09b70671)\u003c/li\u003e\n\u003cli\u003eScope custom path aliases per workspace (resolve \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1775\"\u003e#1775\u003c/a\u003e) (d908099b52e4fd93b7947bafecbabeddfc7847f3)\u003c/li\u003e\n\u003cli\u003eRestructure tests (ec4c77941d42aef54bed9e4dd1cae8e8784aa147)\u003c/li\u003e\n\u003cli\u003eSimplify boolean check in parseArgs adapter (ba6865de03785eb49b2adf833f7f769eece78d49)\u003c/li\u003e\n\u003cli\u003eScope static custom-element define detection to the FAST plugin (94632cddd15f75eadd204cb480b3df6c1f2a842d)\u003c/li\u003e\n\u003cli\u003eAdd Custom Elements feature docs page (230bd734652f3a269b70da09cd26ac7e80a210cd)\u003c/li\u003e\n\u003cli\u003eUpdate known-issues.md (f1f4c1bceef9a6575d7b31cc1340538ea894f824)\u003c/li\u003e\n\u003cli\u003eFix crash on backtick string literals in plugin config (resolve \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1776\"\u003e#1776\u003c/a\u003e) (f1adc7fbd68fc52a89a4d2a4d6b17d905d051de7)\u003c/li\u003e\n\u003cli\u003eFormat (e4720cab435be48e1a40afa8c548e21bdb74b14e)\u003c/li\u003e\n\u003cli\u003eFix backtick string literals in require() and plugin-name config arrays (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1776\"\u003e#1776\u003c/a\u003e) (d14eb053331daaaeaec89c3c8e04cfeeba7580af)\u003c/li\u003e\n\u003cli\u003eCredit custom elements via aliases, scoped registries, and static blocks (d7cbe12bd904f65b20016bdd2dfd4a5d7c5c1524)\u003c/li\u003e\n\u003cli\u003eImprove Stencil plugin: credit \u003ca href=\"https://github.com/Component\"\u003e\u003ccode\u003e@​Component\u003c/code\u003e\u003c/a\u003e and recognize test files (152d73052f87f29b348abbab90e117cfb97dd69b)\u003c/li\u003e\n\u003cli\u003eAdd Catalyst plugin to credit bare \u003ca href=\"https://github.com/controller\"\u003e\u003ccode\u003e@​controller\u003c/code\u003e\u003c/a\u003e custom elements (8a37f8c25b03cd4e55bd18ba822906be35fcd97b)\u003c/li\u003e\n\u003cli\u003eDocument Stencil, Catalyst, static-block custom el reg. (105fba3a829f1cf4cf871035dbc9c170b0de7bc1)\u003c/li\u003e\n\u003cli\u003eAuto-format md (f4fcf4e1c6a399d761151fc367125416e7741675)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 6.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReport exported type used only in inferred-return function body (resolve \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1765\"\u003e#1765\u003c/a\u003e) (2413408753f7abc7a9dfdba520990afd18c53ee0)\u003c/li\u003e\n\u003cli\u003eWork that EXPORTS.md again (7e13451fab7ad85362fb63a4715ea450690aedef)\u003c/li\u003e\n\u003cli\u003eUpdate npmx ecosystem snapshot (dfc401145a880f156c66eb83ea1622a99540304a)\u003c/li\u003e\n\u003cli\u003eLink \u003ccode\u003edependencies\u003c/code\u003e key with notes (closes \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1764\"\u003e#1764\u003c/a\u003e) (e3e66cea9e946558940bf8705129efea3f23b3ba)\u003c/li\u003e\n\u003cli\u003eResolve tsconfig paths when loading plugin configs (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1762\"\u003e#1762\u003c/a\u003e) (0177c7466559e2ae99b5e1cd1e3a8043ca494edc) - thanks \u003ca href=\"https://github.com/jakeleventhal\"\u003e\u003ccode\u003e@​jakeleventhal\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eAvoid caching failed plugin config loads (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1768\"\u003e#1768\u003c/a\u003e) (5e201cde9b1ba2568ead2ae790ab888c966828ae) - thanks \u003ca href=\"https://github.com/jakeleventhal\"\u003e\u003ccode\u003e@​jakeleventhal\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eResolve extensionless .sass imports in SCSS compiler (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1770\"\u003e#1770\u003c/a\u003e) (30c22835383b2355787cc2a871b22de80ff75544) - thanks \u003ca href=\"https://github.com/sebacardello\"\u003e\u003ccode\u003e@​sebacardello\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003efix(vite): detect inline module script entry points in index.html (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1772\"\u003e#1772\u003c/a\u003e) (51f4eddc9e1b2fed1ba25e81fc596e9fb514ce01) - thanks \u003ca href=\"https://github.com/lucas-spin\"\u003e\u003ccode\u003e@​lucas-spin\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eHarden vite inline module script import detection (b8abcfd2f4f5486aea08a934514bc55de86be030)\u003c/li\u003e\n\u003cli\u003eUse RecordableHistogram for timerified function stats (d575c6905704af1b0b4620edd874fc09bc86ed28)\u003c/li\u003e\n\u003cli\u003eAdd orval plugin (resolves \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1751\"\u003e#1751\u003c/a\u003e) (4c82aa82c2a02fbda27a316389f210d11621f8cb)\u003c/li\u003e\n\u003cli\u003eAdd treatTagHintsAsErrors and --no-tag-hints (resolves \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1767\"\u003e#1767\u003c/a\u003e) (4b6a573e0c1e0daf65c76c32f7336ea71db6bb64)\u003c/li\u003e\n\u003cli\u003eAdd nano-spawn plugin (resolves \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1769\"\u003e#1769\u003c/a\u003e) (b2cad06dfd9958485537c5545c6c497fc8823ac3)\u003c/li\u003e\n\u003cli\u003eSimplify glob cache validation and ignore-list assembly (df1a9603a5ea8ed7bad9588bf13672cedf37c90e)\u003c/li\u003e\n\u003cli\u003eDedupe ignore-pattern collection and dependency fixing (d49b626ad6736d7123d44568ef8c42a3e1d28aa3)\u003c/li\u003e\n\u003cli\u003eSimplify installed-binaries collection in manifest metadata (55143941eebbc8dac12c79b77c1f65a8b61dfbef)\u003c/li\u003e\n\u003cli\u003eFlatten control flow in ConfigurationChief (010d5709b0f9a3adc5ebe6e7169b9f5c4f29abc5)\u003c/li\u003e\n\u003cli\u003eInline trivial installed-binaries and types-included accessors (b5afb9f29e3474eee4bf276c1de83cb0682a5663)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/a3169ec99b4708d7199ed9c38682a7f5f0639b1c\"\u003e\u003ccode\u003ea3169ec\u003c/code\u003e\u003c/a\u003e Release knip@6.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/370ef4cefec6540ee7d58249cc402f479ec76405\"\u003e\u003ccode\u003e370ef4c\u003c/code\u003e\u003c/a\u003e Resolve SvelteKit ./$types in monorepos (resolve \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1778\"\u003e#1778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/e9a5a64f6d551ceef0bb6667e2c2582b94a77c4f\"\u003e\u003ccode\u003ee9a5a64\u003c/code\u003e\u003c/a\u003e Release knip@6.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/8a37f8c25b03cd4e55bd18ba822906be35fcd97b\"\u003e\u003ccode\u003e8a37f8c\u003c/code\u003e\u003c/a\u003e Add Catalyst plugin to credit bare \u003ca href=\"https://github.com/controller\"\u003e\u003ccode\u003e@​controller\u003c/code\u003e\u003c/a\u003e custom elements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/152d73052f87f29b348abbab90e117cfb97dd69b\"\u003e\u003ccode\u003e152d730\u003c/code\u003e\u003c/a\u003e Improve Stencil plugin: credit \u003ca href=\"https://github.com/Component\"\u003e\u003ccode\u003e@​Component\u003c/code\u003e\u003c/a\u003e and recognize test files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/d7cbe12bd904f65b20016bdd2dfd4a5d7c5c1524\"\u003e\u003ccode\u003ed7cbe12\u003c/code\u003e\u003c/a\u003e Credit custom elements via aliases, scoped registries, and static blocks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/d14eb053331daaaeaec89c3c8e04cfeeba7580af\"\u003e\u003ccode\u003ed14eb05\u003c/code\u003e\u003c/a\u003e Fix backtick string literals in require() and plugin-name config arrays (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1776\"\u003e#1776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/f1adc7fbd68fc52a89a4d2a4d6b17d905d051de7\"\u003e\u003ccode\u003ef1adc7f\u003c/code\u003e\u003c/a\u003e Fix crash on backtick string literals in plugin config (resolve \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1776\"\u003e#1776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/94632cddd15f75eadd204cb480b3df6c1f2a842d\"\u003e\u003ccode\u003e94632cd\u003c/code\u003e\u003c/a\u003e Scope static custom-element define detection to the FAST plugin\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/ba6865de03785eb49b2adf833f7f769eece78d49\"\u003e\u003ccode\u003eba6865d\u003c/code\u003e\u003c/a\u003e Simplify boolean check in parseArgs adapter\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/webpro-nl/knip/commits/knip@6.16.1/packages/knip\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `prettier` from 3.8.3 to 3.8.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prettier/prettier/releases\"\u003eprettier's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.8.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMarkdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (\u003ca href=\"https://redirect.github.com/prettier/prettier/pull/17746\"\u003eprettier/prettier#17746\u003c/a\u003e by \u003ca href=\"https://github.com/byplayer\"\u003e\u003ccode\u003e@​byplayer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e🔗 \u003ca href=\"https://github.com/prettier/prettier/blob/3.8.4/CHANGELOG.md#384\"\u003eChangelog\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prettier/prettier/blob/main/CHANGELOG.md\"\u003eprettier's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e3.8.4\u003c/h1\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/prettier/prettier/compare/3.8.3...3.8.4\"\u003ediff\u003c/a\u003e\u003c/p\u003e\n\u003ch4\u003eMarkdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (\u003ca href=\"https://redirect.github.com/prettier/prettier/pull/17746\"\u003e#17746\u003c/a\u003e by \u003ca href=\"https://github.com/byplayer\"\u003e\u003ccode\u003e@​byplayer\u003c/code\u003e\u003c/a\u003e)\u003c/h4\u003e\n\u003cp\u003ePrettier was removing blank lines between list items and their nested sub-lists, converting loose lists into tight lists and changing their semantic meaning.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre lang=\"markdown\"\u003e\u003ccode\u003e\u0026lt;!-- Input --\u0026gt;\n- a\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eb\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ec\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ed\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u0026lt;!-- Prettier 3.8.3 --\u0026gt;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ea\n\u003cul\u003e\n\u003cli\u003eb\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ec\n\u003cul\u003e\n\u003cli\u003ed\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u0026lt;!-- Prettier 3.8.4 --\u0026gt;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ea\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eb\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ec\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ed\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/1c6ba5539141552e0e8e22d401ea620d8fdff468\"\u003e\u003ccode\u003e1c6ba55\u003c/code\u003e\u003c/a\u003e Release 3.8.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/4a673dc9b59ddf7296bbab9822093d2971da84a8\"\u003e\u003ccode\u003e4a673dc\u003c/code\u003e\u003c/a\u003e Fix blank lines between list items and nested sub-lists being removed in Mark...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/074aaedbb052a288e89d15eb0a4214de37a08866\"\u003e\u003ccode\u003e074aaed\u003c/code\u003e\u003c/a\u003e Replace \u003ccode\u003emain\u003c/code\u003e branch in changelog link with tags (\u003ca href=\"https://redirect.github.com/prettier/prettier/issues/19054\"\u003e#19054\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/c22a003ae97917c5043e8685b4fdff0f93e978f9\"\u003e\u003ccode\u003ec22a003\u003c/code\u003e\u003c/a\u003e Bump Prettier dependency to 3.8.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/07bad1f04536e9799927007baf466e67151576f0\"\u003e\u003ccode\u003e07bad1f\u003c/code\u003e\u003c/a\u003e Clean changelog_unreleased\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/prettier/prettier/compare/3.8.3...3.8.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tsx` from 4.21.0 to 4.22.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/privatenumber/tsx/releases\"\u003etsx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.22.3...v4.22.4\"\u003e4.22.4\u003c/a\u003e (2026-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eresolve CommonJS directory requires inside dependencies (\u003ca href=\"https://redirect.github.com/privatenumber/tsx/issues/803\"\u003e#803\u003c/a\u003e) (\u003ca href=\"https://github.com/privatenumber/tsx/commit/1ce846335b7c445a3328c7d27f06424949356d97\"\u003e1ce8463\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eThis release is also available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/tsx/v/4.22.4\"\u003e\u003ccode\u003enpm package (@​latest dist-tag)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.22.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.22.2...v4.22.3\"\u003e4.22.3\u003c/a\u003e (2026-05-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edecode typed loader source (\u003ca href=\"https://github.com/privatenumber/tsx/commit/dce02fc3b8b64a58d24560714902b16f89332f1f\"\u003edce02fc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epreserve entrypoint with TypeScript preload hooks (\u003ca href=\"https://github.com/privatenumber/tsx/commit/68f72f3304d8c3ff7048bde8571af9c163fcefa2\"\u003e68f72f3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eThis release is also available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/tsx/v/4.22.3\"\u003e\u003ccode\u003enpm package (@​latest dist-tag)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.22.1...v4.22.2\"\u003e4.22.2\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epreserve CJS JSON require in ESM hooks (\u003ca href=\"https://github.com/privatenumber/tsx/commit/35b700bd8620696df03827068af29dcd0d091a60\"\u003e35b700b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epreserve named exports from CommonJS TypeScript (\u003ca href=\"https://github.com/privatenumber/tsx/commit/11de737dae1fb9dae28db3716df5b1a7e1a6a089\"\u003e11de737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport module.exports require(esm) interop (\u003ca href=\"https://github.com/privatenumber/tsx/commit/cf8f19918e4e0a0dc5ee5c52d8cc15e5e22d7c49\"\u003ecf8f199\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eThis release is also available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/tsx/v/4.22.2\"\u003e\u003ccode\u003enpm package (@​latest dist-tag)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.22.0...v4.22.1\"\u003e4.22.1\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eresolve tsconfig path aliases containing a colon (\u003ca href=\"https://redirect.github.com/privatenumber/tsx/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/privatenumber/tsx/commit/6979f28810829dc79ec9baf406e162a18b65ab4b\"\u003e6979f28\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eThis release is also available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/tsx/v/4.22.1\"\u003e\u003ccode\u003enpm package (@​latest dist-tag)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/1ce846335b7c445a3328c7d27f06424949356d97\"\u003e\u003ccode\u003e1ce8463\u003c/code\u003e\u003c/a\u003e fix: resolve CommonJS directory requires inside dependencies (\u003ca href=\"https://redirect.github.com/privatenumber/tsx/issues/803\"\u003e#803\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/dce02fc3b8b64a58d24560714902b16f89332f1f\"\u003e\u003ccode\u003edce02fc\u003c/code\u003e\u003c/a\u003e fix: decode typed loader source\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/68f72f3304d8c3ff7048bde8571af9c163fcefa2\"\u003e\u003ccode\u003e68f72f3\u003c/code\u003e\u003c/a\u003e fix: preserve entrypoint with TypeScript preload hooks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/69455cfefbfe71100a3c58d3ce7cea42445d9113\"\u003e\u003ccode\u003e69455cf\u003c/code\u003e\u003c/a\u003e test: cover package exports for ambiguous ESM reexports\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/35b700bd8620696df03827068af29dcd0d091a60\"\u003e\u003ccode\u003e35b700b\u003c/code\u003e\u003c/a\u003e fix: preserve CJS JSON require in ESM hooks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/ef807dba6832260fb4cafd78d81f5469a733966b\"\u003e\u003ccode\u003eef807db\u003c/code\u003e\u003c/a\u003e chore: update testing dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/3917090d4f61863ea6ea16e4a9a3722a112cc3f7\"\u003e\u003ccode\u003e3917090\u003c/code\u003e\u003c/a\u003e test: document compatibility test taxonomy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/de8113ffa8edbcd4e05fa218324c3e8c2a4afdbe\"\u003e\u003ccode\u003ede8113f\u003c/code\u003e\u003c/a\u003e refactor: centralize Node capability facts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/c1f62db45ada60b24ceb3dfdf7f64173d9a15396\"\u003e\u003ccode\u003ec1f62db\u003c/code\u003e\u003c/a\u003e test: consolidate tsconfig path edge coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/4e08174ec10276ac71c9a69eb28426ad702d0c76\"\u003e\u003ccode\u003e4e08174\u003c/code\u003e\u003c/a\u003e test: consolidate loader hook coverage\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.21.0...v4.22.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for tsx since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `typescript-eslint` from 8.58.2 to 8.61.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases\"\u003etypescript-eslint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.61.0\u003c/h2\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e change type of \u003ccode\u003eUnaryExpression.prefix\u003c/code\u003e to always \u003ccode\u003etrue\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12372\"\u003e#12372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e tighten types of \u003ccode\u003eArrowFunction\u003c/code\u003e, \u003ccode\u003eYieldExpression\u003c/code\u003e, \u003ccode\u003eTSTypePredicate\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12373\"\u003e#12373\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erule-schema-to-typescript-types:\u003c/strong\u003e respect ECMAScript line terminators (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12374\"\u003e#12374\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elumir\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003ev8.60.1\u003c/h2\u003e\n\u003ch2\u003e8.60.1 (2026-06-01)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eeslint-plugin:\u003c/strong\u003e respect ECMAScript line terminators in ts-comment rules (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12352\"\u003e#12352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eeslint-plugin:\u003c/strong\u003e [no-shadow] correct rule to match ESLint v10 handling (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12182\"\u003e#12182\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elumir\u003c/li\u003e\n\u003cli\u003eNevette Bailey \u003ca href=\"https://github.com/nevette-bailey\"\u003e\u003ccode\u003e@​nevette-bailey\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.1\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003ev8.60.0\u003c/h2\u003e\n\u003ch2\u003e8.60.0 (2026-05-25)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erule-tester:\u003c/strong\u003e added updates of RuleTester from upstream (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12291\"\u003e#12291\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eplayground TS version selector is not working (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12326\"\u003e#12326\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/issues/12325\"\u003e#12325\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md\"\u003etypescript-eslint's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.60.1 (2026-06-01)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.1\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.60.0 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.59.4 (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript-eslint:\u003c/strong\u003e export Compatible* types from typescript-eslint to resolve pnpm TS error (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12340\"\u003e#12340\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.4\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.59.3 (2026-05-11)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.3\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.59.2 (2026-05-04)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/16a5b247affc32af21b695cf96dfd75d7ded50a3\"\u003e\u003ccode\u003e16a5b24\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.61.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/4f84a697aedc436559c3ae09b5b357d98b448d68\"\u003e\u003ccode\u003e4f84a69\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.60.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/1849b530c254fb4f89d7270160f3a998e4acd964\"\u003e\u003ccode\u003e1849b53\u003c/code\u003e\u003c/a\u003e chore: typecheck using tsgo (\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/12139\"\u003e#12139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/f891c29de5f3e23f3d8c59cc599d3196e54e9b58\"\u003e\u003ccode\u003ef891c29\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.60.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/ca6ca1431b6d18235297a7e29feb5d98f012dff2\"\u003e\u003ccode\u003eca6ca14\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/4b927c607755b2648d5854b9e928c1dbb2b8e088\"\u003e\u003ccode\u003e4b927c6\u003c/code\u003e\u003c/a\u003e fix(typescript-eslint): export Compatible* types from typescript-eslint to re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/48e13c0261e3cb1bf4f4dfaa462cdb3a56ef7383\"\u003e\u003ccode\u003e48e13c0\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/44f9625336841a8ee3eb01a9e02e49b1d7b12648\"\u003e\u003ccode\u003e44f9625\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4.1.5 (\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/12307\"\u003e#12307\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/2ec35f1760aade4df4c631d76d78c7ed5e136333\"\u003e\u003ccode\u003e2ec35f1\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/52457932e5507b5ca01e720a541f3f8d01e09b9d\"\u003e\u003ccode\u003e5245793\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commits/v8.61.0/packages/typescript-eslint\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase thi...\n\n_Description has been truncated_","html_url":"https://github.com/pixel-agents-hq/pixel-agents/pull/308","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/pixel-agents-hq%2Fpixel-agents/issues/308","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/308/packages"},{"uuid":"4624033564","node_id":"PR_kwDORpA4s87keuYc","number":6,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 14 directories with 17 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-14T02:16:27.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-09T17:11:58.000Z","updated_at":"2026-06-14T02:16:29.000Z","time_to_close":378269,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":17,"packages":[{"name":"@fastify/http-proxy","old_version":"11.3.0","new_version":"11.4.4","repository_url":"https://github.com/fastify/fastify-http-proxy"},{"name":"@opentelemetry/sdk-node","old_version":"0.206.0","new_version":"0.217.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"fastify","old_version":"5.7.3","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"},{"name":"i18next-http-backend","old_version":"2.5.2","new_version":"3.0.5","repository_url":"https://github.com/i18next/i18next-http-backend"},{"name":"nodemailer","old_version":"7.0.11","new_version":"8.0.5","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"rollup","old_version":"4.22.5","new_version":"4.59.0","repository_url":"https://github.com/rollup/rollup"},{"name":"samlify","old_version":"2.10.0","new_version":"2.13.0","repository_url":"https://github.com/tngan/samlify"},{"name":"simple-git","old_version":"3.21.0","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"yaml","old_version":"2.4.1","new_version":"2.8.3","repository_url":"https://github.com/eemeli/yaml"},{"name":"vite","old_version":"6.4.1","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"webpack","old_version":"5.101.3","new_version":"5.104.1","repository_url":"https://github.com/webpack/webpack"},{"name":"@fastify/static","old_version":"8.1.0","new_version":"9.1.1","repository_url":"https://github.com/fastify/fastify-static"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.3.1","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"ajv","old_version":"8.12.0","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"mailparser","old_version":"3.7.5","new_version":"3.9.3","repository_url":"https://github.com/nodemailer/mailparser"},{"name":"lodash","old_version":"4.17.23","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"fast-xml-parser","old_version":"5.3.7","new_version":"5.7.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 17 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/http-proxy](https://github.com/fastify/fastify-http-proxy) | `11.3.0` | `11.4.4` |\n| [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js) | `0.206.0` | `0.217.0` |\n| [fastify](https://github.com/fastify/fastify) | `5.7.3` | `5.8.5` |\n| [i18next-http-backend](https://github.com/i18next/i18next-http-backend) | `2.5.2` | `3.0.5` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `7.0.11` | `8.0.5` |\n| [rollup](https://github.com/rollup/rollup) | `4.22.5` | `4.59.0` |\n| [samlify](https://github.com/tngan/samlify) | `2.10.0` | `2.13.0` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.21.0` | `3.36.0` |\n| [yaml](https://github.com/eemeli/yaml) | `2.4.1` | `2.8.3` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.4.1` | `6.4.2` |\n| [webpack](https://github.com/webpack/webpack) | `5.101.3` | `5.104.1` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.1.0` | `9.1.1` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.3.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.12.0` | `8.18.0` |\n| [mailparser](https://github.com/nodemailer/mailparser) | `3.7.5` | `3.9.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.3.7` | `5.7.0` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/ai directory: [ajv](https://github.com/ajv-validator/ajv).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/claude directory: [ajv](https://github.com/ajv-validator/ajv).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/firecrawl directory: [ajv](https://github.com/ajv-validator/ajv).\nBumps the npm_and_yarn group with 2 updates in the /packages/pieces/community/gmail directory: [nodemailer](https://github.com/nodemailer/nodemailer) and [mailparser](https://github.com/nodemailer/mailparser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/google-sheets directory: [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/imap directory: [mailparser](https://github.com/nodemailer/mailparser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/salesforce directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/zoho-mail directory: [mailparser](https://github.com/nodemailer/mailparser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/sftp directory: [basic-ftp](https://github.com/patrickjuchli/basic-ftp).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/smtp directory: [nodemailer](https://github.com/nodemailer/nodemailer).\nBumps the npm_and_yarn group with 7 updates in the /packages/server/api directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/http-proxy](https://github.com/fastify/fastify-http-proxy) | `11.3.0` | `11.4.4` |\n| [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js) | `0.206.0` | `0.217.0` |\n| [fastify](https://github.com/fastify/fastify) | `5.7.3` | `5.8.5` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `7.0.11` | `8.0.5` |\n| [samlify](https://github.com/tngan/samlify) | `2.10.0` | `2.13.0` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.21.0` | `3.36.0` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.1.0` | `9.1.1` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/server/worker directory: [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js).\nBumps the npm_and_yarn group with 1 update in the /packages/web directory: [i18next-http-backend](https://github.com/i18next/i18next-http-backend).\n\nUpdates `@fastify/http-proxy` from 11.3.0 to 11.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-http-proxy/releases\"\u003e@​fastify/http-proxy's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev11.4.4\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33805 \u003ca href=\"https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37\"\u003ehttps://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: remove fast-proxy dependency by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/453\"\u003efastify/fastify-http-proxy#453\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/454\"\u003efastify/fastify-http-proxy#454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump pino-test from 1.1.0 to 2.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/456\"\u003efastify/fastify-http-proxy#456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 5.9.3 to 6.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/455\"\u003efastify/fastify-http-proxy#455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/457\"\u003efastify/fastify-http-proxy#457\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/459\"\u003efastify/fastify-http-proxy#459\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.3...v11.4.4\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.3...v11.4.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Only replace the prefix at the beginning of the URL. by \u003ca href=\"https://github.com/ShogunPanda\"\u003e\u003ccode\u003e@​ShogunPanda\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/452\"\u003efastify/fastify-http-proxy#452\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.2...v11.4.3\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.2...v11.4.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/443\"\u003efastify/fastify-http-proxy#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade borp to v1.0.0 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/445\"\u003efastify/fastify-http-proxy#445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/446\"\u003efastify/fastify-http-proxy#446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/448\"\u003efastify/fastify-http-proxy#448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: removed stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/449\"\u003efastify/fastify-http-proxy#449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(qs): preserve fromParameters query params by \u003ca href=\"https://github.com/rozzilla\"\u003e\u003ccode\u003e@​rozzilla\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/451\"\u003efastify/fastify-http-proxy#451\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/445\"\u003efastify/fastify-http-proxy#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.1...v11.4.2\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.1...v11.4.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add types and updated docs for 'preRewrite'. by \u003ca href=\"https://github.com/mn4367\"\u003e\u003ccode\u003e@​mn4367\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/442\"\u003efastify/fastify-http-proxy#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mn4367\"\u003e\u003ccode\u003e@​mn4367\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/442\"\u003efastify/fastify-http-proxy#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.0...v11.4.1\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.0...v11.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 22.15.34 to 24.0.8 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/424\"\u003efastify/fastify-http-proxy#424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 5.8.3 to 5.9.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/426\"\u003efastify/fastify-http-proxy#426\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/15df3dc5eca55e2e61dba1745f422690b4a55257\"\u003e\u003ccode\u003e15df3dc\u003c/code\u003e\u003c/a\u003e Bumped v11.4.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/87ded36a2a67b3530a4c04f836ba4f26b26b12ae\"\u003e\u003ccode\u003e87ded36\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/459\"\u003e#459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/4011c5d6a3da2b33e8fea5234f09cbd447dfa8f0\"\u003e\u003ccode\u003e4011c5d\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/457\"\u003e#457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/7d287c244a6ec8b222bad4e8fff289c26d0b1606\"\u003e\u003ccode\u003e7d287c2\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump typescript from 5.9.3 to 6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/455\"\u003e#455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/801beea98c3a61b168c64deef4ce694fdafd8804\"\u003e\u003ccode\u003e801beea\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump pino-test from 1.1.0 to 2.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/456\"\u003e#456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/b05568e6b7db701c95171c3a0194516cbb0fea13\"\u003e\u003ccode\u003eb05568e\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/454\"\u003e#454\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/1d675fd2add0e523ea1a97c6f8506ce769366cdc\"\u003e\u003ccode\u003e1d675fd\u003c/code\u003e\u003c/a\u003e chore: remove fast-proxy dependency (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/453\"\u003e#453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/16e2044b7c4b59e6069712510da3a3f4f6bab636\"\u003e\u003ccode\u003e16e2044\u003c/code\u003e\u003c/a\u003e Bumped v11.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/be4a26865b1a588fb016523b35db4baeb16cfe0a\"\u003e\u003ccode\u003ebe4a268\u003c/code\u003e\u003c/a\u003e fix: Only replace the prefix at the beginning of the URL. (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/452\"\u003e#452\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/f5719401e8693716be0001c9e8f777675b965cc5\"\u003e\u003ccode\u003ef571940\u003c/code\u003e\u003c/a\u003e v11.4.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.3.0...v11.4.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@opentelemetry/sdk-node` from 0.206.0 to 0.217.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/releases\"\u003e@​opentelemetry/sdk-node's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eexperimental/v0.217.0\u003c/h2\u003e\n\u003ch2\u003e0.217.0\u003c/h2\u003e\n\u003ch3\u003e:rocket: Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(otlp-transformer): replace protobufjs trace serialization with custom implementation \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6625\"\u003e#6625\u003c/a\u003e \u003ca href=\"https://github.com/pichlermarc\"\u003e\u003ccode\u003e@​pichlermarc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(configuration): auto-generate TypeScript types from OTel declarative config JSON schema (stable v1.0.0) using \u003ccode\u003ejson-schema-to-typescript\u003c/code\u003e and \u003ccode\u003eajv\u003c/code\u003e \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6533\"\u003e#6533\u003c/a\u003e \u003ca href=\"https://github.com/MikeGoldsmith\"\u003e\u003ccode\u003e@​MikeGoldsmith\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(configuration, sdk-node): \u003ccode\u003estartNodeSDK()\u003c/code\u003e code path now uses \u003ccode\u003elog_level\u003c/code\u003e configuration to setup a DiagConsoleLogger \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6668\"\u003e#6668\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eNote that allowed values for \u003ccode\u003elog_level\u003c/code\u003e in a configuration YAML file are \u003cem\u003enot\u003c/em\u003e the same set as for \u003ccode\u003eOTEL_LOG_LEVEL\u003c/code\u003e. Use \u003ccode\u003elog_level: trace\u003c/code\u003e to see \u003cem\u003eall\u003c/em\u003e logs (equivalent of \u003ccode\u003eOTEL_LOG_LEVEL=ALL\u003c/code\u003e). Use \u003ccode\u003elog_level: fatal\u003c/code\u003e to effectively disable the SDK's internal diagnostic logger (equivalent of \u003ccode\u003eOTEL_LOG_LEVEL=NONE\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eIf \u003ccode\u003elog_level\u003c/code\u003e is not specified, a diagnostic console logger at \u0026quot;info\u0026quot; level will be setup.\u003c/li\u003e\n\u003cli\u003eAn invalid YAML config file will now result in a noop OTel SDK.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e:bug: Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix(configuration): do not validate \u003ccode\u003eOTEL_CONFIG_FILE\u003c/code\u003e value before using it for file config \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6643\"\u003e#6643\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): improve how 'additionalProperties' in JSON schema is translated to TS types \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6650\"\u003e#6650\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): remove stripMinItems and preprocessNullArrays from validation/parsing \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6657\"\u003e#6657\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): improve handling of enums in generated types \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6659\"\u003e#6659\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): improve the technique for removing '| null' on types the JSON Schema \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6662\"\u003e#6662\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(sampler-jaeger-remote): add missing axios dep \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6656\"\u003e#6656\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(exporter-prometheus): handle malformed URLs in Prometheus exporter request handler \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6674\"\u003e#6674\u003c/a\u003e \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eexperimental/v0.216.0\u003c/h2\u003e\n\u003ch2\u003e0.216.0\u003c/h2\u003e\n\u003ch3\u003e:rocket: Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(sdk-node): wire attribute_keys from declarative configuration to ViewOptions.attributesProcessors \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6427\"\u003e#6427\u003c/a\u003e \u003ca href=\"https://github.com/ravitheja4531-cell\"\u003e\u003ccode\u003e@​ravitheja4531-cell\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(sdk-node): set TracerProvider in startNodeSDK() \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6607\"\u003e#6607\u003c/a\u003e \u003ca href=\"https://github.com/maryliag\"\u003e\u003ccode\u003e@​maryliag\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e:bug: Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix(instrumentation-xml-http-request): avoid unwrapping \u003ccode\u003eXMLHttpRequest\u003c/code\u003e API when disabling \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6611\"\u003e#6611\u003c/a\u003e \u003ca href=\"https://github.com/david-luna\"\u003e\u003ccode\u003e@​david-luna\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(instrumentation-fetch): tolerate non-writable \u003ccode\u003eglobalThis.fetch\u003c/code\u003e and fix premature \u003ccode\u003e_isEnabled\u003c/code\u003e / \u003ccode\u003e_isFetchPatched\u003c/code\u003e flips in \u003ccode\u003eenable()\u003c/code\u003e \u003ca href=\"https://github.com/brunorodmoreira\"\u003e\u003ccode\u003e@​brunorodmoreira\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(instrumentation-xhr): resolve relative URLs before matching \u003ccode\u003eignoreUrls\u003c/code\u003e \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6551\"\u003e#6551\u003c/a\u003e \u003ca href=\"https://github.com/Maximiliano-Zeballos\"\u003e\u003ccode\u003e@​Maximiliano-Zeballos\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(sdk-node): fix setting of ViewOption#name from ConfigurationModel \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6620\"\u003e#6620\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(web-common): add limit for timeout \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6601\"\u003e#6601\u003c/a\u003e \u003ca href=\"https://github.com/maryliag\"\u003e\u003ccode\u003e@​maryliag\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(otlp-transformer): pin protobufjs@8.0.1 as protobufjs@8.0.3 is broken for browser use \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6646\"\u003e#6646\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e:house: Internal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etest(otlp-transformer): add metrics transform benchmark \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6628\"\u003e#6628\u003c/a\u003e \u003ca href=\"https://github.com/pichlermarc\"\u003e\u003ccode\u003e@​pichlermarc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(opentelemetry-exporter-prometheus): do not call enforcePrometheusNamingConvention() multiple times per metric \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6636\"\u003e#6636\u003c/a\u003e \u003ca href=\"https://github.com/cjihrig\"\u003e\u003ccode\u003e@​cjihrig\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eexperimental/v0.215.0\u003c/h2\u003e\n\u003ch2\u003e0.215.0\u003c/h2\u003e\n\u003ch3\u003e:boom: Breaking Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/74cde1b674508ccc0ed2601ac43a80ff2d35114c\"\u003e\u003ccode\u003e74cde1b\u003c/code\u003e\u003c/a\u003e chore: prepare next release (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6675\"\u003e#6675\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/e8f439adcbec23261d26fcc205f4d2a6d74f16c7\"\u003e\u003ccode\u003ee8f439a\u003c/code\u003e\u003c/a\u003e fix: handle malformed URLs in Prometheus exporter request handler (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6674\"\u003e#6674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/ab3a2e280e589a43d705278be5e8c8308b1b4081\"\u003e\u003ccode\u003eab3a2e2\u003c/code\u003e\u003c/a\u003e feat(sdk-node, configuration): diag log handling updates for startNodeSDK(), ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/d5b7d1e5c6cd3c9547137d0cc6a5185b7b5a8155\"\u003e\u003ccode\u003ed5b7d1e\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency axios to v1.15.2 [security] (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6670\"\u003e#6670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/c16361877b77828d324733a4c8bed6d2ed10c884\"\u003e\u003ccode\u003ec163618\u003c/code\u003e\u003c/a\u003e chore(deps): update github/codeql-action digest to e46ed2c (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6661\"\u003e#6661\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/ec2bfbe0b2afb9d29725140b2d0350e47e23250d\"\u003e\u003ccode\u003eec2bfbe\u003c/code\u003e\u003c/a\u003e chore(configuration): move config generation scripts into the configuration p...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/acc9ecd99591c054e9f3b9d9e36cbd4333bb1411\"\u003e\u003ccode\u003eacc9ecd\u003c/code\u003e\u003c/a\u003e chore(configuration): cosmetic changes to generated types.ts (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6663\"\u003e#6663\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/8f008ece4ee20ad7ef55f673c208010ddb59f751\"\u003e\u003ccode\u003e8f008ec\u003c/code\u003e\u003c/a\u003e chore: Move inactive members to emeritus (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6649\"\u003e#6649\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/435431e4705fd1fb45eec009a3f831b91e6673cd\"\u003e\u003ccode\u003e435431e\u003c/code\u003e\u003c/a\u003e fix(configuration): improve the technique for removing '| null' on types due ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/42220244e99c5ace5c2ac7365d232d3b9d1038b2\"\u003e\u003ccode\u003e4222024\u003c/code\u003e\u003c/a\u003e fix(configuration): improve handling of enums in generated types (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6659\"\u003e#6659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/compare/experimental/v0.206.0...experimental/v0.217.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.7.3 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.3\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-3635 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(readme): add \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e to plugin team by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6565\"\u003efastify/fastify#6565\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated Plugins-Guide.md; Changed \u0026quot;fastify\u0026quot; to \u0026quot;instance\u0026quot; during plugin registration to showcase that it's added as a child by \u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: use fastify.test in test case by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6568\"\u003efastify/fastify#6568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use fastify.example in documentation by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6567\"\u003efastify/fastify#6567\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add common performance degradation guidance by \u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(server): fix camelCase anchor links in TOC by \u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(link-checker): fix root-relative links resolution by \u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update syntax markdown, absolute paths and links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6569\"\u003efastify/fastify#6569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify content-type parser/schema mismatch is outside threat model by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6537\"\u003efastify/fastify#6537\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix incorrect code examples in Reply and Request reference by \u003ca href=\"https://github.com/mahmoodhamdi\"\u003e\u003ccode\u003e@​mahmoodhamdi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6582\"\u003efastify/fastify#6582\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: replace redirected npm.im http-errors link by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6588\"\u003efastify/fastify#6588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: Allow port to be null in request type definition by \u003ca href=\"https://github.com/TristanBarlow\"\u003e\u003ccode\u003e@​TristanBarlow\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6589\"\u003efastify/fastify#6589\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6593\"\u003efastify/fastify#6593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(lock-threads): use shared lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6592\"\u003efastify/fastify#6592\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3983cce8124714242099e8756a7a9a80a0ba0aea\"\u003e\u003ccode\u003e3983cce\u003c/code\u003e\u003c/a\u003e Bumped v5.8.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3ce3ae6752dbed672759856081af9cb1e2733105\"\u003e\u003ccode\u003e3ce3ae6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/b06a196b694c0c7aed53976cd77456f1ad7d4c9f\"\u003e\u003ccode\u003eb06a196\u003c/code\u003e\u003c/a\u003e docs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6610\"\u003e#6610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/909c5d5329536b0acc004da7649b3da8af9273b2\"\u003e\u003ccode\u003e909c5d5\u003c/code\u003e\u003c/a\u003e chore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6630\"\u003e#6630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/4db21a36ddb588acaebf5a4472ccb3b0d5fc9db0\"\u003e\u003ccode\u003e4db21a3\u003c/code\u003e\u003c/a\u003e chore: Bump borp from 0.21.0 to 1.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6633\"\u003e#6633\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/0f4e544c8acd7c42df347936e613a73cecc4f3fe\"\u003e\u003ccode\u003e0f4e544\u003c/code\u003e\u003c/a\u003e chore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6632\"\u003e#6632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/33a2fcd39de584713495bf4b3bd864137746f224\"\u003e\u003ccode\u003e33a2fcd\u003c/code\u003e\u003c/a\u003e chore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6629\"\u003e#6629\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/fd35d829a8cd496a3c1170c0c1c021130e3ca0e8\"\u003e\u003ccode\u003efd35d82\u003c/code\u003e\u003c/a\u003e ci: reduce cron schedules from daily/weekly to monthly (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6623\"\u003e#6623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/8dee9be05ebf683cd212aeff1d294f6ea1ec405c\"\u003e\u003ccode\u003e8dee9be\u003c/code\u003e\u003c/a\u003e fix: restore trustProxy function for number and string types, add null check ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/d457aeda8611777389c7e4713a288eb7ddb9a389\"\u003e\u003ccode\u003ed457aed\u003c/code\u003e\u003c/a\u003e chore: upgrade to typescript v6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6605\"\u003e#6605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify/compare/v5.7.3...v5.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `i18next-http-backend` from 2.5.2 to 3.0.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/i18next/i18next-http-backend/blob/master/CHANGELOG.md\"\u003ei18next-http-backend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e3.0.5\u003c/h3\u003e\n\u003cp\u003eSecurity release — all issues found via an internal audit. See published advisory \u003ca href=\"https://github.com/i18next/i18next-http-backend/security/advisories/GHSA-q89c-q3h5-w34g\"\u003eGHSA-q89c-q3h5-w34g\u003c/a\u003e.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity: refuse to build request URLs when \u003ccode\u003elng\u003c/code\u003e or \u003ccode\u003ens\u003c/code\u003e values contain path-traversal, URL-structure (\u003ccode\u003e?\u003c/code\u003e, \u003ccode\u003e#\u003c/code\u003e, \u003ccode\u003e%\u003c/code\u003e, \u003ccode\u003e@\u003c/code\u003e, whitespace), path separators, control characters, prototype keys, or exceed 128 chars. Prevents path traversal / SSRF / URL injection via attacker-controlled language-code values. \u003ccode\u003eisSafeUrlSegment\u003c/code\u003e is permissive for legitimate i18next language codes (any BCP-47-like shape, underscores, hyphens, dots, \u003ccode\u003e+\u003c/code\u003e-joined multi-language requests) (\u003ca href=\"https://github.com/i18next/i18next-http-backend/security/advisories/GHSA-q89c-q3h5-w34g\"\u003eGHSA-q89c-q3h5-w34g\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esecurity: per-instance \u003ccode\u003eomitFetchOptions\u003c/code\u003e — the fetch-options-stripping fallback is now scoped to a single backend instance via \u003ccode\u003eoptions._omitFetchOptions\u003c/code\u003e instead of a module-level boolean. One instance hitting a \u0026quot;not implemented\u0026quot; fetch error no longer permanently strips \u003ccode\u003erequestOptions\u003c/code\u003e (including \u003ccode\u003ecredentials\u003c/code\u003e, \u003ccode\u003emode\u003c/code\u003e, \u003ccode\u003ecache\u003c/code\u003e) from every other backend instance in the same process\u003c/li\u003e\n\u003cli\u003esecurity: strip CR/LF/NUL and other C0/C1 control characters from \u003ccode\u003elng\u003c/code\u003e/\u003ccode\u003ens\u003c/code\u003e / URL values before they appear in error-callback strings (CWE-117 log forging)\u003c/li\u003e\n\u003cli\u003esecurity: redact \u003ccode\u003euser:password\u003c/code\u003e credentials from URLs before including them in error-callback strings — prevents leaking basic-auth credentials embedded in \u003ccode\u003eloadPath\u003c/code\u003e / \u003ccode\u003eaddPath\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003esecurity: iterate own enumerable keys only (\u003ccode\u003eObject.keys\u003c/code\u003e + prototype-key guard) in \u003ccode\u003eaddQueryString\u003c/code\u003e and in the \u003ccode\u003ecustomHeaders\u003c/code\u003e loop in XHR mode — prevents prototype-pollution amplification into the URL and request headers\u003c/li\u003e\n\u003cli\u003echore: ignore \u003ccode\u003e.env*\u003c/code\u003e and \u003ccode\u003e*.pem\u003c/code\u003e/\u003ccode\u003e*.key\u003c/code\u003e files in \u003ccode\u003e.gitignore\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse own interpolation function for loadPath and addPath instead of relying on i18next's interpolator \u003ca href=\"https://redirect.github.com/i18next/i18next/issues/2420\"\u003ei18next#2420\u003c/a\u003e — this means only \u003ccode\u003e{{lng}}\u003c/code\u003e and \u003ccode\u003e{{ns}}\u003c/code\u003e placeholders are supported; custom interpolation prefix/suffix from i18next config no longer applies to backend paths\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize fetchApi selector\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etry to get rid of top-level await\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix for Deno 2 and removal of unnecessary .cjs file\u003c/li\u003e\n\u003cli\u003efor esm build environments not supporting top-level await, you should import the \u003ccode\u003ei18next-http-backend/cjs\u003c/code\u003e export or stay at v2.6.2 or v2.7.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize fetchApi selector [backported]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esame as 2.6.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeprecated, same as v3.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove network error detection across browsers \u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/pull/152\"\u003e152\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize \u0026quot;Failed to fetch\u0026quot; retry case \u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/issues/147\"\u003e147\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.0\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/5757fa3283bff31bd75e75598c3bcb44179bd892\"\u003e\u003ccode\u003e5757fa3\u003c/code\u003e\u003c/a\u003e 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4cee84f229c637b9c182366d3156f726d407a621\"\u003e\u003ccode\u003e4cee84f\u003c/code\u003e\u003c/a\u003e security: hardening for 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4cbc48741128d9b1f6cceb43edabfbec84c92615\"\u003e\u003ccode\u003e4cbc487\u003c/code\u003e\u003c/a\u003e Bump next from 16.2.1 to 16.2.3 in /example/next (\u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/issues/180\"\u003e#180\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/0d7dcbb09989d358b3af9a67658469ae8ed361dc\"\u003e\u003ccode\u003e0d7dcbb\u003c/code\u003e\u003c/a\u003e make last change more clear\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/c740e013ab5ff4ea3a71f9e0842a302bdf4147ae\"\u003e\u003ccode\u003ec740e01\u003c/code\u003e\u003c/a\u003e year\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/e1dc72b3fb016932959d2bf796d94985baca7050\"\u003e\u003ccode\u003ee1dc72b\u003c/code\u003e\u003c/a\u003e changelog fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4dbb4851ff53b0058d8f0a254779b45c839e6c24\"\u003e\u003ccode\u003e4dbb485\u003c/code\u003e\u003c/a\u003e 3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/5f33a0c2d72f8f9c1e0add30b9b75a0c2edeb7b6\"\u003e\u003ccode\u003e5f33a0c\u003c/code\u003e\u003c/a\u003e use own interpolation function for loadPath and addPath instead of relying on...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/681c09d12ebfafef09351b784d2e7b250328879f\"\u003e\u003ccode\u003e681c09d\u003c/code\u003e\u003c/a\u003e update ci actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/e63ff163717ba02c589e27fa81cc881add892fbd\"\u003e\u003ccode\u003ee63ff16\u003c/code\u003e\u003c/a\u003e adjust deno test\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/i18next/i18next-http-backend/compare/v2.5.2...v3.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nodemailer` from 7.0.11 to 8.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/releases\"\u003enodemailer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.4...v8.0.5\"\u003e8.0.5\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edecode SMTP server responses as UTF-8 at line boundary (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e95876b1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esanitize CRLF in transport name option to prevent SMTP command injection (GHSA-vvjj-xcjg-gr5g) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e0a43876\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4\"\u003e8.0.4\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esanitize envelope size to prevent SMTP command injection (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e2d7b971\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.2...v8.0.3\"\u003e8.0.3\u003c/a\u003e (2026-03-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up addressparser and fix group name fallback producing undefined (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9d55877f8ed15a6aefd7ba76cbb6b6a6cdbcc4fd\"\u003e9d55877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix cookie bugs, remove dead code, and improve hot-path efficiency (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003ee8c8b92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor smtp-connection for clarity and add Node.js 6 syntax compat test (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c5b48ea61c28eabf347972f4198a12cdab226ff7\"\u003ec5b48ea\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove familySupportCache that broke DNS resolution tests (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003ec803d90\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.2\"\u003e8.0.2\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emerge fragmented display names with unquoted commas in addressparser (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/fe27f7fd57f7587d897274438da2f628ad0ad7d9\"\u003efe27f7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.0...v8.0.1\"\u003e8.0.1\u003c/a\u003e (2026-02-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/7f8dde41438c66b8311e888fa5f8c518fcaba6f1\"\u003e7f8dde4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/381f628d55e62bb3131bd2a452fa1ce00bc48aea\"\u003e381f628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Gmail Workspace service configuration (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1787\"\u003e#1787\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/dc97ede417b3030b311771541b1f17f5ca76bcbf\"\u003edc97ede\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.13...v8.0.0\"\u003e8.0.0\u003c/a\u003e (2026-02-04)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md\"\u003enodemailer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.4...v8.0.5\"\u003e8.0.5\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edecode SMTP server responses as UTF-8 at line boundary (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e95876b1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esanitize CRLF in transport name option to prevent SMTP command injection (GHSA-vvjj-xcjg-gr5g) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e0a43876\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4\"\u003e8.0.4\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esanitize envelope size to prevent SMTP command injection (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e2d7b971\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.2...v8.0.3\"\u003e8.0.3\u003c/a\u003e (2026-03-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up addressparser and fix group name fallback producing undefined (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9d55877f8ed15a6aefd7ba76cbb6b6a6cdbcc4fd\"\u003e9d55877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix cookie bugs, remove dead code, and improve hot-path efficiency (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003ee8c8b92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor smtp-connection for clarity and add Node.js 6 syntax compat test (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c5b48ea61c28eabf347972f4198a12cdab226ff7\"\u003ec5b48ea\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove familySupportCache that broke DNS resolution tests (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003ec803d90\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.2\"\u003e8.0.2\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emerge fragmented display names with unquoted commas in addressparser (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/fe27f7fd57f7587d897274438da2f628ad0ad7d9\"\u003efe27f7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.0...v8.0.1\"\u003e8.0.1\u003c/a\u003e (2026-02-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/7f8dde41438c66b8311e888fa5f8c518fcaba6f1\"\u003e7f8dde4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/381f628d55e62bb3131bd2a452fa1ce00bc48aea\"\u003e381f628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Gmail Workspace service configuration (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1787\"\u003e#1787\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/dc97ede417b3030b311771541b1f17f5ca76bcbf\"\u003edc97ede\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.13...v8.0.0\"\u003e8.0.0\u003c/a\u003e (2026-02-04)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eError code 'NoAuth' renamed to 'ENOAUTH'\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/202cfb3e14010223204e9ba9f7430176be624f0f\"\u003e\u003ccode\u003e202cfb3\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.5 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1809\"\u003e#1809\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/b634abf05959edcc7207cdaba2c6541f92994cbb\"\u003e\u003ccode\u003eb634abf\u003c/code\u003e\u003c/a\u003e docs: add CLAUDE.md with project conventions and release process\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e\u003ccode\u003e95876b1\u003c/code\u003e\u003c/a\u003e fix: decode SMTP server responses as UTF-8 at line boundary\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e\u003ccode\u003e0a43876\u003c/code\u003e\u003c/a\u003e fix: sanitize CRLF in transport name option to prevent SMTP command injection...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/08e59e64d0f8595fa535f07061787e0946372657\"\u003e\u003ccode\u003e08e59e6\u003c/code\u003e\u003c/a\u003e chore: update dev dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d319753c34d2f0ced24d8eb1d7d866d965f59f4\"\u003e\u003ccode\u003e2d31975\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.4 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1806\"\u003e#1806\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e\u003ccode\u003e2d7b971\u003c/code\u003e\u003c/a\u003e fix: sanitize envelope size to prevent SMTP command injection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/4e702e97650aaff442a7bc040957ba9c53c614b8\"\u003e\u003ccode\u003e4e702e9\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.3 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1804\"\u003e#1804\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003e\u003ccode\u003ec803d90\u003c/code\u003e\u003c/a\u003e fix: remove familySupportCache that broke DNS resolution tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003e\u003ccode\u003ee8c8b92\u003c/code\u003e\u003c/a\u003e fix: fix cookie bugs, remove dead code, and improve hot-path efficiency\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.11...v8.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rollup` from 4.22.5 to 4.59.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/releases\"\u003erollup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.59.0\u003c/h2\u003e\n\u003ch2\u003e4.59.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow when the generated bundle contains paths that would leave the output directory (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6276\"\u003e#6276\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6275\"\u003e#6275\u003c/a\u003e: Validate bundle stays within output dir (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.58.0\u003c/h2\u003e\n\u003ch2\u003e4.58.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-20\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAlso support \u003ccode\u003e__NO_SIDE_EFFECTS__\u003c/code\u003e annotation before variable declarations declaring function expressions (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6272\"\u003e#6272\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6256\"\u003e#6256\u003c/a\u003e: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (\u003ca href=\"https://github.com/njg7194\"\u003e\u003ccode\u003e@​njg7194\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6259\"\u003e#6259\u003c/a\u003e: docs: Correct typo and improve sentence structure in docs for \u003ccode\u003eoutput.experimentalMinChunkSize\u003c/code\u003e (\u003ca href=\"https://github.com/millerick\"\u003e\u003ccode\u003e@​millerick\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6260\"\u003e#6260\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v47 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6261\"\u003e#6261\u003c/a\u003e: fix(deps): lock file maintenance minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6262\"\u003e#6262\u003c/a\u003e: Avoid unnecessary cloning of the code string (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6263\"\u003e#6263\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6265\"\u003e#6265\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6267\"\u003e#6267\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6268\"\u003e#6268\u003c/a\u003e: chore(deps): update dependency eslint-plugin-unicorn to v63 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6269\"\u003e#6269\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6270\"\u003e#6270\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6272\"\u003e#6272\u003c/a\u003e: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.57.1\u003c/h2\u003e\n\u003ch2\u003e4.57.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-01-30\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix heap corruption issue in Windows (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6251\"\u003e#6251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure exports of a dynamic import are fully included when called from a try...catch (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6254\"\u003e#6254\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6251\"\u003e#6251\u003c/a\u003e: fix: Isolate and cache \u003ccode\u003eprocess.report.getReport()\u003c/code\u003e calls in a child process for robust environment detection (\u003ca href=\"https://github.com/alan-agius4\"\u003e\u003ccode\u003e@​alan-agius4\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/blob/master/CHANGELOG.md\"\u003erollup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.59.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow when the generated bundle contains paths that would leave the output directory (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6276\"\u003e#6276\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6275\"\u003e#6275\u003c/a\u003e: Validate bundle stays within output dir (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.58.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-20\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAlso support \u003ccode\u003e__NO_SIDE_EFFECTS__\u003c/code\u003e annotation before variable declarations declaring function expressions (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6272\"\u003e#6272\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6256\"\u003e#6256\u003c/a\u003e: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (\u003ca href=\"https://github.com/njg7194\"\u003e\u003ccode\u003e@​njg7194\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6259\"\u003e#6259\u003c/a\u003e: docs: Correct typo and improve sentence structure in docs for \u003ccode\u003eoutput.experimentalMinChunkSize\u003c/code\u003e (\u003ca href=\"https://github.com/millerick\"\u003e\u003ccode\u003e@​millerick\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6260\"\u003e#6260\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v47 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6261\"\u003e#6261\u003c/a\u003e: fix(deps): lock file maintenance minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6262\"\u003e#6262\u003c/a\u003e: Avoid unnecessary cloning of the code string (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6263\"\u003e#6263\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6265\"\u003e#6265\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6267\"\u003e#6267\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6268\"\u003e#6268\u003c/a\u003e: chore(deps): update dependency eslint-plugin-unicorn to v63 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6269\"\u003e#6269\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6270\"\u003e#6270\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6272\"\u003e#6272\u003c/a\u003e: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.57.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-01-30\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix heap corruption issue in Windows (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6251\"\u003e#6251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure exports of a dynamic import are fully included when called from a try...catch (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6254\"\u003e#6254\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6251\"\u003e#6251\u003c/a\u003e: fix: Isolate and cache \u003ccode\u003eprocess.report.getReport()\u003c/code\u003e calls in a child process for robust environment detection (\u003ca href=\"https://github.com/alan-agius4\"\u003e\u003ccode\u003e@​alan-agius4\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6252\"\u003e#6252\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6253\"\u003e#6253\u003c/a\u003e: chore(deps): lock file maintenance minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6254\"\u003e#6254\u003c/a\u003e: Fully include dynamic imports in a try-catch (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/ae846957f109690a866cc3e4c073613c338d3476\"\u003e\u003ccode\u003eae84695\u003c/code\u003e\u003c/a\u003e 4.59.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/b39616e9175b3d9fc3977c99153174c490805a93\"\u003e\u003ccode\u003eb39616e\u003c/code\u003e\u003c/a\u003e Update audit-resolve\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/c60770d7aaf750e512c1b2774989ea4596e660b2\"\u003e\u003ccode\u003ec60770d\u003c/code\u003e\u003c/a\u003e Validate bundle stays within output dir (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6275\"\u003e#6275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/33f39c1f205ea2eadaf4b589e493453e2baa3662\"\u003e\u003ccode\u003e33f39c1\u003c/code\u003e\u003c/a\u003e 4.58.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/b61c40803b717854c1c28937e8098e5ad3c7b8ca\"\u003e\u003ccode\u003eb61c408\u003c/code\u003e\u003c/a\u003e forward NO_SIDE_EFFECTS annotations to function expressions in variable decla...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/7f00689ec90e2cafb11c26eefbcac62343c936f6\"\u003e\u003ccode\u003e7f00689\u003c/code\u003e\u003c/a\u003e Extend agent instructions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/e7b2b85af0901244ecc141b9d792c6db6b527ea4\"\u003e\u003ccode\u003ee7b2b85\u003c/code\u003e\u003c/a\u003e chore(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6270\"\u003e#6270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/2aa5da9baf82211b8207d268c8751630cb766970\"\u003e\u003ccode\u003e2aa5da9\u003c/code\u003e\u003c/a\u003e fix(deps): update minor/patch updates (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6267\"\u003e#6267\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/4319837c5448d0c10d89e9ded118888deec2eeec\"\u003e\u003ccode\u003e4319837\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6269\"\u003e#6269\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/c3b6b4bdc4f2ed978fa233132a526957e6513233\"\u003e\u003ccode\u003ec3b6b4b\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency eslint-plugin-unicorn to v63 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6268\"\u003e#6268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rollup/rollup/compare/v4.22.5...v4.59.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for rollup since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `samlify` from 2.10.0 to 2.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tngan/samlify/releases\"\u003esamlify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e from 0.8.11 to 0.8.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/603\"\u003etngan/samlify#603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e from 0.8.12 to 0.8.13 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/605\"\u003etngan/samlify#605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump postcss from 8.5.6 to 8.5.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/606\"\u003etngan/samlify#606\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: reject promises with Error instances, not raw strings (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/581\"\u003e#581\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/607\"\u003etngan/samlify#607\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support simpleSign binding for logout request/response (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/584\"\u003e#584\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/608\"\u003etngan/samlify#608\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: correct the parseResult example in saml-response (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/518\"\u003e#518\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/609\"\u003etngan/samlify#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify that wantMessageSigned and signatureConfig are SP options (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/516\"\u003e#516\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/610\"\u003etngan/samlify#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRFC-0001: introduce .skills/ and mandatory SAML 2.0 spec citation workflow by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/611\"\u003etngan/samlify#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: per-request relayState for login + logout (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/163\"\u003e#163\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/612\"\u003etngan/samlify#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esec: 2026-04 audit — patch vite, fix XXE bypass, reject unknown sig algs by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/613\"\u003etngan/samlify#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: omit AuthnRequest attributes whose value is null/undefined (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/455\"\u003e#455\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/614\"\u003etngan/samlify#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pass SessionIndex through createLogoutRequest (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/470\"\u003e#470\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/615\"\u003etngan/samlify#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: throw a clear error when redirect binding has no SSO/SLO endpoint (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/308\"\u003e#308\u003c/a\u003e \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/405\"\u003e#405\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/617\"\u003etngan/samlify#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: surface SP/IdP signing flags in ERR_METADATA_CONFLICT_REQUEST_SIGNED_FLAG (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/453\"\u003e#453\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/616\"\u003etngan/samlify#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: default signatureConfig for SP when wantMessageSigned is true (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/454\"\u003e#454\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/619\"\u003etngan/samlify#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: per-request ForceAuthn for createLoginRequest (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/359\"\u003e#359\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/618\"\u003etngan/samlify#618\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support tagPrefix.protocol and tagPrefix.assertion on IdP (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/388\"\u003e#388\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/620\"\u003etngan/samlify#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: invoke customTagReplacement even without explicit template (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/549\"\u003e#549\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/621\"\u003etngan/samlify#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support elementsOrder option on IdP metadata (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/429\"\u003e#429\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/622\"\u003etngan/samlify#622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support RSASSA-PSS signature algorithms (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/624\"\u003e#624\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/625\"\u003etngan/sa...\n\n_Description has been truncated_","html_url":"https://github.com/jeremiah9980/activepieces/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/jeremiah9980%2Factivepieces/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"4610267987","node_id":"PR_kwDOSO8knc7jxFDo","number":21,"state":"open","title":"chore(deps): bump the npm-minor group across 1 directory with 50 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-08T05:32:17.000Z","updated_at":"2026-06-08T05:32:18.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm-minor","update_count":50,"packages":[{"name":"@aws-sdk/client-s3","old_version":"3.975.0","new_version":"3.1063.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@aws-sdk/lib-storage","old_version":"3.975.0","new_version":"3.1063.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@aws-sdk/s3-request-presigner","old_version":"3.975.0","new_version":"3.1063.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@azure/storage-blob","old_version":"12.26.0","new_version":"12.32.0","repository_url":"https://github.com/Azure/azure-sdk-for-js"},{"name":"@databricks/sql","old_version":"1.12.0","new_version":"1.15.0","repository_url":"https://github.com/databricks/databricks-sql-nodejs"},{"name":"@fastify/static","old_version":"9.0.0","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"},{"name":"@langchain/anthropic","old_version":"1.3.15","new_version":"1.4.0","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"@langchain/langgraph","old_version":"1.1.4","new_version":"1.3.6","repository_url":"https://github.com/langchain-ai/langgraphjs"},{"name":"@langchain/openai","old_version":"1.2.5","new_version":"1.4.7","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"@modelcontextprotocol/sdk","old_version":"1.26.0","new_version":"1.29.0","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"@nestjs/common","old_version":"11.1.12","new_version":"11.1.24","repository_url":"https://github.com/nestjs/nest"},{"name":"@nestjs/config","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/nestjs/config"},{"name":"@nestjs/core","old_version":"11.1.12","new_version":"11.1.24","repository_url":"https://github.com/nestjs/nest"},{"name":"@nestjs/event-emitter","old_version":"3.0.1","new_version":"3.1.0","repository_url":"https://github.com/nestjs/event-emitter"},{"name":"@nestjs/platform-fastify","old_version":"11.1.12","new_version":"11.1.24","repository_url":"https://github.com/nestjs/nest"},{"name":"@nestjs/schedule","old_version":"6.1.0","new_version":"6.1.3","repository_url":"https://github.com/nestjs/schedule"},{"name":"@nestjs/swagger","old_version":"11.2.5","new_version":"11.4.4","repository_url":"https://github.com/nestjs/swagger"},{"name":"@nestjs/terminus","old_version":"11.0.0","new_version":"11.1.1","repository_url":"https://github.com/nestjs/terminus"},{"name":"@opentelemetry/api","old_version":"1.9.0","new_version":"1.9.1","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"@opentelemetry/auto-instrumentations-node","old_version":"0.68.0","new_version":"0.76.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js-contrib"},{"name":"@opentelemetry/exporter-metrics-otlp-http","old_version":"0.210.0","new_version":"0.218.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"@opentelemetry/exporter-trace-otlp-http","old_version":"0.210.0","new_version":"0.218.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"@opentelemetry/sdk-node","old_version":"0.210.0","new_version":"0.218.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"@opentelemetry/semantic-conventions","old_version":"1.39.0","new_version":"1.41.1","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"class-validator","old_version":"0.14.3","new_version":"0.15.1","repository_url":"https://github.com/typestack/class-validator"},{"name":"js-yaml","old_version":"4.1.1","new_version":"4.2.0","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"mssql","old_version":"12.2.0","new_version":"12.5.5","repository_url":"https://github.com/tediousjs/node-mssql"},{"name":"@types/mssql","old_version":"9.1.9","new_version":"12.3.0","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"mysql2","old_version":"3.16.3","new_version":"3.22.5","repository_url":"https://github.com/sidorares/node-mysql2"},{"name":"n3","old_version":"2.0.1","new_version":"2.0.3","repository_url":"https://github.com/rdfjs/N3.js"},{"name":"neo4j-driver","old_version":"6.0.1","new_version":"6.1.0","repository_url":"https://github.com/neo4j/neo4j-javascript-driver"},{"name":"pg","old_version":"8.18.0","new_version":"8.21.0","repository_url":"https://github.com/brianc/node-postgres"},{"name":"@types/pg","old_version":"8.15.6","new_version":"8.20.0","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"snowflake-sdk","old_version":"2.3.3","new_version":"2.4.3","repository_url":"https://github.com/snowflakedb/snowflake-connector-nodejs"},{"name":"@nestjs/cli","old_version":"11.0.16","new_version":"11.0.21","repository_url":"https://github.com/nestjs/nest-cli"},{"name":"@nestjs/schematics","old_version":"11.0.9","new_version":"11.1.0","repository_url":"https://github.com/nestjs/schematics"},{"name":"@nestjs/testing","old_version":"11.1.12","new_version":"11.1.24","repository_url":"https://github.com/nestjs/nest"},{"name":"@swc/cli","old_version":"0.7.10","new_version":"0.8.1","repository_url":"https://github.com/swc-project/pkgs"},{"name":"@swc/core","old_version":"1.15.11","new_version":"1.15.40","repository_url":"https://github.com/swc-project/swc"},{"name":"ts-jest","old_version":"29.4.6","new_version":"29.4.11","repository_url":"https://github.com/kulshekhar/ts-jest"},{"name":"@codemirror/lang-yaml","old_version":"6.1.2","new_version":"6.1.3","repository_url":"https://github.com/codemirror/lang-yaml"},{"name":"@uiw/react-codemirror","old_version":"4.25.4","new_version":"4.25.10","repository_url":"https://github.com/uiwjs/react-codemirror"},{"name":"@vitest/coverage-v8","old_version":"4.0.17","new_version":"4.1.8","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"msw","old_version":"2.12.7","new_version":"2.14.6","repository_url":"https://github.com/mswjs/msw"},{"name":"validator","old_version":"13.15.26","new_version":"13.15.35","repository_url":"https://github.com/validatorjs/validator.js"},{"name":"memfs","old_version":"4.56.10","new_version":"4.57.6","repository_url":"https://github.com/streamich/memfs"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm-minor group with 46 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.975.0` | `3.1063.0` |\n| [@aws-sdk/lib-storage](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/lib/lib-storage) | `3.975.0` | `3.1063.0` |\n| [@aws-sdk/s3-request-presigner](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner) | `3.975.0` | `3.1063.0` |\n| [@azure/storage-blob](https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob) | `12.26.0` | `12.32.0` |\n| [@databricks/sql](https://github.com/databricks/databricks-sql-nodejs) | `1.12.0` | `1.15.0` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `9.0.0` | `9.1.3` |\n| [@langchain/anthropic](https://github.com/langchain-ai/langchainjs) | `1.3.15` | `1.4.0` |\n| [@langchain/langgraph](https://github.com/langchain-ai/langgraphjs/tree/HEAD/libs/langgraph-core) | `1.1.4` | `1.3.6` |\n| [@langchain/openai](https://github.com/langchain-ai/langchainjs) | `1.2.5` | `1.4.7` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.26.0` | `1.29.0` |\n| [@nestjs/common](https://github.com/nestjs/nest/tree/HEAD/packages/common) | `11.1.12` | `11.1.24` |\n| [@nestjs/config](https://github.com/nestjs/config) | `4.0.2` | `4.0.4` |\n| [@nestjs/core](https://github.com/nestjs/nest/tree/HEAD/packages/core) | `11.1.12` | `11.1.24` |\n| [@nestjs/event-emitter](https://github.com/nestjs/event-emitter) | `3.0.1` | `3.1.0` |\n| [@nestjs/platform-fastify](https://github.com/nestjs/nest/tree/HEAD/packages/platform-fastify) | `11.1.12` | `11.1.24` |\n| [@nestjs/schedule](https://github.com/nestjs/schedule) | `6.1.0` | `6.1.3` |\n| [@nestjs/swagger](https://github.com/nestjs/swagger) | `11.2.5` | `11.4.4` |\n| [@nestjs/terminus](https://github.com/nestjs/terminus) | `11.0.0` | `11.1.1` |\n| [@opentelemetry/api](https://github.com/open-telemetry/opentelemetry-js) | `1.9.0` | `1.9.1` |\n| [@opentelemetry/auto-instrumentations-node](https://github.com/open-telemetry/opentelemetry-js-contrib/tree/HEAD/packages/auto-instrumentations-node) | `0.68.0` | `0.76.0` |\n| [@opentelemetry/exporter-metrics-otlp-http](https://github.com/open-telemetry/opentelemetry-js) | `0.210.0` | `0.218.0` |\n| [@opentelemetry/exporter-trace-otlp-http](https://github.com/open-telemetry/opentelemetry-js) | `0.210.0` | `0.218.0` |\n| [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js) | `0.210.0` | `0.218.0` |\n| [@opentelemetry/semantic-conventions](https://github.com/open-telemetry/opentelemetry-js) | `1.39.0` | `1.41.1` |\n| [class-validator](https://github.com/typestack/class-validator) | `0.14.3` | `0.15.1` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.1` | `4.2.0` |\n| [mssql](https://github.com/tediousjs/node-mssql) | `12.2.0` | `12.5.5` |\n| [@types/mssql](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/mssql) | `9.1.9` | `12.3.0` |\n| [mysql2](https://github.com/sidorares/node-mysql2) | `3.16.3` | `3.22.5` |\n| [n3](https://github.com/rdfjs/N3.js) | `2.0.1` | `2.0.3` |\n| [neo4j-driver](https://github.com/neo4j/neo4j-javascript-driver) | `6.0.1` | `6.1.0` |\n| [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) | `8.18.0` | `8.21.0` |\n| [@types/pg](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/pg) | `8.15.6` | `8.20.0` |\n| [snowflake-sdk](https://github.com/snowflakedb/snowflake-connector-nodejs) | `2.3.3` | `2.4.3` |\n| [@nestjs/cli](https://github.com/nestjs/nest-cli) | `11.0.16` | `11.0.21` |\n| [@nestjs/schematics](https://github.com/nestjs/schematics) | `11.0.9` | `11.1.0` |\n| [@nestjs/testing](https://github.com/nestjs/nest/tree/HEAD/packages/testing) | `11.1.12` | `11.1.24` |\n| [@swc/cli](https://github.com/swc-project/pkgs) | `0.7.10` | `0.8.1` |\n| [@swc/core](https://github.com/swc-project/swc/tree/HEAD/packages/core) | `1.15.11` | `1.15.40` |\n| [ts-jest](https://github.com/kulshekhar/ts-jest) | `29.4.6` | `29.4.11` |\n| [@codemirror/lang-yaml](https://github.com/codemirror/lang-yaml) | `6.1.2` | `6.1.3` |\n| [@uiw/react-codemirror](https://github.com/uiwjs/react-codemirror) | `4.25.4` | `4.25.10` |\n| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.0.17` | `4.1.8` |\n| [msw](https://github.com/mswjs/msw) | `2.12.7` | `2.14.6` |\n| [validator](https://github.com/validatorjs/validator.js) | `13.15.26` | `13.15.35` |\n| [memfs](https://github.com/streamich/memfs) | `4.56.10` | `4.57.6` |\n\n\nUpdates `@aws-sdk/client-s3` from 3.975.0 to 3.1063.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/releases\"\u003e@​aws-sdk/client-s3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1063.0\u003c/h2\u003e\n\u003ch4\u003e3.1063.0(2026-06-05)\u003c/h4\u003e\n\u003ch5\u003eChores\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003eupdate author URL in package.json (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8080\"\u003e#8080\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9bd1a86b9bec0f69c58dcfdda481c9e1797dd73f\"\u003e9bd1a86b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecrt-loader:\u003c/strong\u003e  update to latest aws-crt (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8079\"\u003e#8079\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8c2bdabd5826c8914eb1904880eade3c81ca6be4\"\u003e8c2bdabd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  update client endpoints as of 2026-06-05 (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/fe9a398fbfb3d324e4b67c7677fc63f62933f283\"\u003efe9a398f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sagemaker:\u003c/strong\u003e  This release adds support for MLflow experiment tracking in SageMaker inference optimization. CreateAIRecommendationJob and CreateAIBenchmarkJob now accept an optional OutputConfig.MlflowConfig (MLflow App ARN, experiment, run name) to stream benchmark metrics and artifacts to your own MLflow App. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/394304420ef42ed5c8918990273788bfd69d5f5a\"\u003e39430442\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-emr-serverless:\u003c/strong\u003e  Adds support for updating max capacity and custom fields while application is started (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6c9cce08f51a2b91ca5c7fc9dca2bfd293980546\"\u003e6c9cce08\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-dynamodb:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/416005d46847152ba1a24e4ce3297f47469f685c\"\u003e416005d4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-mediaconvert:\u003c/strong\u003e  Adds support for configurable number of Clear Lead segments at the beginning of encrypted output. Adds support for multiple trickplay variants. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/40eb4c6b527bb508bc7bdb2402528cff5ed49198\"\u003e40eb4c6b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-payment-cryptography:\u003c/strong\u003e  Adds CloudFormation support for resource-based policies on AWS Payment Cryptography keys. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c32019a8ffa7be444993d1ee8288d2c43c8a3f89\"\u003ec32019a8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-quicksight:\u003c/strong\u003e  Adds support for Knowledge Base APIs and Index Capacity API (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8205152f535d2a38e0f0ea5e2d516ab8b484650d\"\u003e8205152f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eBug Fixes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore/httpAuthSchemes:\u003c/strong\u003e  fix concurrent skew correction (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8078\"\u003e#8078\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/83e48928b9f31c78c6c10adc2127d663837ddd2a\"\u003e83e48928\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eTests\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003emiddleware-endpoint-discovery:\u003c/strong\u003e  remove integration tests (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8077\"\u003e#8077\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/02363831ab1c4cae1b254efe92ab49fa71f20700\"\u003e02363831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  add client error deserialization tests (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8075\"\u003e#8075\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0dfa4ad150e0283cf787cd231600aeb7d75695f0\"\u003e0dfa4ad1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eFor list of updated packages, view \u003cstrong\u003eupdated-packages.md\u003c/strong\u003e in \u003cstrong\u003eassets-3.1063.0.zip\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1062.0\u003c/h2\u003e\n\u003ch4\u003e3.1062.0(2026-06-04)\u003c/h4\u003e\n\u003ch5\u003eChores\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003escripts:\u003c/strong\u003e  include generated packages when validating declared imports 1-1 with used imports (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8072\"\u003e#8072\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/291ad3664d63b413e6c9631ac0a833e5819ceeaa\"\u003e291ad366\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eDocumentation Changes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-guardduty:\u003c/strong\u003e  Remove unsupported RDS field for filter (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5815da7f30f1bdfdcd45fa09c59d0a199a4e8e0a\"\u003e5815da7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-interconnect:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/34e23ef23951a492d90749601a3c2e395177b019\"\u003e34e23ef2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ec2-instance-connect:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c2a4981e83ab456c1335204c4c5693cf2b4ef510\"\u003ec2a4981e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-mq:\u003c/strong\u003e  BDD bulk update change rollout (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e058b8fd7fb9bffbacde2468108973c5a82139e2\"\u003ee058b8fd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-workspaces:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6b1e3602cde54d7840c6ab80610c46c9bd07262c\"\u003e6b1e3602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-connectparticipant:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/22db2a6a6f37796f76290bcd3faf1a5bec0f4426\"\u003e22db2a6a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md\"\u003e@​aws-sdk/client-s3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1062.0...v3.1063.0\"\u003e3.1063.0\u003c/a\u003e (2026-06-05)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1061.0...v3.1062.0\"\u003e3.1062.0\u003c/a\u003e (2026-06-04)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1060.0...v3.1061.0\"\u003e3.1061.0\u003c/a\u003e (2026-06-03)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1059.0...v3.1060.0\"\u003e3.1060.0\u003c/a\u003e (2026-06-03)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1058.0...v3.1059.0\"\u003e3.1059.0\u003c/a\u003e (2026-06-02)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1057.0...v3.1058.0\"\u003e3.1058.0\u003c/a\u003e (2026-06-01)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1056.0...v3.1057.0\"\u003e3.1057.0\u003c/a\u003e (2026-05-29)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/85dabf4ef0c81d9db5405c483b3bfbd2126075d4\"\u003e\u003ccode\u003e85dabf4\u003c/code\u003e\u003c/a\u003e Publish v3.1063.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9bd1a86b9bec0f69c58dcfdda481c9e1797dd73f\"\u003e\u003ccode\u003e9bd1a86\u003c/code\u003e\u003c/a\u003e chore: update author URL in package.json (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8080\"\u003e#8080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/f5235bbaa2e234435fed935ae69df09b33149d0c\"\u003e\u003ccode\u003ef5235bb\u003c/code\u003e\u003c/a\u003e Publish v3.1062.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/291ad3664d63b413e6c9631ac0a833e5819ceeaa\"\u003e\u003ccode\u003e291ad36\u003c/code\u003e\u003c/a\u003e chore(scripts): include generated packages when validating declared imports 1...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/71df2cc54f319fdbd1a6cd82b0317dbb65b386a7\"\u003e\u003ccode\u003e71df2cc\u003c/code\u003e\u003c/a\u003e Publish v3.1061.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/121609400451d15166872f5dc2a2d8fe75c7d7f6\"\u003e\u003ccode\u003e1216094\u003c/code\u003e\u003c/a\u003e chore(middleware-sdk-s3): consolidate S3 internal packages (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8026\"\u003e#8026\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8aeb92dd6ab42e4b59ebb3ad5a7c43b503af0183\"\u003e\u003ccode\u003e8aeb92d\u003c/code\u003e\u003c/a\u003e Publish v3.1060.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/75bb4fc527454646b0992d69d8910e743d81654b\"\u003e\u003ccode\u003e75bb4fc\u003c/code\u003e\u003c/a\u003e Publish v3.1059.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6b082a6526a0bb0ba213bb16b4c97a0b1134bc45\"\u003e\u003ccode\u003e6b082a6\u003c/code\u003e\u003c/a\u003e chore(codegen): sync for adaptive retry fix, EAI_AGAIN transient error (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8067\"\u003e#8067\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d7602d4e4256f1c91b499dcfa8e444041fdf96b6\"\u003e\u003ccode\u003ed7602d4\u003c/code\u003e\u003c/a\u003e Publish v3.1058.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commits/v3.1063.0/clients/client-s3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@aws-sdk/lib-storage` from 3.975.0 to 3.1063.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/releases\"\u003e@​aws-sdk/lib-storage's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1063.0\u003c/h2\u003e\n\u003ch4\u003e3.1063.0(2026-06-05)\u003c/h4\u003e\n\u003ch5\u003eChores\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003eupdate author URL in package.json (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8080\"\u003e#8080\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9bd1a86b9bec0f69c58dcfdda481c9e1797dd73f\"\u003e9bd1a86b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecrt-loader:\u003c/strong\u003e  update to latest aws-crt (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8079\"\u003e#8079\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8c2bdabd5826c8914eb1904880eade3c81ca6be4\"\u003e8c2bdabd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  update client endpoints as of 2026-06-05 (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/fe9a398fbfb3d324e4b67c7677fc63f62933f283\"\u003efe9a398f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sagemaker:\u003c/strong\u003e  This release adds support for MLflow experiment tracking in SageMaker inference optimization. CreateAIRecommendationJob and CreateAIBenchmarkJob now accept an optional OutputConfig.MlflowConfig (MLflow App ARN, experiment, run name) to stream benchmark metrics and artifacts to your own MLflow App. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/394304420ef42ed5c8918990273788bfd69d5f5a\"\u003e39430442\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-emr-serverless:\u003c/strong\u003e  Adds support for updating max capacity and custom fields while application is started (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6c9cce08f51a2b91ca5c7fc9dca2bfd293980546\"\u003e6c9cce08\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-dynamodb:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/416005d46847152ba1a24e4ce3297f47469f685c\"\u003e416005d4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-mediaconvert:\u003c/strong\u003e  Adds support for configurable number of Clear Lead segments at the beginning of encrypted output. Adds support for multiple trickplay variants. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/40eb4c6b527bb508bc7bdb2402528cff5ed49198\"\u003e40eb4c6b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-payment-cryptography:\u003c/strong\u003e  Adds CloudFormation support for resource-based policies on AWS Payment Cryptography keys. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c32019a8ffa7be444993d1ee8288d2c43c8a3f89\"\u003ec32019a8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-quicksight:\u003c/strong\u003e  Adds support for Knowledge Base APIs and Index Capacity API (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8205152f535d2a38e0f0ea5e2d516ab8b484650d\"\u003e8205152f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eBug Fixes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore/httpAuthSchemes:\u003c/strong\u003e  fix concurrent skew correction (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8078\"\u003e#8078\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/83e48928b9f31c78c6c10adc2127d663837ddd2a\"\u003e83e48928\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eTests\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003emiddleware-endpoint-discovery:\u003c/strong\u003e  remove integration tests (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8077\"\u003e#8077\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/02363831ab1c4cae1b254efe92ab49fa71f20700\"\u003e02363831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  add client error deserialization tests (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8075\"\u003e#8075\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0dfa4ad150e0283cf787cd231600aeb7d75695f0\"\u003e0dfa4ad1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eFor list of updated packages, view \u003cstrong\u003eupdated-packages.md\u003c/strong\u003e in \u003cstrong\u003eassets-3.1063.0.zip\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1062.0\u003c/h2\u003e\n\u003ch4\u003e3.1062.0(2026-06-04)\u003c/h4\u003e\n\u003ch5\u003eChores\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003escripts:\u003c/strong\u003e  include generated packages when validating declared imports 1-1 with used imports (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8072\"\u003e#8072\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/291ad3664d63b413e6c9631ac0a833e5819ceeaa\"\u003e291ad366\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eDocumentation Changes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-guardduty:\u003c/strong\u003e  Remove unsupported RDS field for filter (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5815da7f30f1bdfdcd45fa09c59d0a199a4e8e0a\"\u003e5815da7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-interconnect:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/34e23ef23951a492d90749601a3c2e395177b019\"\u003e34e23ef2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ec2-instance-connect:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c2a4981e83ab456c1335204c4c5693cf2b4ef510\"\u003ec2a4981e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-mq:\u003c/strong\u003e  BDD bulk update change rollout (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e058b8fd7fb9bffbacde2468108973c5a82139e2\"\u003ee058b8fd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-workspaces:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6b1e3602cde54d7840c6ab80610c46c9bd07262c\"\u003e6b1e3602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-connectparticipant:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/22db2a6a6f37796f76290bcd3faf1a5bec0f4426\"\u003e22db2a6a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/blob/main/lib/lib-storage/CHANGELOG.md\"\u003e@​aws-sdk/lib-storage's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1062.0...v3.1063.0\"\u003e3.1063.0\u003c/a\u003e (2026-06-05)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/lib-storage\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1061.0...v3.1062.0\"\u003e3.1062.0\u003c/a\u003e (2026-06-04)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/lib-storage\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1060.0...v3.1061.0\"\u003e3.1061.0\u003c/a\u003e (2026-06-03)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/lib-storage\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1059.0...v3.1060.0\"\u003e3.1060.0\u003c/a\u003e (2026-06-03)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/lib-storage\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1058.0...v3.1059.0\"\u003e3.1059.0\u003c/a\u003e (2026-06-02)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/lib-storage\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1057.0...v3.1058.0\"\u003e3.1058.0\u003c/a\u003e (2026-06-01)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/lib-storage\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1056.0...v3.1057.0\"\u003e3.1057.0\u003c/a\u003e (2026-05-29)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/85dabf4ef0c81d9db5405c483b3bfbd2126075d4\"\u003e\u003ccode\u003e85dabf4\u003c/code\u003e\u003c/a\u003e Publish v3.1063.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9bd1a86b9bec0f69c58dcfdda481c9e1797dd73f\"\u003e\u003ccode\u003e9bd1a86\u003c/code\u003e\u003c/a\u003e chore: update author URL in package.json (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/lib/lib-storage/issues/8080\"\u003e#8080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/f5235bbaa2e234435fed935ae69df09b33149d0c\"\u003e\u003ccode\u003ef5235bb\u003c/code\u003e\u003c/a\u003e Publish v3.1062.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/71df2cc54f319fdbd1a6cd82b0317dbb65b386a7\"\u003e\u003ccode\u003e71df2cc\u003c/code\u003e\u003c/a\u003e Publish v3.1061.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8aeb92dd6ab42e4b59ebb3ad5a7c43b503af0183\"\u003e\u003ccode\u003e8aeb92d\u003c/code\u003e\u003c/a\u003e Publish v3.1060.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/75bb4fc527454646b0992d69d8910e743d81654b\"\u003e\u003ccode\u003e75bb4fc\u003c/code\u003e\u003c/a\u003e Publish v3.1059.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6b082a6526a0bb0ba213bb16b4c97a0b1134bc45\"\u003e\u003ccode\u003e6b082a6\u003c/code\u003e\u003c/a\u003e chore(codegen): sync for adaptive retry fix, EAI_AGAIN transient error (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/lib/lib-storage/issues/8067\"\u003e#8067\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d7602d4e4256f1c91b499dcfa8e444041fdf96b6\"\u003e\u003ccode\u003ed7602d4\u003c/code\u003e\u003c/a\u003e Publish v3.1058.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e836d5c0437f234ca692615924cf7f88cf2748c6\"\u003e\u003ccode\u003ee836d5c\u003c/code\u003e\u003c/a\u003e Publish v3.1057.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4b035429227c5be4093e5b3898a4eb5dc70824b0\"\u003e\u003ccode\u003e4b03542\u003c/code\u003e\u003c/a\u003e Publish v3.1056.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commits/v3.1063.0/lib/lib-storage\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@aws-sdk/s3-request-presigner` from 3.975.0 to 3.1063.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/releases\"\u003e@​aws-sdk/s3-request-presigner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1063.0\u003c/h2\u003e\n\u003ch4\u003e3.1063.0(2026-06-05)\u003c/h4\u003e\n\u003ch5\u003eChores\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003eupdate author URL in package.json (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8080\"\u003e#8080\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9bd1a86b9bec0f69c58dcfdda481c9e1797dd73f\"\u003e9bd1a86b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecrt-loader:\u003c/strong\u003e  update to latest aws-crt (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8079\"\u003e#8079\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8c2bdabd5826c8914eb1904880eade3c81ca6be4\"\u003e8c2bdabd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  update client endpoints as of 2026-06-05 (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/fe9a398fbfb3d324e4b67c7677fc63f62933f283\"\u003efe9a398f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sagemaker:\u003c/strong\u003e  This release adds support for MLflow experiment tracking in SageMaker inference optimization. CreateAIRecommendationJob and CreateAIBenchmarkJob now accept an optional OutputConfig.MlflowConfig (MLflow App ARN, experiment, run name) to stream benchmark metrics and artifacts to your own MLflow App. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/394304420ef42ed5c8918990273788bfd69d5f5a\"\u003e39430442\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-emr-serverless:\u003c/strong\u003e  Adds support for updating max capacity and custom fields while application is started (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6c9cce08f51a2b91ca5c7fc9dca2bfd293980546\"\u003e6c9cce08\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-dynamodb:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/416005d46847152ba1a24e4ce3297f47469f685c\"\u003e416005d4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-mediaconvert:\u003c/strong\u003e  Adds support for configurable number of Clear Lead segments at the beginning of encrypted output. Adds support for multiple trickplay variants. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/40eb4c6b527bb508bc7bdb2402528cff5ed49198\"\u003e40eb4c6b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-payment-cryptography:\u003c/strong\u003e  Adds CloudFormation support for resource-based policies on AWS Payment Cryptography keys. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c32019a8ffa7be444993d1ee8288d2c43c8a3f89\"\u003ec32019a8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-quicksight:\u003c/strong\u003e  Adds support for Knowledge Base APIs and Index Capacity API (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8205152f535d2a38e0f0ea5e2d516ab8b484650d\"\u003e8205152f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eBug Fixes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore/httpAuthSchemes:\u003c/strong\u003e  fix concurrent skew correction (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8078\"\u003e#8078\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/83e48928b9f31c78c6c10adc2127d663837ddd2a\"\u003e83e48928\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eTests\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003emiddleware-endpoint-discovery:\u003c/strong\u003e  remove integration tests (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8077\"\u003e#8077\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/02363831ab1c4cae1b254efe92ab49fa71f20700\"\u003e02363831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  add client error deserialization tests (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8075\"\u003e#8075\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0dfa4ad150e0283cf787cd231600aeb7d75695f0\"\u003e0dfa4ad1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eFor list of updated packages, view \u003cstrong\u003eupdated-packages.md\u003c/strong\u003e in \u003cstrong\u003eassets-3.1063.0.zip\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1062.0\u003c/h2\u003e\n\u003ch4\u003e3.1062.0(2026-06-04)\u003c/h4\u003e\n\u003ch5\u003eChores\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003escripts:\u003c/strong\u003e  include generated packages when validating declared imports 1-1 with used imports (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8072\"\u003e#8072\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/291ad3664d63b413e6c9631ac0a833e5819ceeaa\"\u003e291ad366\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eDocumentation Changes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-guardduty:\u003c/strong\u003e  Remove unsupported RDS field for filter (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5815da7f30f1bdfdcd45fa09c59d0a199a4e8e0a\"\u003e5815da7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-interconnect:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/34e23ef23951a492d90749601a3c2e395177b019\"\u003e34e23ef2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ec2-instance-connect:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c2a4981e83ab456c1335204c4c5693cf2b4ef510\"\u003ec2a4981e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-mq:\u003c/strong\u003e  BDD bulk update change rollout (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e058b8fd7fb9bffbacde2468108973c5a82139e2\"\u003ee058b8fd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-workspaces:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6b1e3602cde54d7840c6ab80610c46c9bd07262c\"\u003e6b1e3602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-connectparticipant:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/22db2a6a6f37796f76290bcd3faf1a5bec0f4426\"\u003e22db2a6a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/blob/main/packages/s3-request-presigner/CHANGELOG.md\"\u003e@​aws-sdk/s3-request-presigner's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1062.0...v3.1063.0\"\u003e3.1063.0\u003c/a\u003e (2026-06-05)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1061.0...v3.1062.0\"\u003e3.1062.0\u003c/a\u003e (2026-06-04)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1060.0...v3.1061.0\"\u003e3.1061.0\u003c/a\u003e (2026-06-03)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1059.0...v3.1060.0\"\u003e3.1060.0\u003c/a\u003e (2026-06-03)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1058.0...v3.1059.0\"\u003e3.1059.0\u003c/a\u003e (2026-06-02)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1057.0...v3.1058.0\"\u003e3.1058.0\u003c/a\u003e (2026-06-01)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1056.0...v3.1057.0\"\u003e3.1057.0\u003c/a\u003e (2026-05-29)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/85dabf4ef0c81d9db5405c483b3bfbd2126075d4\"\u003e\u003ccode\u003e85dabf4\u003c/code\u003e\u003c/a\u003e Publish v3.1063.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9bd1a86b9bec0f69c58dcfdda481c9e1797dd73f\"\u003e\u003ccode\u003e9bd1a86\u003c/code\u003e\u003c/a\u003e chore: update author URL in package.json (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner/issues/8080\"\u003e#8080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/f5235bbaa2e234435fed935ae69df09b33149d0c\"\u003e\u003ccode\u003ef5235bb\u003c/code\u003e\u003c/a\u003e Publish v3.1062.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/71df2cc54f319fdbd1a6cd82b0317dbb65b386a7\"\u003e\u003ccode\u003e71df2cc\u003c/code\u003e\u003c/a\u003e Publish v3.1061.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8aeb92dd6ab42e4b59ebb3ad5a7c43b503af0183\"\u003e\u003ccode\u003e8aeb92d\u003c/code\u003e\u003c/a\u003e Publish v3.1060.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/75bb4fc527454646b0992d69d8910e743d81654b\"\u003e\u003ccode\u003e75bb4fc\u003c/code\u003e\u003c/a\u003e Publish v3.1059.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6b082a6526a0bb0ba213bb16b4c97a0b1134bc45\"\u003e\u003ccode\u003e6b082a6\u003c/code\u003e\u003c/a\u003e chore(codegen): sync for adaptive retry fix, EAI_AGAIN transient error (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner/issues/8067\"\u003e#8067\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d7602d4e4256f1c91b499dcfa8e444041fdf96b6\"\u003e\u003ccode\u003ed7602d4\u003c/code\u003e\u003c/a\u003e Publish v3.1058.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e836d5c0437f234ca692615924cf7f88cf2748c6\"\u003e\u003ccode\u003ee836d5c\u003c/code\u003e\u003c/a\u003e Publish v3.1057.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4b035429227c5be4093e5b3898a4eb5dc70824b0\"\u003e\u003ccode\u003e4b03542\u003c/code\u003e\u003c/a\u003e Publish v3.1056.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commits/v3.1063.0/packages/s3-request-presigner\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@azure/storage-blob` from 12.26.0 to 12.32.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/storage-blob/CHANGELOG.md\"\u003e@​azure/storage-blob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e12.32.0 (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eFeatures Added\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIncludes all features released in 12.32.0-beta.1.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12.32.0-beta.1 (2026-03-05)\u003c/h2\u003e\n\u003ch3\u003eFeatures Added\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for service version 2026-04-06.\u003c/li\u003e\n\u003cli\u003eAdded support for Content Validation via Structured Message.\u003c/li\u003e\n\u003cli\u003eAdded support for Delete Blob Conditional Tier.\u003c/li\u003e\n\u003cli\u003eAdded support for Server-side Encryption Rekeying.\u003c/li\u003e\n\u003cli\u003eAdded cross-tenant support for Principal-Bound User Delegation SAS.\u003c/li\u003e\n\u003cli\u003eAdded support for Dynamic User Delegation SAS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12.31.0 (2026-02-10)\u003c/h2\u003e\n\u003ch3\u003eFeatures Added\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnhanced \u003ccode\u003ereadableStreamBody\u003c/code\u003e type to include \u003ccode\u003e.destroy()\u003c/code\u003e method, making stream cancellation more type-safe without requiring type casting.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated minimum version of \u003ccode\u003e@azure/storage-common\u003c/code\u003e to \u003ccode\u003e^12.3.0\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12.30.0 (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eFeatures Added\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIncludes all features released in 12.30.0-beta.1.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12.30.0-beta.1 (2025-11-24)\u003c/h2\u003e\n\u003ch3\u003eFeatures Added\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for service version 2026-02-06.\u003c/li\u003e\n\u003cli\u003eAdded support for the StartFrom parameter on BlobContainerClient.listBlobs() and .listBlobsByHierarchy().\u003c/li\u003e\n\u003cli\u003eAdded support for Principal-Bound Identity User Delegation SAS\u003c/li\u003e\n\u003cli\u003eAdded support for conditional headers on BlobBaseClient.getTags(), and .getTags().\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor to import and re-export common APIs from \u003ccode\u003e@azure/storage-common\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12.29.1 (2025-10-16)\u003c/h2\u003e\n\u003ch3\u003eFeatures Added\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commit/d740d83f7a558e4b10f7f2ff010c94fe6e4f016f\"\u003e\u003ccode\u003ed740d83\u003c/code\u003e\u003c/a\u003e Resolve interface comments (\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob/issues/38702\"\u003e#38702\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commit/ff9fc24b8d0c39aeefb48da2e223cc7f7c8448d3\"\u003e\u003ccode\u003eff9fc24\u003c/code\u003e\u003c/a\u003e Update package version for stg101 (\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob/issues/38623\"\u003e#38623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commit/603366dcbcdf287f9032301cdd2d3b642598c4a3\"\u003e\u003ccode\u003e603366d\u003c/code\u003e\u003c/a\u003e [storage] update streamToBuffer helpers to handle chunks correctly (\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob/issues/38465\"\u003e#38465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commit/3de1abed3cc6bba886c0381feb1c3de013f22506\"\u003e\u003ccode\u003e3de1abe\u003c/code\u003e\u003c/a\u003e Add imports field to all warp-built packages (\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob/issues/38391\"\u003e#38391\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commit/0aa0f0f78debca83fd0976ab581d282d3823b486\"\u003e\u003ccode\u003e0aa0f0f\u003c/code\u003e\u003c/a\u003e Add react-native devDependency to packages with RN targets (\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob/issues/38392\"\u003e#38392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commit/e8f0055e347ccd2cd9d282d45f4dc3e6fbf1137f\"\u003e\u003ccode\u003ee8f0055\u003c/code\u003e\u003c/a\u003e chore: Update registry for all package.json and adjust check rules (\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob/issues/38281\"\u003e#38281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commit/8226e6f9f053b04be4274617057627ddf883bcfe\"\u003e\u003ccode\u003e8226e6f\u003c/code\u003e\u003c/a\u003e [test] Fix swapped assertion arguments across test files (\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob/issues/37972\"\u003e#37972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commit/65c0ccc3ac17dbd3a8f6ccd712f947ea878b3124\"\u003e\u003ccode\u003e65c0ccc\u003c/code\u003e\u003c/a\u003e feat(warp): explicit CJS via moduleType, esbuild ESM→CJS transform (\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob/issues/37893\"\u003e#37893\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commit/7b9b6aac5f2d4861087434c6cd38de3d91463278\"\u003e\u003ccode\u003e7b9b6aa\u003c/code\u003e\u003c/a\u003e Storage/content checksum (\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob/issues/37208\"\u003e#37208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commit/460a94d1f1aae2a497dac32257089f01acbcb444\"\u003e\u003ccode\u003e460a94d\u003c/code\u003e\u003c/a\u003e [warp] Migrate storage packages to warp with type-compatible browser … (\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob/issues/37443\"\u003e#37443\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commits/@azure/storage-blob_12.32.0/sdk/storage/storage-blob\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@databricks/sql` from 1.12.0 to 1.15.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/releases\"\u003e@​databricks/sql's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd SPOG routing support: parse \u003ccode\u003e?o=\u0026lt;workspaceId\u0026gt;\u003c/code\u003e from \u003ccode\u003ehttpPath\u003c/code\u003e and inject \u003ccode\u003ex-databricks-org-id\u003c/code\u003e on Thrift, telemetry, and feature-flag requests. Expose \u003ccode\u003ecustomHeaders\u003c/code\u003e on \u003ccode\u003eConnectionOptions\u003c/code\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#391\u003c/code\u003e\u003ca href=\"https://github.com/samikshya-db\"\u003e\u003ccode\u003e@​samikshya-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTelemetry: enable by default with feature-flag-controlled priority, and fix final-flush dropping on \u003ccode\u003eclient.close()\u003c/code\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#327\u003c/code\u003e\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/391\"\u003e#391\u003c/a\u003e by \u003ca href=\"https://github.com/samikshya-db\"\u003e\u003ccode\u003e@​samikshya-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#363\u003c/code\u003e\u003ca href=\"https://github.com/msrathore-db\"\u003e\u003ccode\u003e@​msrathore-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: use a valid SPDX license identifier in \u003ccode\u003epackage.json\u003c/code\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#389\u003c/code\u003e\u003ca href=\"https://github.com/sreekanth-db\"\u003e\u003ccode\u003e@​sreekanth-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#366\u003c/code\u003e\u003ca href=\"https://github.com/sreekanth-db\"\u003e\u003ccode\u003e@​sreekanth-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#333\u003c/code\u003e\u003ca href=\"https://github.com/vikrantpuppala\"\u003e\u003ccode\u003e@​vikrantpuppala\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#325\u003c/code\u003e\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/326\"\u003e#326\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/362\"\u003e#362\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.13.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAdd token federation support\u003c/strong\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#318\u003c/code\u003e\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/319\"\u003edatabricks/databricks-sql-nodejs#319\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/320\"\u003edatabricks/databricks-sql-nodejs#320\u003c/a\u003e by \u003ca href=\"https://github.com/madhav-db\"\u003e\u003ccode\u003e@​madhav-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAdd metric view metadata support\u003c/strong\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#312\u003c/code\u003e\u003ca href=\"https://github.com/shivam2680\"\u003e\u003ccode\u003e@​shivam2680\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFix:\u003c/strong\u003e Avoid calling \u003ccode\u003erequire('lz4')\u003c/code\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#316\u003c/code\u003e\u003ca href=\"https://github.com/ikkala\"\u003e\u003ccode\u003e@​ikkala\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFix flaky Iterator tests\u003c/strong\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#313\u003c/code\u003e\u003ca href=\"https://github.com/shivam2680\"\u003e\u003ccode\u003e@​shivam2680\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRemove notification spam\u003c/strong\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#322\u003c/code\u003e\u003ca href=\"https://github.com/samikshya-db\"\u003e\u003ccode\u003e@​samikshya-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAdd telemetry foundation\u003c/strong\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#324\u003c/code\u003e\u003ca href=\"https://github.com/samikshya-db\"\u003e\u003ccode\u003e@​samikshya-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ikkala\"\u003e\u003ccode\u003e@​ikkala\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/pull/316\"\u003edatabricks/databricks-sql-nodejs#316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/madhav-db\"\u003e\u003ccode\u003e@​madhav-db\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/pull/318\"\u003edatabricks/databricks-sql-nodejs#318\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/compare/1.12.0...1.13.0\"\u003ehttps://github.com/databricks/databricks-sql-nodejs/compare/1.12.0...1.13.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/blob/main/CHANGELOG.md\"\u003e@​databricks/sql's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd SPOG routing support: parse \u003ccode\u003e?o=\u0026lt;workspaceId\u0026gt;\u003c/code\u003e from \u003ccode\u003ehttpPath\u003c/code\u003e and inject \u003ccode\u003ex-databricks-org-id\u003c/code\u003e on Thrift, telemetry, and feature-flag requests. Expose \u003ccode\u003ecustomHeaders\u003c/code\u003e on \u003ccode\u003eConnectionOptions\u003c/code\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#391\u003c/code\u003e\u003ca href=\"https://github.com/samikshya-db\"\u003e\u003ccode\u003e@​samikshya-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTelemetry: enable by default with feature-flag-controlled priority, and fix final-flush dropping on \u003ccode\u003eclient.close()\u003c/code\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#327\u003c/code\u003e\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/391\"\u003e#391\u003c/a\u003e by \u003ca href=\"https://github.com/samikshya-db\"\u003e\u003ccode\u003e@​samikshya-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#363\u003c/code\u003e\u003ca href=\"https://github.com/msrathore-db\"\u003e\u003ccode\u003e@​msrathore-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: use a valid SPDX license identifier in \u003ccode\u003epackage.json\u003c/code\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#389\u003c/code\u003e\u003ca href=\"https://github.com/sreekanth-db\"\u003e\u003ccode\u003e@​sreekanth-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#366\u003c/code\u003e\u003ca href=\"https://github.com/sreekanth-db\"\u003e\u003ccode\u003e@​sreekanth-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#333\u003c/code\u003e\u003ca href=\"https://github.com/vikrantpuppala\"\u003e\u003ccode\u003e@​vikrantpuppala\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#325\u003c/code\u003e\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/326\"\u003e#326\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/362\"\u003e#362\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.13.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#318\u003c/code\u003e\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/319\"\u003edatabricks/databricks-sql-nodejs#319\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/320\"\u003edatabricks/databricks-sql-nodejs#320\u003c/a\u003e by \u003ca href=\"https://github.com/madhav-db\"\u003e\u003ccode\u003e@​madhav-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#312\u003c/code\u003e\u003ca href=\"https://github.com/shivam2680\"\u003e\u003ccode\u003e@​shivam2680\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#316\u003c/code\u003e\u003ca href=\"https://github.com/ikkala\"\u003e\u003ccode\u003e@​ikkala\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#324\u003c/code\u003e\u003ca href=\"https://github.com/samikshya-db\"\u003e\u003ccode\u003e@​samikshya-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#327\u003c/code\u003e\u003ca href=\"https://github.com/samikshya-db\"\u003e\u003ccode\u003e@​samikshya-db\u003c/code\u003e\u003c/a\u003e).\n\u003cstrong\u003eDefault change:\u003c/strong\u003e \u003ccode\u003etelemetryEnabled\u003c/code\u003e now defaults to \u003ccode\u003etrue\u003c/code\u003e (gated by a remote feature flag).\nTo opt out programmatically, pass \u003ccode\u003etelemetryEnabled: false\u003c/code\u003e to \u003ccode\u003econnect()\u003c/code\u003e.\nTo disable globally without code changes, set the environment variable\n\u003ccode\u003eDATABRICKS_TELEMETRY_DISABLED\u003c/code\u003e to one of \u003ccode\u003e1\u003c/code\u003e, \u003ccode\u003etrue\u003c/code\u003e, \u003ccode\u003eyes\u003c/code\u003e, or \u003ccode\u003eon\u003c/code\u003e\n(case-insensitive). Other values (empty, \u003ccode\u003e0\u003c/code\u003e, \u003ccode\u003efalse\u003c/code\u003e, etc.) are ignored\n— the runtime config takes precedence.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/commit/e200a1bc7de6d3ddf12aae2f6bccf4cd281e4fcb\"\u003e\u003ccode\u003ee200a1b\u003c/code\u003e\u003c/a\u003e prepare release 1.15.0 (\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/395\"\u003e#395\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/commit/61805a6f4f788206a97bb6467a08dce430cbf4e0\"\u003e\u003ccode\u003e61805a6\u003c/code\u003e\u003c/a\u003e fix: use valid SPDX license identifier in package.json (\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/commit/fab2288bc7efe8660868b02131969f6090975cba\"\u003e\u003ccode\u003efab2288\u003c/code\u003e\u003c/a\u003e [XTA-15079] Add SPOG ?o= routing support and fix final-flush auth on close (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/commit/7e04c7c403dd18436082b33cc237b49dd8f367da\"\u003e\u003ccode\u003e7e04c7c\u003c/code\u003e\u003c/a\u003e docs: telemetry user guide, design spec, and test summary (\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/364\"\u003e#364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/commit/5f1728a9d996817d542aeefe128ec36cd627bffd\"\u003e\u003ccode\u003e5f1728a\u003c/code\u003e\u003c/a\u003e [4/7] Telemetry Event Emission and Aggregation (\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/327\"\u003e#327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/commit/6a4a7c469a1e4ada96b8491f1e211e4cb203cbb3\"\u003e\u003ccode\u003e6a4a7c4\u003c/code\u003e\u003c/a\u003e Fix Azure AD OAuth: tenant-aware discovery URL + correct scope resource (\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/363\"\u003e#363\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/commit/f05f8a96b8920c752278ae9623eb6ebbe5b66b4e\"\u003e\u003ccode\u003ef05f8a9\u003c/code\u003e\u003c/a\u003e prepare release 1.14.0 (\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/371\"\u003e#371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/commit/c6676020d72f2547266d52ff420428b8ff144bcb\"\u003e\u003ccode\u003ec667602\u003c/code\u003e\u003c/a\u003e Statement level query tag in NodeJS connector (\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/commit/de440ef6586cd3abe4e216cd6693cd4eb5b26134\"\u003e\u003ccode\u003ede440ef\u003c/code\u003e\u003c/a\u003e [3/7] Telemetry Client Management: TelemetryClient and Provider (\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/326\"\u003e#326\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/commit/3a5e659f126fb3bfd0323159f0bf7c716487a593\"\u003e\u003ccode\u003e3a5e659\u003c/code\u003e\u003c/a\u003e fix: route telemetry HTTP through shared connection stack; fix close() flush ...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/compare/1.12.0...1.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​databricks/sql\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fastify/static` from 9.0.0 to 9.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: support wildcard prefixes with route params by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/576\"\u003efastify/fastify-static#576\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: resolve wildcard paths in encapsulated contexts by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/574\"\u003efastify/fastify-static#574\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6410 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\u003c/a\u003e.\nThis fixes CVE CVE-2026-6414 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/570\"\u003efastify/fastify-static#570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/552\"\u003efastify/fastify-static#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move ignoreTrailingSlash under routerOptions by \u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/543\"\u003efastify/fastify-static#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump pino and borp dependencies, delete stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update syntax typescript by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/558\"\u003efastify/fastify-static#558\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/560\"\u003efastify/fastify-static#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: sendFile ignoring option overrides in some cases by \u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade c8 to v11.0.0 and improvements test by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/564\"\u003efastify/fastify-static#564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/566\"\u003efastify/fastify-static#566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/880c1a6c9118c7ff7c74a5727e5697237183d5cf\"\u003e\u003ccode\u003e880c1a6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/7f92da5bf2366ccd2e0082e77d5222a7cb47d152\"\u003e\u003ccode\u003e7f92da5\u003c/code\u003e\u003c/a\u003e fix: support wildcard prefixes with route params (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/b0a66d5270a1ee1535e0c786d9beac2c7c7619c6\"\u003e\u003ccode\u003eb0a66d5\u003c/code\u003e\u003c/a\u003e Bumped v9.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/32af86372ab45d3799408d5b56fc7f7d3003e5de\"\u003e\u003ccode\u003e32af863\u003c/code\u003e\u003c/a\u003e fix: resolve wildcard paths in encapsulated contexts (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/48b136f5d8da0efea328f49f6202ab3edabf608b\"\u003e\u003ccode\u003e48b136f\u003c/code\u003e\u003c/a\u003e Bumped v9.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/cc7b7f7e00a5f028599ba17392b831afd0c651aa\"\u003e\u003ccode\u003ecc7b7f7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/9921faa7ffe4931f4bbd2d1a8b6d90e720081856\"\u003e\u003ccode\u003e9921faa\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/4183d2d8dd52b11c27f7adc22abb8d2531ad4a02\"\u003e\u003ccode\u003e4183d2d\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/a3a8cd6c7a5b0937d7ad939564991c284f09754a\"\u003e\u003ccode\u003ea3a8cd6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/8423c80016917b40a3e42c38fd55070a89d1b9b8\"\u003e\u003ccode\u003e8423c80\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@langchain/anthropic` from 1.3.15 to 1.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langchainjs/releases\"\u003e@​langchain/anthropic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/anthropic\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.4.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10777\"\u003e#10777\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/0cfcfc66897d8fafeb7e7ed90b7299eace9a7c37\"\u003e\u003ccode\u003e0cfcfc6\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/jonaslalin\"\u003e\u003ccode\u003e@​jonaslalin\u003c/code\u003e\u003c/a\u003e! - feat(anthropic): support strict tool calling for custom tools\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/anthropic\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.3.27\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10726\"\u003e#10726\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/ad153c185b6cf813d4b7695740d9a4453d2cb63f\"\u003e\u003ccode\u003ead153c1\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e! - feat(anthropic): add Claude Opus 4.7 compatibility updates\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/589f29ce844eb252c2d5e6b0f8d26de37763a0d7\"\u003e\u003ccode\u003e589f29c\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/2e9e6969e248a53ede0659a41d0ac8dbaf291ab4\"\u003e\u003ccode\u003e2e9e696\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​langchain/core\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.41\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/1b19e4f84d747b481879363b4884c20eb1c0f1a4\"\u003e\u003ccode\u003e1b19e4f\u003c/code\u003e\u003c/a\u003e chore: version packages (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10899\"\u003e#10899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/426e3aba21016d9ee070c3d130f74ae0047c9ce5\"\u003e\u003ccode\u003e426e3ab\u003c/code\u003e\u003c/a\u003e chore: fix uuid changeset (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10916\"\u003e#10916\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/245c98216ce4a6c4340954711a7ad60203283424\"\u003e\u003ccode\u003e245c982\u003c/code\u003e\u003c/a\u003e chore(deps): bump fast-xml-builder from 1.1.5 to 1.2.0 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10914\"\u003e#10914\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/126dac5a7a2fac5978448185893038ac8ea6d994\"\u003e\u003ccode\u003e126dac5\u003c/code\u003e\u003c/a\u003e chore(deps): bump brace-expansion from 5.0.5 to 5.0.6 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10912\"\u003e#10912\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/1abe24becdddce94c5bd2acfaf920b60a683f22b\"\u003e\u003ccode\u003e1abe24b\u003c/code\u003e\u003c/a\u003e chore(deps): bump fast-uri from 3.1.0 to 3.1.2 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10913\"\u003e#10913\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/229a7ad67b9a7ebd8df3ca451e0b8195bea0190e\"\u003e\u003ccode\u003e229a7ad\u003c/code\u003e\u003c/a\u003e fix(openai): preserve v1 assistant tool calls (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10902\"\u003e#10902\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/f26fc4a6f461d6d0f86d59bd00197ad510432c4a\"\u003e\u003ccode\u003ef26fc4a\u003c/code\u003e\u003c/a\u003e fix(core): share fakeModel invocation state across bindTools instances (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10901\"\u003e#10901\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/a0cd7477e59677c8d15e0e70b374afa0a2410582\"\u003e\u003ccode\u003ea0cd747\u003c/code\u003e\u003c/a\u003e chore(deps): bump fast-xml-builder from 1.1.5 to 1.1.9 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10910\"\u003e#10910\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/b208e625865fc7487876b652f479dbf854263e68\"\u003e\u003ccode\u003eb208e62\u003c/code\u003e\u003c/a\u003e chore(deps): bump ip-address from 10.1.0 to 10.2.0 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10909\"\u003e#10909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/f7e50fb8b98bd9969c0f5cf0967a06df15453453\"\u003e\u003ccode\u003ef7e50fb\u003c/code\u003e\u003c/a\u003e feat(google): Service tier and custom headers (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10704\"\u003e#10704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/langchain-ai/langchainjs/compare/@langchain/anthropic@1.3.15...@langchain/anthropic@1.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@langchain/core` from 1.1.19 to 1.1.48\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langchainjs/releases\"\u003e@​langchain/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/core\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.48\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10832\"\u003e#10832\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/1b24369a970ad6f56f1f428027f48601f87e62eb\"\u003e\u003ccode\u003e1b24369\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/info-arnav\"\u003e\u003ccode\u003e@​info-arnav\u003c/code\u003e\u003c/a\u003e! - fix(core, openrouter): make CJS default re-exports callable\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10666\"\u003e#10666\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/2bb55b053f49f89e81e3252a7af08e86d71ddd95\"\u003e\u003ccode\u003e2bb55b0\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hnustwjj\"\u003e\u003ccode\u003e@​hnustwjj\u003c/code\u003e\u003c/a\u003e! - feat(openrouter): surface reasoning content as v1 standard content blocks\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003econvertOpenRouterResponseToBaseMessage\u003c/code\u003e and\n\u003ccode\u003econvertOpenRouterDeltaToBaseMessageChunk\u003c/code\u003e now copy OpenRouter's\n\u003ccode\u003ereasoning\u003c/code\u003e (flat string) and \u003ccode\u003ereasoning_details\u003c/code\u003e (structured array) fields\nonto \u003ccode\u003eadditional_kwargs.reasoning_content\u003c/code\u003e / \u003ccode\u003eadditional_kwargs.reasoning_details\u003c/code\u003e.\nA new \u003ccode\u003eChatOpenRouterTranslator\u003c/code\u003e is registered in \u003ccode\u003e@langchain/core\u003c/code\u003e under\nthe \u003ccode\u003e\u0026quot;openrouter\u0026quot;\u003c/code\u003e provider key so \u003ccode\u003eAIMessage.contentBlocks\u003c/code\u003e emits standard\n\u003ccode\u003e{type: \u0026quot;reasoning\u0026quot;}\u003c/code\u003e blocks alongside text and tool calls.\u003c/p\u003e\n\u003cp\u003ePreviously, reasoning text returned by reasoning-capable models routed\nthrough OpenRouter (DeepSeek R1, Minimax M2, Claude extended thinking,\no-series, etc.) was silently dropped: only the \u003ccode\u003ereasoning_tokens\u003c/code\u003e count\nwas preserved via \u003ccode\u003eusage_metadata\u003c/code\u003e. Consumers using standard content blocks\n(including the frontend agent UI patterns shown in the docs) could not\ndisplay the model's chain of thought.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10918\"\u003e#10918\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/3999fab55870c6eea22d6d90c08aa472f9b2fac3\"\u003e\u003ccode\u003e3999fab\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/christian-bromann\"\u003e\u003ccode\u003e@​christian-bromann\u003c/code\u003e\u003c/a\u003e! - fix(openai): stream custom tool calls through Responses API chunks\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/core\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.47\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10906\"\u003e#10906\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/f61b3450f275831e47e69c08899b4a2b67b4bdb3\"\u003e\u003ccode\u003ef61b345\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e! - feat(core): add uuid v6 utility support\u003c/p\u003e\n\u003cp\u003eAdd \u003ccode\u003ev6\u003c/code\u003e UUID generation support to \u003ccode\u003e@langchain/core/utils/uuid\u003c/code\u003e by vendoring the upstream uuidjs \u003ccode\u003ev6\u003c/code\u003e implementation and its \u003ccode\u003ev1ToV6\u003c/code\u003e helper, exporting \u003ccode\u003ev6\u003c/code\u003e from the UUID utils index, and adding tests for deterministic generation, buffer/offset behavior, validation/versioning, and ordering.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10872\"\u003e#10872\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/a64007997a4940f51bba3c1c83dae89d1ccfb692\"\u003e\u003ccode\u003ea640079\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e! - chore(deps): remove redundant \u003ccode\u003e@​types/uuid\u003c/code\u003e declarations\u003c/p\u003e\n\u003cp\u003eRemove \u003ccode\u003e@types/uuid\u003c/code\u003e from package manifests that rely on \u003ccode\u003e@langchain/core/utils/uuid\u003c/code\u003e or do not require uuid type stubs directly, and refresh the lockfile entries accordingly.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10792\"\u003e#10792\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/3682268cd1844b2573b01f07bee367e21cb7bdc7\"\u003e\u003ccode\u003e3682268\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/Genmin\"\u003e\u003ccode\u003e@​Genmin\u003c/code\u003e\u003c/a\u003e! - fix(core): apply v1 message casting after implicit streaming aggregation\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10901\"\u003e#10901\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/f26fc4a6f461d6d0f86d59bd00197ad510432c4a\"\u003e\u003ccode\u003ef26fc4a\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/christian-bromann\"\u003e\u003ccode\u003e@​christian-bromann\u003c/code\u003e\u003c/a\u003e! - fix(testing): share fakeModel invocation state across bindTools instances\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/core\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.46\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10847\"\u003e#10847\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/1659e7d36e31e315c890fa98f43db887f7a2d52b\"\u003e\u003ccode\u003e1659e7d\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e! - chore(core): reduce transitive dependency exposure and tighten release hygiene\u003c/p\u003e\n\u003cp\u003eRemove direct runtime dependencies on \u003ccode\u003eansi-styles\u003c/code\u003e, \u003ccode\u003ecamelcase\u003c/code\u003e, and \u003ccode\u003edecamelize\u003c/code\u003e\nby inlining equivalent logic in core internals, and enable npm provenance in the\nrelease workflow.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10790\"\u003e#10790\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/ef78bc6a21f9a8808ba95c98db2023f0a6b51bcc\"\u003e\u003ccode\u003eef78bc6\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/Genmin\"\u003e\u003ccode\u003e@​Genmin\u003c/code\u003e\u003c/a\u003e! - fix(core): keep different content block types separate when merging chunks\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/...\n\n_Description has been truncated_","html_url":"https://github.com/srini-lingareddy-ext-ey/knecta/pull/21","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/srini-lingareddy-ext-ey%2Fknecta/issues/21","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/21/packages"},{"uuid":"4585962915","node_id":"PR_kwDOSwnLhs7iiPmI","number":6,"state":"closed","title":"chore(deps): bump the minor-and-patch group with 8 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-08T06:26:09.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-04T05:03:02.000Z","updated_at":"2026-06-08T06:26:11.000Z","time_to_close":350587,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"minor-and-patch","update_count":8,"packages":[{"name":"@fastify/static","old_version":"9.1.1","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"},{"name":"@playwright/test","old_version":"1.59.1","new_version":"1.60.0","repository_url":"https://github.com/microsoft/playwright"},{"name":"@types/node","old_version":"25.6.0","new_version":"25.9.1","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"@types/vscode","old_version":"1.116.0","new_version":"1.120.0","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"eslint","old_version":"10.2.0","new_version":"10.4.1","repository_url":"https://github.com/eslint/eslint"},{"name":"knip","old_version":"6.4.1","new_version":"6.15.0","repository_url":"https://github.com/webpro-nl/knip"},{"name":"tsx","old_version":"4.21.0","new_version":"4.22.4","repository_url":"https://github.com/privatenumber/tsx"},{"name":"typescript-eslint","old_version":"8.58.2","new_version":"8.60.1","repository_url":"https://github.com/typescript-eslint/typescript-eslint"}],"path":null,"ecosystem":"npm"},"body":"Bumps the minor-and-patch group with 8 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `9.1.1` | `9.1.3` |\n| [@playwright/test](https://github.com/microsoft/playwright) | `1.59.1` | `1.60.0` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.6.0` | `25.9.1` |\n| [@types/vscode](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/vscode) | `1.116.0` | `1.120.0` |\n| [eslint](https://github.com/eslint/eslint) | `10.2.0` | `10.4.1` |\n| [knip](https://github.com/webpro-nl/knip/tree/HEAD/packages/knip) | `6.4.1` | `6.15.0` |\n| [tsx](https://github.com/privatenumber/tsx) | `4.21.0` | `4.22.4` |\n| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.58.2` | `8.60.1` |\n\nUpdates `@fastify/static` from 9.1.1 to 9.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: support wildcard prefixes with route params by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/576\"\u003efastify/fastify-static#576\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: resolve wildcard paths in encapsulated contexts by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/574\"\u003efastify/fastify-static#574\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/880c1a6c9118c7ff7c74a5727e5697237183d5cf\"\u003e\u003ccode\u003e880c1a6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/7f92da5bf2366ccd2e0082e77d5222a7cb47d152\"\u003e\u003ccode\u003e7f92da5\u003c/code\u003e\u003c/a\u003e fix: support wildcard prefixes with route params (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/b0a66d5270a1ee1535e0c786d9beac2c7c7619c6\"\u003e\u003ccode\u003eb0a66d5\u003c/code\u003e\u003c/a\u003e Bumped v9.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/32af86372ab45d3799408d5b56fc7f7d3003e5de\"\u003e\u003ccode\u003e32af863\u003c/code\u003e\u003c/a\u003e fix: resolve wildcard paths in encapsulated contexts (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@playwright/test` from 1.59.1 to 1.60.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/microsoft/playwright/releases\"\u003e@​playwright/test's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.60.0\u003c/h2\u003e\n\u003ch2\u003e🌐 HAR recording on Tracing\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://playwright.dev/docs/api/class-tracing#tracing-start-har\"\u003etracing.startHar()\u003c/a\u003e / \u003ca href=\"https://playwright.dev/docs/api/class-tracing#tracing-stop-har\"\u003etracing.stopHar()\u003c/a\u003e expose HAR recording as a first-class tracing API, with the same \u003ccode\u003econtent\u003c/code\u003e, \u003ccode\u003emode\u003c/code\u003e and \u003ccode\u003eurlFilter\u003c/code\u003e options as \u003ccode\u003erecordHar\u003c/code\u003e. The returned \u003ca href=\"https://playwright.dev/docs/api/class-disposable\"\u003eDisposable\u003c/a\u003e makes it easy to scope a recording with \u003ccode\u003eawait using\u003c/code\u003e:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait using har = await context.tracing.startHar('trace.har');\r\nconst page = await context.newPage();\r\nawait page.goto('https://playwright.dev');\r\n// HAR is finalized when `har` goes out of scope.\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003e🪝 Drop API\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-locator#locator-drop\"\u003elocator.drop()\u003c/a\u003e simulates an external drag-and-drop of files or clipboard-like data onto an element. Playwright dispatches \u003ccode\u003edragenter\u003c/code\u003e, \u003ccode\u003edragover\u003c/code\u003e, and \u003ccode\u003edrop\u003c/code\u003e with a synthetic [DataTransfer] in the page context — works cross-browser and is great for testing upload zones:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait page.locator('#dropzone').drop({\r\n  files: { name: 'note.txt', mimeType: 'text/plain', buffer: Buffer.from('hello') },\r\n});\r\n\u003cp\u003eawait page.locator('#dropzone').drop({\ndata: {\n'text/plain': 'hello world',\n'text/uri-list': '\u003ca href=\"https://example.com\"\u003ehttps://example.com\u003c/a\u003e',\n},\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003ch2\u003e🎯 Aria snapshots\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://playwright.dev/docs/api/class-pageassertions#page-assertions-to-match-aria-snapshot\"\u003eexpect(page).toMatchAriaSnapshot()\u003c/a\u003e now works on a \u003ca href=\"https://playwright.dev/docs/api/class-page\"\u003ePage\u003c/a\u003e, in addition to a \u003ca href=\"https://playwright.dev/docs/api/class-locator\"\u003eLocator\u003c/a\u003e — equivalent to asserting against \u003ccode\u003epage.locator('body')\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eNew \u003ccode\u003eboxes\u003c/code\u003e option on \u003ca href=\"https://playwright.dev/docs/api/class-locator#locator-aria-snapshot\"\u003elocator.ariaSnapshot()\u003c/a\u003e / \u003ca href=\"https://playwright.dev/docs/api/class-page#page-aria-snapshot\"\u003epage.ariaSnapshot()\u003c/a\u003e appends each element's bounding box as \u003ccode\u003e[box=x,y,width,height]\u003c/code\u003e, useful for AI consumption.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🛑 test.abort()\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-test#test-abort\"\u003etest.abort()\u003c/a\u003e aborts the currently running test from a fixture, hook, or route handler with an optional message. Use it when you have detected an unrecoverable misuse and want to fail the test right away:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003etest('does not publish to the shared page', async ({ page }) =\u0026gt; {\r\n  await page.route('**/publish', route =\u0026gt; {\r\n    test.abort('Tests must not publish to the shared page. Use the `clone` option.');\r\n    return route.abort();\r\n  });\r\n  // ...\r\n});\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eNew APIs\u003c/h2\u003e\n\u003ch3\u003eBrowser, Context and Page\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/87bb9ddbd78f329df18c2b24847bc9409240cd07\"\u003e\u003ccode\u003e87bb9dd\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40747\"\u003e#40747\u003c/a\u003e): fix(yauzl): vendor yauzl with destroy-lifecycle fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9a9c51cb7d1b39fab51ca288e59f8ca38fd19910\"\u003e\u003ccode\u003e9a9c51c\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40733\"\u003e#40733\u003c/a\u003e): chore(electron): revert \u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40184\"\u003e#40184\u003c/a\u003e (move Electron API to a s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/4b3b628663031bcaaeca907e337892263524634d\"\u003e\u003ccode\u003e4b3b628\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40736\"\u003e#40736\u003c/a\u003e): Revert \u0026quot;feat(electron): add timeout option to electronAp...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/f869f96bbe6607cc3b88b4ca96fd82f17b301b50\"\u003e\u003ccode\u003ef869f96\u003c/code\u003e\u003c/a\u003e chore: bump version to v1.60.0 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40714\"\u003e#40714\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/7eb6918afadfb0dd5c7e94ca9ffbddd84d8fbb39\"\u003e\u003ccode\u003e7eb6918\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40710\"\u003e#40710\u003c/a\u003e): docs: release notes v1.60\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/118d2aa6076d82840decca15d96b48611b08e392\"\u003e\u003ccode\u003e118d2aa\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40693\"\u003e#40693\u003c/a\u003e): chore(python): formdata path type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/54012f5dcc586da2e5d6cccd75f13ca367b94579\"\u003e\u003ccode\u003e54012f5\u003c/code\u003e\u003c/a\u003e chore(deps): bump ip-address and express-rate-limit (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40680\"\u003e#40680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9fa531da5677a3807d6e1dccd22c5137339a44f7\"\u003e\u003ccode\u003e9fa531d\u003c/code\u003e\u003c/a\u003e fix(screencast): unblock frame ack when an async client disconnects (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40674\"\u003e#40674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/3649db560ff943e724185784d34f7db131a11961\"\u003e\u003ccode\u003e3649db5\u003c/code\u003e\u003c/a\u003e chore(mcp): bump default extension protocol to v2 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40678\"\u003e#40678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/bb6c00957f47ba04caad7fca75d426309a2d32d4\"\u003e\u003ccode\u003ebb6c009\u003c/code\u003e\u003c/a\u003e chore(extension): mark 0.2.1 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40679\"\u003e#40679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/playwright/compare/v1.59.1...v1.60.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 25.6.0 to 25.9.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/vscode` from 1.116.0 to 1.120.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/vscode\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eslint` from 10.2.0 to 10.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint/eslint/releases\"\u003eeslint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.4.1\u003c/h2\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e557467db7496220eebcbe2ac5ea6d38c12bb1ec\"\u003e\u003ccode\u003ee557467\u003c/code\u003e\u003c/a\u003e fix: update \u003ccode\u003e@eslint/plugin-kit\u003c/code\u003e version to 0.7.2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20930\"\u003e#20930\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d4ce898796ca22c3b96aa70d3014cb85f4bac1cd\"\u003e\u003ccode\u003ed4ce898\u003c/code\u003e\u003c/a\u003e fix: propagate failures from delegated commands (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20917\"\u003e#20917\u003c/a\u003e) (Minh Vu)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f4f3507460bc016b5be979c05d2969793f570cbf\"\u003e\u003ccode\u003ef4f3507\u003c/code\u003e\u003c/a\u003e fix: prefer-arrow-callback invalid autofix with newline after \u003ccode\u003easync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20916\"\u003e#20916\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c5bc78b37e08b9054a11f0cc2d81808bb24acb85\"\u003e\u003ccode\u003ec5bc78b\u003c/code\u003e\u003c/a\u003e fix: false positive for reference in \u003ccode\u003efinally\u003c/code\u003e block (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20655\"\u003e#20655\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/27538c01f5df4e9306f6f4ba867b2dd6307fae59\"\u003e\u003ccode\u003e27538c0\u003c/code\u003e\u003c/a\u003e fix: add missing CodePath and CodePathSegment types (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20853\"\u003e#20853\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/61b0add61ffc52665562be7bb96f526690a78b30\"\u003e\u003ccode\u003e61b0add\u003c/code\u003e\u003c/a\u003e docs: remove deprecated rule from related rules of \u003ccode\u003emax-params\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20921\"\u003e#20921\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/305d5b91aeac24d36fde42f75625a8f183d4ce43\"\u003e\u003ccode\u003e305d5b9\u003c/code\u003e\u003c/a\u003e docs: remove deprecated rules from related rules section (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20911\"\u003e#20911\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/49b0202d01918b8061720d586dffd7c68047090c\"\u003e\u003ccode\u003e49b0202\u003c/code\u003e\u003c/a\u003e docs: fix \u003ccode\u003edisplay: none\u003c/code\u003e of ad (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20901\"\u003e#20901\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/9067f9492ec998afc5b4f057a477ecf6ebd45e44\"\u003e\u003ccode\u003e9067f94\u003c/code\u003e\u003c/a\u003e docs: switch build to Node.js 24 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20893\"\u003e#20893\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c91b0417e3420c76807ce1fa2aea76e2de87ab86\"\u003e\u003ccode\u003ec91b041\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e349265cb37f3ebc837e178e48a725bb782bd870\"\u003e\u003ccode\u003ee349265\u003c/code\u003e\u003c/a\u003e docs: clarify semver strings in rule deprecation objects (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20885\"\u003e#20885\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b0e466b6ab47bfc7de43d8de0c315d8ee83aa584\"\u003e\u003ccode\u003eb0e466b\u003c/code\u003e\u003c/a\u003e test: add \u003ccode\u003edata\u003c/code\u003e property to invalid tests cases for rules (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20924\"\u003e#20924\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f78838bc4c86d487e1bcc7cede260c4467721c46\"\u003e\u003ccode\u003ef78838b\u003c/code\u003e\u003c/a\u003e test: add CodePath type coverage (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20904\"\u003e#20904\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1daa4bd734b79a62e317d0394394a6b38cff49f9\"\u003e\u003ccode\u003e1daa4bd\u003c/code\u003e\u003c/a\u003e chore: update \u003ccode\u003eeslint-plugin-eslint-comments\u003c/code\u003e test data to latest commit (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20922\"\u003e#20922\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/002942ce988ea28b78e0a2f3b074081e638b552c\"\u003e\u003ccode\u003e002942c\u003c/code\u003e\u003c/a\u003e ci: declare contents:read on update-readme workflow (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20919\"\u003e#20919\u003c/a\u003e) (Arpit Jain)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/64bca24e7bed35bc3c864fc625cb2d89eca87d5b\"\u003e\u003ccode\u003e64bca24\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20912\"\u003e#20912\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/6d7c832950d5e92499d88e504080661f888f8f56\"\u003e\u003ccode\u003e6d7c832\u003c/code\u003e\u003c/a\u003e chore: ignore fflate updates in renovate (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20908\"\u003e#20908\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b2c86382164d87c6203b78d52068cd6a2a6ffe30\"\u003e\u003ccode\u003eb2c8638\u003c/code\u003e\u003c/a\u003e ci: bump pnpm/action-setup from 6.0.7 to 6.0.8 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20889\"\u003e#20889\u003c/a\u003e) (dependabot[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/a9b8d7f74c50211701cfc49710fa541fd91b2aa5\"\u003e\u003ccode\u003ea9b8d7f\u003c/code\u003e\u003c/a\u003e chore: increase maxBuffer for ecosystem tests (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20881\"\u003e#20881\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b702ead5e1ed7cb9f28238a454797662efb37396\"\u003e\u003ccode\u003eb702ead\u003c/code\u003e\u003c/a\u003e chore: update ecosystem update PR settings (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20884\"\u003e#20884\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/507f60e9a78c9a902bc8759f066ae17a1ea6cd81\"\u003e\u003ccode\u003e507f60e\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20882\"\u003e#20882\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/92f5c5bb6bf3a5d167c8ee53a430833410295c6d\"\u003e\u003ccode\u003e92f5c5b\u003c/code\u003e\u003c/a\u003e test: add unit test for message-count (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20878\"\u003e#20878\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/df321080af5758b1fa25e4b9a40e26135642dd6e\"\u003e\u003ccode\u003edf32108\u003c/code\u003e\u003c/a\u003e chore: add \u003ccode\u003e@​eslint/markdown\u003c/code\u003e and typescript-eslint ecosystem tests (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20837\"\u003e#20837\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/327f91d36aa49f2a50ded931d841a16374fd875f\"\u003e\u003ccode\u003e327f91d\u003c/code\u003e\u003c/a\u003e chore: use includeIgnoreFile internally (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20876\"\u003e#20876\u003c/a\u003e) (Kirk Waiblinger)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f0dc4bd893fb3a9f44e4ddc3ad7063ffb0beacd3\"\u003e\u003ccode\u003ef0dc4bd\u003c/code\u003e\u003c/a\u003e chore: pin fflate@0.8.2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20877\"\u003e#20877\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/0f4bd257a67a082b756de746d9e0c4842ab764ca\"\u003e\u003ccode\u003e0f4bd25\u003c/code\u003e\u003c/a\u003e ci: run Discord alert for ecosystem test failures (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20873\"\u003e#20873\u003c/a\u003e) (Copilot)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.4.0\u003c/h2\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1a45ec596af1dd5f880e6874cb8f24dafb6a7ecf\"\u003e\u003ccode\u003e1a45ec5\u003c/code\u003e\u003c/a\u003e feat: check sequence expressions in \u003ccode\u003efor-direction\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20701\"\u003e#20701\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/450040bd89b989b3531824c6be45feb5fe3d936b\"\u003e\u003ccode\u003e450040b\u003c/code\u003e\u003c/a\u003e feat: add \u003ccode\u003eincludeIgnoreFile()\u003c/code\u003e to \u003ccode\u003eeslint/config\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20735\"\u003e#20735\u003c/a\u003e) (Kirk Waiblinger)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/544c0c3da589166ad8e5d634f35d3d06701c57be\"\u003e\u003ccode\u003e544c0c3\u003c/code\u003e\u003c/a\u003e fix: escape code path DOT labels in debug output (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20866\"\u003e#20866\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/6799431203f2579632d0870f98ba132067f4040c\"\u003e\u003ccode\u003e6799431\u003c/code\u003e\u003c/a\u003e fix: update dependency \u003ccode\u003e@​eslint/config-helpers\u003c/code\u003e to ^0.6.0 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20850\"\u003e#20850\u003c/a\u003e) (renovate[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f078fef5005dceb14fc162aab7c7200e027688dd\"\u003e\u003ccode\u003ef078fef\u003c/code\u003e\u003c/a\u003e fix: handle non-array deprecated rule replacements (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20825\"\u003e#20825\u003c/a\u003e) (xbinaryx)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/7e52a7151fb92eec0e0f67fe4e5ddbd1ccce796f\"\u003e\u003ccode\u003e7e52a71\u003c/code\u003e\u003c/a\u003e docs: add mention of \u003ccode\u003e@eslint-react/eslint-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20869\"\u003e#20869\u003c/a\u003e) (Pavel)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/db3468ba746407d7f286f18f7ea9db6df0e3bc08\"\u003e\u003ccode\u003edb3468b\u003c/code\u003e\u003c/a\u003e docs: tweak wording around ambiguous CJS-vs-ESM config (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20865\"\u003e#20865\u003c/a\u003e) (Kirk Waiblinger)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/90846643ec6e97d447ae0d831fabe6d17b0a998a\"\u003e\u003ccode\u003e9084664\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/9cc73875046e3c4b8313644cbb1e99e26b36bd3f\"\u003e\u003ccode\u003e9cc7387\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/3d7b5484407403817aa9071a394d336d8ea96eb5\"\u003e\u003ccode\u003e3d7b548\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/191ec3c0a3f94ce0f110df761f0b2b8949011ccb\"\u003e\u003ccode\u003e191ec3c\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/4a3d15a99c452c4db2fd56b577fa7597e98ab0c2\"\u003e\u003ccode\u003e4a3d15a\u003c/code\u003e\u003c/a\u003e 10.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/43e7e2bdc5c6cacc535446b7d23c10f780384ba8\"\u003e\u003ccode\u003e43e7e2b\u003c/code\u003e\u003c/a\u003e Build: changelog update for 10.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e557467db7496220eebcbe2ac5ea6d38c12bb1ec\"\u003e\u003ccode\u003ee557467\u003c/code\u003e\u003c/a\u003e fix: update \u003ccode\u003e@eslint/plugin-kit\u003c/code\u003e version to 0.7.2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20930\"\u003e#20930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b0e466b6ab47bfc7de43d8de0c315d8ee83aa584\"\u003e\u003ccode\u003eb0e466b\u003c/code\u003e\u003c/a\u003e test: add \u003ccode\u003edata\u003c/code\u003e property to invalid tests cases for rules (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20924\"\u003e#20924\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d4ce898796ca22c3b96aa70d3014cb85f4bac1cd\"\u003e\u003ccode\u003ed4ce898\u003c/code\u003e\u003c/a\u003e fix: propagate failures from delegated commands (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20917\"\u003e#20917\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f4f3507460bc016b5be979c05d2969793f570cbf\"\u003e\u003ccode\u003ef4f3507\u003c/code\u003e\u003c/a\u003e fix: prefer-arrow-callback invalid autofix with newline after \u003ccode\u003easync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20916\"\u003e#20916\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f78838bc4c86d487e1bcc7cede260c4467721c46\"\u003e\u003ccode\u003ef78838b\u003c/code\u003e\u003c/a\u003e test: add CodePath type coverage (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20904\"\u003e#20904\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/61b0add61ffc52665562be7bb96f526690a78b30\"\u003e\u003ccode\u003e61b0add\u003c/code\u003e\u003c/a\u003e docs: remove deprecated rule from related rules of \u003ccode\u003emax-params\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20921\"\u003e#20921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1daa4bd734b79a62e317d0394394a6b38cff49f9\"\u003e\u003ccode\u003e1daa4bd\u003c/code\u003e\u003c/a\u003e chore: update \u003ccode\u003eeslint-plugin-eslint-comments\u003c/code\u003e test data to latest commit (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20\"\u003e#20\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/002942ce988ea28b78e0a2f3b074081e638b552c\"\u003e\u003ccode\u003e002942c\u003c/code\u003e\u003c/a\u003e ci: declare contents:read on update-readme workflow (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20919\"\u003e#20919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eslint/eslint/compare/v10.2.0...v10.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `knip` from 6.4.1 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpro-nl/knip/releases\"\u003eknip's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease 6.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReport exported type used only in inferred-return function body (resolve \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1765\"\u003e#1765\u003c/a\u003e) (2413408753f7abc7a9dfdba520990afd18c53ee0)\u003c/li\u003e\n\u003cli\u003eWork that EXPORTS.md again (7e13451fab7ad85362fb63a4715ea450690aedef)\u003c/li\u003e\n\u003cli\u003eUpdate npmx ecosystem snapshot (dfc401145a880f156c66eb83ea1622a99540304a)\u003c/li\u003e\n\u003cli\u003eLink \u003ccode\u003edependencies\u003c/code\u003e key with notes (closes \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1764\"\u003e#1764\u003c/a\u003e) (e3e66cea9e946558940bf8705129efea3f23b3ba)\u003c/li\u003e\n\u003cli\u003eResolve tsconfig paths when loading plugin configs (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1762\"\u003e#1762\u003c/a\u003e) (0177c7466559e2ae99b5e1cd1e3a8043ca494edc) - thanks \u003ca href=\"https://github.com/jakeleventhal\"\u003e\u003ccode\u003e@​jakeleventhal\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eAvoid caching failed plugin config loads (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1768\"\u003e#1768\u003c/a\u003e) (5e201cde9b1ba2568ead2ae790ab888c966828ae) - thanks \u003ca href=\"https://github.com/jakeleventhal\"\u003e\u003ccode\u003e@​jakeleventhal\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eResolve extensionless .sass imports in SCSS compiler (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1770\"\u003e#1770\u003c/a\u003e) (30c22835383b2355787cc2a871b22de80ff75544) - thanks \u003ca href=\"https://github.com/sebacardello\"\u003e\u003ccode\u003e@​sebacardello\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003efix(vite): detect inline module script entry points in index.html (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1772\"\u003e#1772\u003c/a\u003e) (51f4eddc9e1b2fed1ba25e81fc596e9fb514ce01) - thanks \u003ca href=\"https://github.com/lucas-spin\"\u003e\u003ccode\u003e@​lucas-spin\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eHarden vite inline module script import detection (b8abcfd2f4f5486aea08a934514bc55de86be030)\u003c/li\u003e\n\u003cli\u003eUse RecordableHistogram for timerified function stats (d575c6905704af1b0b4620edd874fc09bc86ed28)\u003c/li\u003e\n\u003cli\u003eAdd orval plugin (resolves \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1751\"\u003e#1751\u003c/a\u003e) (4c82aa82c2a02fbda27a316389f210d11621f8cb)\u003c/li\u003e\n\u003cli\u003eAdd treatTagHintsAsErrors and --no-tag-hints (resolves \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1767\"\u003e#1767\u003c/a\u003e) (4b6a573e0c1e0daf65c76c32f7336ea71db6bb64)\u003c/li\u003e\n\u003cli\u003eAdd nano-spawn plugin (resolves \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1769\"\u003e#1769\u003c/a\u003e) (b2cad06dfd9958485537c5545c6c497fc8823ac3)\u003c/li\u003e\n\u003cli\u003eSimplify glob cache validation and ignore-list assembly (df1a9603a5ea8ed7bad9588bf13672cedf37c90e)\u003c/li\u003e\n\u003cli\u003eDedupe ignore-pattern collection and dependency fixing (d49b626ad6736d7123d44568ef8c42a3e1d28aa3)\u003c/li\u003e\n\u003cli\u003eSimplify installed-binaries collection in manifest metadata (55143941eebbc8dac12c79b77c1f65a8b61dfbef)\u003c/li\u003e\n\u003cli\u003eFlatten control flow in ConfigurationChief (010d5709b0f9a3adc5ebe6e7169b9f5c4f29abc5)\u003c/li\u003e\n\u003cli\u003eInline trivial installed-binaries and types-included accessors (b5afb9f29e3474eee4bf276c1de83cb0682a5663)\u003c/li\u003e\n\u003cli\u003eFormat (eb4b178d5d90a719cdc576d644766f8f95a47876)\u003c/li\u003e\n\u003cli\u003eReplace \u003ccode\u003e@​wdio/types\u003c/code\u003e dev dep with inline types (a3747d61ee0e594854e5da0ca6cb7597e0096b99)\u003c/li\u003e\n\u003cli\u003eBump dependencies (822ab3905cb7b5a216404231607a7820105930a2)\u003c/li\u003e\n\u003cli\u003eWork AGENTS.md, etcetera (361bd4803934a01e01b08170565f8374e4e49eb2)\u003c/li\u003e\n\u003cli\u003eRemove rootDirs workaround resolved by oxc-resolver 11.20.0 (e190a9fec22db41975cf9568a31970a05c86e66b)\u003c/li\u003e\n\u003cli\u003eAdd nuxt no-root-tsconfig fixture guarding alias resolution (e3e5bc94d5f7b6ffdbc89b18d7c8d5acbb5a9008)\u003c/li\u003e\n\u003cli\u003eAllow extra args for release-it (f9c59952fa2c8c4c13bd42edc0935610900d1980)\u003c/li\u003e\n\u003cli\u003eAdd \u003ca href=\"https://github.com/vercel\"\u003e\u003ccode\u003e@​vercel\u003c/code\u003e\u003c/a\u003e as platinum sponsor (c4c06a9149c986680f0d1aa74b57a46ff1f88601)\u003c/li\u003e\n\u003cli\u003eOverhaul \u0026amp; improve --trace functionailty (60df0b05f364c8d841c0f784a06bab2a3215a32f)\u003c/li\u003e\n\u003cli\u003eRe-gen plugins.md (0f9d044d312053154498a562e3a9422a4f44afe6)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 6.14.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix vscode-knip build: pin native oxc bindings to bundled JS version (1b45a4103312c9c059560ae2e1eac25d86b4e2ac)\u003c/li\u003e\n\u003cli\u003eRelease vscode-knip@2.1.5 (328892eb04e65b4702e1ef2303db3156b8f2e1a3)\u003c/li\u003e\n\u003cli\u003eFix Astro plugin to support both possible middleware entry points (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1749\"\u003e#1749\u003c/a\u003e) (33e0cc1a530a8cf5b6b05c8b3a3ca55f8fce8a75) - thanks \u003ca href=\"https://github.com/schmalz-dmi\"\u003e\u003ccode\u003e@​schmalz-dmi\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eFix LICENSE link (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1760\"\u003e#1760\u003c/a\u003e) (829620f9077ddea086a610c279c7c1250dd66e11) - thanks \u003ca href=\"https://github.com/vortispy\"\u003e\u003ccode\u003e@​vortispy\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eFix GraphQL Codegen script config dependencies (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1756\"\u003e#1756\u003c/a\u003e) (e841c6355e7eff240e74010bfd2be8bbb22ff2b6) - thanks \u003ca href=\"https://github.com/jakeleventhal\"\u003e\u003ccode\u003e@​jakeleventhal\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eSet pnpm config via env vars, disable verify-deps in ecosystem tests (53c12248cc3e79fd79f3efde691d463fc795c40f)\u003c/li\u003e\n\u003cli\u003eUpdate slonik ecosystem snapshot (f18410b34c8554364a9f003660bebae5e826de57)\u003c/li\u003e\n\u003cli\u003eFix Serverless TypeScript plugin dependencies (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1757\"\u003e#1757\u003c/a\u003e) (ebde7f8f3e3004db7f51fb5d60a0bdc2452116ef) - thanks \u003ca href=\"https://github.com/jakeleventhal\"\u003e\u003ccode\u003e@​jakeleventhal\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eFix extended tsconfig type dependency attribution (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1758\"\u003e#1758\u003c/a\u003e) (f600b09e562317a37844ed8cdf1b9b46e06c9405) - thanks \u003ca href=\"https://github.com/jakeleventhal\"\u003e\u003ccode\u003e@​jakeleventhal\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eFix Bun binary dependency tracking (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1759\"\u003e#1759\u003c/a\u003e) (1b289239f35ff2912195b7e39a96c667c54c1fc5) - thanks \u003ca href=\"https://github.com/jakeleventhal\"\u003e\u003ccode\u003e@​jakeleventhal\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eDetect Babel plugins/presets in Vite plugin options (resolve \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1761\"\u003e#1761\u003c/a\u003e) (2753d6910743a12a207fca81cb8325c00803963a)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 6.14.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDetect dynamic imports in Svelte compiler (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1747\"\u003e#1747\u003c/a\u003e) (e1c1b1705f96ed7d6ac537a7969cbd07d238246a) - thanks \u003ca href=\"https://github.com/jinhyuk9714\"\u003e\u003ccode\u003e@​jinhyuk9714\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eDetect dynamic import attributes; share import matcher with Astro-MDX (9dae64166bbc45be1abeb8d741127d109d48d351)\u003c/li\u003e\n\u003cli\u003eWork the docs (close \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1746\"\u003e#1746\u003c/a\u003e) (919cba2f11d1979b854c7abaaca8992ee8b08e23)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 6.14.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eResolve imports satisfied via transitive peerDeps (d654ec74d)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/3f3769e37b75e3d35e3713e8435735adc00df52b\"\u003e\u003ccode\u003e3f3769e\u003c/code\u003e\u003c/a\u003e Release knip@6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/60df0b05f364c8d841c0f784a06bab2a3215a32f\"\u003e\u003ccode\u003e60df0b0\u003c/code\u003e\u003c/a\u003e Overhaul \u0026amp; improve --trace functionailty\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/e3e5bc94d5f7b6ffdbc89b18d7c8d5acbb5a9008\"\u003e\u003ccode\u003ee3e5bc9\u003c/code\u003e\u003c/a\u003e Add nuxt no-root-tsconfig fixture guarding alias resolution\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/e190a9fec22db41975cf9568a31970a05c86e66b\"\u003e\u003ccode\u003ee190a9f\u003c/code\u003e\u003c/a\u003e Remove rootDirs workaround resolved by oxc-resolver 11.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/822ab3905cb7b5a216404231607a7820105930a2\"\u003e\u003ccode\u003e822ab39\u003c/code\u003e\u003c/a\u003e Bump dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/a3747d61ee0e594854e5da0ca6cb7597e0096b99\"\u003e\u003ccode\u003ea3747d6\u003c/code\u003e\u003c/a\u003e Replace \u003ccode\u003e@​wdio/types\u003c/code\u003e dev dep with inline types\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/eb4b178d5d90a719cdc576d644766f8f95a47876\"\u003e\u003ccode\u003eeb4b178\u003c/code\u003e\u003c/a\u003e Format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/b5afb9f29e3474eee4bf276c1de83cb0682a5663\"\u003e\u003ccode\u003eb5afb9f\u003c/code\u003e\u003c/a\u003e Inline trivial installed-binaries and types-included accessors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/010d5709b0f9a3adc5ebe6e7169b9f5c4f29abc5\"\u003e\u003ccode\u003e010d570\u003c/code\u003e\u003c/a\u003e Flatten control flow in ConfigurationChief\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/55143941eebbc8dac12c79b77c1f65a8b61dfbef\"\u003e\u003ccode\u003e5514394\u003c/code\u003e\u003c/a\u003e Simplify installed-binaries collection in manifest metadata\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/webpro-nl/knip/commits/knip@6.15.0/packages/knip\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tsx` from 4.21.0 to 4.22.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/privatenumber/tsx/releases\"\u003etsx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.22.3...v4.22.4\"\u003e4.22.4\u003c/a\u003e (2026-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eresolve CommonJS directory requires inside dependencies (\u003ca href=\"https://redirect.github.com/privatenumber/tsx/issues/803\"\u003e#803\u003c/a\u003e) (\u003ca href=\"https://github.com/privatenumber/tsx/commit/1ce846335b7c445a3328c7d27f06424949356d97\"\u003e1ce8463\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eThis release is also available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/tsx/v/4.22.4\"\u003e\u003ccode\u003enpm package (@​latest dist-tag)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.22.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.22.2...v4.22.3\"\u003e4.22.3\u003c/a\u003e (2026-05-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edecode typed loader source (\u003ca href=\"https://github.com/privatenumber/tsx/commit/dce02fc3b8b64a58d24560714902b16f89332f1f\"\u003edce02fc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epreserve entrypoint with TypeScript preload hooks (\u003ca href=\"https://github.com/privatenumber/tsx/commit/68f72f3304d8c3ff7048bde8571af9c163fcefa2\"\u003e68f72f3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eThis release is also available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/tsx/v/4.22.3\"\u003e\u003ccode\u003enpm package (@​latest dist-tag)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.22.1...v4.22.2\"\u003e4.22.2\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epreserve CJS JSON require in ESM hooks (\u003ca href=\"https://github.com/privatenumber/tsx/commit/35b700bd8620696df03827068af29dcd0d091a60\"\u003e35b700b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epreserve named exports from CommonJS TypeScript (\u003ca href=\"https://github.com/privatenumber/tsx/commit/11de737dae1fb9dae28db3716df5b1a7e1a6a089\"\u003e11de737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport module.exports require(esm) interop (\u003ca href=\"https://github.com/privatenumber/tsx/commit/cf8f19918e4e0a0dc5ee5c52d8cc15e5e22d7c49\"\u003ecf8f199\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eThis release is also available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/tsx/v/4.22.2\"\u003e\u003ccode\u003enpm package (@​latest dist-tag)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.22.0...v4.22.1\"\u003e4.22.1\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eresolve tsconfig path aliases containing a colon (\u003ca href=\"https://redirect.github.com/privatenumber/tsx/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/privatenumber/tsx/commit/6979f28810829dc79ec9baf406e162a18b65ab4b\"\u003e6979f28\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eThis release is also available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/tsx/v/4.22.1\"\u003e\u003ccode\u003enpm package (@​latest dist-tag)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/1ce846335b7c445a3328c7d27f06424949356d97\"\u003e\u003ccode\u003e1ce8463\u003c/code\u003e\u003c/a\u003e fix: resolve CommonJS directory requires inside dependencies (\u003ca href=\"https://redirect.github.com/privatenumber/tsx/issues/803\"\u003e#803\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/dce02fc3b8b64a58d24560714902b16f89332f1f\"\u003e\u003ccode\u003edce02fc\u003c/code\u003e\u003c/a\u003e fix: decode typed loader source\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/68f72f3304d8c3ff7048bde8571af9c163fcefa2\"\u003e\u003ccode\u003e68f72f3\u003c/code\u003e\u003c/a\u003e fix: preserve entrypoint with TypeScript preload hooks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/69455cfefbfe71100a3c58d3ce7cea42445d9113\"\u003e\u003ccode\u003e69455cf\u003c/code\u003e\u003c/a\u003e test: cover package exports for ambiguous ESM reexports\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/35b700bd8620696df03827068af29dcd0d091a60\"\u003e\u003ccode\u003e35b700b\u003c/code\u003e\u003c/a\u003e fix: preserve CJS JSON require in ESM hooks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/ef807dba6832260fb4cafd78d81f5469a733966b\"\u003e\u003ccode\u003eef807db\u003c/code\u003e\u003c/a\u003e chore: update testing dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/3917090d4f61863ea6ea16e4a9a3722a112cc3f7\"\u003e\u003ccode\u003e3917090\u003c/code\u003e\u003c/a\u003e test: document compatibility test taxonomy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/de8113ffa8edbcd4e05fa218324c3e8c2a4afdbe\"\u003e\u003ccode\u003ede8113f\u003c/code\u003e\u003c/a\u003e refactor: centralize Node capability facts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/c1f62db45ada60b24ceb3dfdf7f64173d9a15396\"\u003e\u003ccode\u003ec1f62db\u003c/code\u003e\u003c/a\u003e test: consolidate tsconfig path edge coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/4e08174ec10276ac71c9a69eb28426ad702d0c76\"\u003e\u003ccode\u003e4e08174\u003c/code\u003e\u003c/a\u003e test: consolidate loader hook coverage\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.21.0...v4.22.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for tsx since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `typescript-eslint` from 8.58.2 to 8.60.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases\"\u003etypescript-eslint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.60.1\u003c/h2\u003e\n\u003ch2\u003e8.60.1 (2026-06-01)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eeslint-plugin:\u003c/strong\u003e respect ECMAScript line terminators in ts-comment rules (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12352\"\u003e#12352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eeslint-plugin:\u003c/strong\u003e [no-shadow] correct rule to match ESLint v10 handling (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12182\"\u003e#12182\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elumir\u003c/li\u003e\n\u003cli\u003eNevette Bailey \u003ca href=\"https://github.com/nevette-bailey\"\u003e\u003ccode\u003e@​nevette-bailey\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.1\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003ev8.60.0\u003c/h2\u003e\n\u003ch2\u003e8.60.0 (2026-05-25)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erule-tester:\u003c/strong\u003e added updates of RuleTester from upstream (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12291\"\u003e#12291\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eplayground TS version selector is not working (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12326\"\u003e#12326\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/issues/12325\"\u003e#12325\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEvyatar Daud \u003ca href=\"https://github.com/StyleShit\"\u003e\u003ccode\u003e@​StyleShit\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eVinccool96\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003ev8.59.4\u003c/h2\u003e\n\u003ch2\u003e8.59.4 (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eeslint-plugin:\u003c/strong\u003e [no-floating-promises] stack overflow when using recursive types (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12294\"\u003e#12294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eproject-service:\u003c/strong\u003e throw error cause in \u003ccode\u003egetParsedConfigFileFromTSServer\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12321\"\u003e#12321\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypescript-eslint:\u003c/strong\u003e export Compatible* types from typescript-eslint to resolve pnpm TS error (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12340\"\u003e#12340\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEvyatar Daud \u003ca href=\"https://github.com/StyleShit\"\u003e\u003ccode\u003e@​StyleShit\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md\"\u003etypescript-eslint's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.60.1 (2026-06-01)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.1\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.60.0 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.59.4 (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript-eslint:\u003c/strong\u003e export Compatible* types from typescript-eslint to resolve pnpm TS error (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12340\"\u003e#12340\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.4\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.59.3 (2026-05-11)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.3\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.59.2 (2026-05-04)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.2\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.59.1 (2026-04-27)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/4f84a697aedc436559c3ae09b5b357d98b448d68\"\u003e\u003ccode\u003e4f84a69\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.60.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/1849b530c254fb4f89d7270160f3a998e4acd964\"\u003e\u003ccode\u003e1849b53\u003c/code\u003e\u003c/a\u003e chore: typecheck using tsgo (\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/12139\"\u003e#12139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/f891c29de5f3e23f3d8c59cc599d3196e54e9b58\"\u003e\u003ccode\u003ef891c29\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.60.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/ca6ca1431b6d18235297a7e29feb5d98f012dff2\"\u003e\u003ccode\u003eca6ca14\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/4b927c607755b2648d5854b9e928c1dbb2b8e088\"\u003e\u003ccode\u003e4b927c6\u003c/code\u003e\u003c/a\u003e fix(typescript-eslint): export Compatible* types from typescript-eslint to re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/48e13c0261e3cb1bf4f4dfaa462cdb3a56ef7383\"\u003e\u003ccode\u003e48e13c0\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/44f9625336841a8ee3eb01a9e02e49b1d7b12648\"\u003e\u003ccode\u003e44f9625\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4.1.5 (\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/12307\"\u003e#12307\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/2ec35f1760aade4df4c631d76d78c7ed5e136333\"\u003e\u003ccode\u003e2ec35f1\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/52457932e5507b5ca01e720a541f3f8d01e09b9d\"\u003e\u003ccode\u003e5245793\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/ea9ae4f8817873480e3501145059f63e39e8d8a1\"\u003e\u003ccode\u003eea9ae4f\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commits/v8.60.1/packages/typescript-eslint\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/jason2071/sample-pixel-agents/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/jason2071%2Fsample-pixel-agents/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"4568198156","node_id":"PR_kwDORKyzps7hnykU","number":252,"state":"open","title":"chore(deps): bump the production-dependencies group with 5 updates","user":"dependabot[bot]","labels":[],"assignees":["berntpopp"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-02T03:39:39.000Z","updated_at":"2026-06-02T03:39:40.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"production-dependencies","update_count":5,"packages":[{"name":"@fastify/static","old_version":"9.1.1","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"},{"name":"plotly.js-basic-dist-min","old_version":"3.5.1","new_version":"3.6.0","repository_url":"https://github.com/plotly/plotly.js"},{"name":"stream-json","old_version":"3.1.0","new_version":"3.3.0","repository_url":"https://github.com/uhop/stream-json"},{"name":"vue-router","old_version":"5.0.7","new_version":"5.1.0","repository_url":"https://github.com/vuejs/router"},{"name":"vuetify","old_version":"4.0.7","new_version":"4.0.8","repository_url":"https://github.com/vuetifyjs/vuetify"}],"path":null,"ecosystem":"npm"},"body":"Bumps the production-dependencies group with 5 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `9.1.1` | `9.1.3` |\n| [plotly.js-basic-dist-min](https://github.com/plotly/plotly.js) | `3.5.1` | `3.6.0` |\n| [stream-json](https://github.com/uhop/stream-json) | `3.1.0` | `3.3.0` |\n| [vue-router](https://github.com/vuejs/router) | `5.0.7` | `5.1.0` |\n| [vuetify](https://github.com/vuetifyjs/vuetify/tree/HEAD/packages/vuetify) | `4.0.7` | `4.0.8` |\n\nUpdates `@fastify/static` from 9.1.1 to 9.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: support wildcard prefixes with route params by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/576\"\u003efastify/fastify-static#576\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: resolve wildcard paths in encapsulated contexts by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/574\"\u003efastify/fastify-static#574\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/880c1a6c9118c7ff7c74a5727e5697237183d5cf\"\u003e\u003ccode\u003e880c1a6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/7f92da5bf2366ccd2e0082e77d5222a7cb47d152\"\u003e\u003ccode\u003e7f92da5\u003c/code\u003e\u003c/a\u003e fix: support wildcard prefixes with route params (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/b0a66d5270a1ee1535e0c786d9beac2c7c7619c6\"\u003e\u003ccode\u003eb0a66d5\u003c/code\u003e\u003c/a\u003e Bumped v9.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/32af86372ab45d3799408d5b56fc7f7d3003e5de\"\u003e\u003ccode\u003e32af863\u003c/code\u003e\u003c/a\u003e fix: resolve wildcard paths in encapsulated contexts (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `plotly.js-basic-dist-min` from 3.5.1 to 3.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/plotly/plotly.js/releases\"\u003eplotly.js-basic-dist-min's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.6.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for arrays for the pie property \u003ccode\u003elegendrank\u003c/code\u003e, so that it can be configured per slice [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7723\"\u003e#7723\u003c/a\u003e], with thanks to \u003ca href=\"https://github.com/my-tien\"\u003e\u003ccode\u003e@​my-tien\u003c/code\u003e\u003c/a\u003e for the contribution!\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ehoversort\u003c/code\u003e layout attribute to sort unified hover label items by value [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7734\"\u003e#7734\u003c/a\u003e], with thanks to \u003ca href=\"https://github.com/kimsehwan96\"\u003e\u003ccode\u003e@​kimsehwan96\u003c/code\u003e\u003c/a\u003e for the contribution!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix unexpected \u003ccode\u003eticklabelindex\u003c/code\u003e behavior when minor ticks are not shown [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7735\"\u003e#7735\u003c/a\u003e], with thanks to \u003ca href=\"https://github.com/my-tien\"\u003e\u003ccode\u003e@​my-tien\u003c/code\u003e\u003c/a\u003e for the contribution!\u003c/li\u003e\n\u003cli\u003eFix issue where \u003ccode\u003ehoveranywhere\u003c/code\u003e / \u003ccode\u003eclickanywhere\u003c/code\u003e would not emit hover and click events over editable shapes [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7788\"\u003e#7788\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eHandle 'pixel' size mode for shape labels [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7790\"\u003e#7790\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate box plot defaults to fix issue with calling \u003ccode\u003ePlotly.react\u003c/code\u003e to switch from box to violin plot [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7811\"\u003e#7811\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eInclude shapes with \u003ccode\u003elegendgroup\u003c/code\u003e specified when handling legend visibility toggling [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7813\"\u003e#7813\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/plotly/plotly.js/compare/v3.5.1...v3.6.0\"\u003ehttps://github.com/plotly/plotly.js/compare/v3.5.1...v3.6.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/plotly/plotly.js/blob/master/CHANGELOG.md\"\u003eplotly.js-basic-dist-min's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.6.0] -- 2026-06-01\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for arrays for the pie property \u003ccode\u003elegendrank\u003c/code\u003e, so that it can be configured per slice [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7723\"\u003e#7723\u003c/a\u003e], with thanks to \u003ca href=\"https://github.com/my-tien\"\u003e\u003ccode\u003e@​my-tien\u003c/code\u003e\u003c/a\u003e for the contribution!\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ehoversort\u003c/code\u003e layout attribute to sort unified hover label items by value [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7734\"\u003e#7734\u003c/a\u003e], with thanks to \u003ca href=\"https://github.com/kimsehwan96\"\u003e\u003ccode\u003e@​kimsehwan96\u003c/code\u003e\u003c/a\u003e for the contribution!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix unexpected \u003ccode\u003eticklabelindex\u003c/code\u003e behavior when minor ticks are not shown [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7735\"\u003e#7735\u003c/a\u003e], with thanks to \u003ca href=\"https://github.com/my-tien\"\u003e\u003ccode\u003e@​my-tien\u003c/code\u003e\u003c/a\u003e for the contribution!\u003c/li\u003e\n\u003cli\u003eFix issue where \u003ccode\u003ehoveranywhere\u003c/code\u003e / \u003ccode\u003eclickanywhere\u003c/code\u003e would not emit hover and click events over editable shapes [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7788\"\u003e#7788\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eHandle 'pixel' size mode for shape labels [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7790\"\u003e#7790\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate box plot defaults to fix issue with calling \u003ccode\u003ePlotly.react\u003c/code\u003e to switch from box to violin plot [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7811\"\u003e#7811\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eInclude shapes with \u003ccode\u003elegendgroup\u003c/code\u003e specified when handling legend visibility toggling [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7813\"\u003e#7813\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/plotly.js/commit/ca26165100b7a76624dd2333e0f5189bfa7f6636\"\u003e\u003ccode\u003eca26165\u003c/code\u003e\u003c/a\u003e 3.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/plotly.js/commit/966b223ae4754e4fff28c4dc4d9306bab34195bc\"\u003e\u003ccode\u003e966b223\u003c/code\u003e\u003c/a\u003e updates for release v3.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/plotly.js/commit/067ce36d2bb5d9f7b598e00756876ec0827e48ce\"\u003e\u003ccode\u003e067ce36\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/plotly.js/issues/7814\"\u003e#7814\u003c/a\u003e from plotly/fix-typo-in-upload-dev-build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/plotly.js/commit/856b506998635edf41112dfc38eb7b4597f8983b\"\u003e\u003ccode\u003e856b506\u003c/code\u003e\u003c/a\u003e Fix typo in property name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/plotly.js/commit/21ce92bbc564ebdd2bcd22cc1643293586ec5b2e\"\u003e\u003ccode\u003e21ce92b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/plotly.js/issues/7811\"\u003e#7811\u003c/a\u003e from plotly/cam/7791/box-to-violin-plot-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/plotly.js/commit/dbefbad33a3abb8278f2fc980c3ba8c1403f364c\"\u003e\u003ccode\u003edbefbad\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/plotly.js/issues/7813\"\u003e#7813\u003c/a\u003e from plotly/cam/6771/fix-legendgroup-toggling-shapes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/plotly.js/commit/76296e8820a3ea2df49c1753c42aafc6a955a08e\"\u003e\u003ccode\u003e76296e8\u003c/code\u003e\u003c/a\u003e Add draftlog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/plotly.js/commit/c1b147f0c134d4b2808d9c92b737027480052247\"\u003e\u003ccode\u003ec1b147f\u003c/code\u003e\u003c/a\u003e Add test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/plotly.js/commit/1a08754e6596df00030e9723cabc705d300056ac\"\u003e\u003ccode\u003e1a08754\u003c/code\u003e\u003c/a\u003e Include shapes with legendgroup when handling legend click\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/plotly.js/commit/61b81860b4ee1ac1c5c2361ff2477b69fcd50eb3\"\u003e\u003ccode\u003e61b8186\u003c/code\u003e\u003c/a\u003e Linting/formatting\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/plotly/plotly.js/compare/v3.5.1...v3.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `stream-json` from 3.1.0 to 3.3.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uhop/stream-json/commit/64bebf86f3c4979bde4e81394f6ca60afe37dea5\"\u003e\u003ccode\u003e64bebf8\u003c/code\u003e\u003c/a\u003e Updated deps.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uhop/stream-json/commit/21bf254b41721d9f7aa208ccd67de898eeee2889\"\u003e\u003ccode\u003e21bf254\u003c/code\u003e\u003c/a\u003e New version: 3.3.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uhop/stream-json/commit/59ab722661a7f94a820c5f03a660f3e53f282c3c\"\u003e\u003ccode\u003e59ab722\u003c/code\u003e\u003c/a\u003e JSONC parser emits comma and stringer can consume it.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uhop/stream-json/commit/01e1390fe65c9b7f9a227b1b91d2f72ff97ef899\"\u003e\u003ccode\u003e01e1390\u003c/code\u003e\u003c/a\u003e Added \u003ccode\u003etrailingComma\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uhop/stream-json/commit/00b34eabae657e0d08d7e5f31788962c780fc686\"\u003e\u003ccode\u003e00b34ea\u003c/code\u003e\u003c/a\u003e Cleaned up JSONL.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uhop/stream-json/commit/2da75f5f87faf2004f0630daeafc6d3bd1e37ee0\"\u003e\u003ccode\u003e2da75f5\u003c/code\u003e\u003c/a\u003e Delegated JSONL to \u003ccode\u003estream-chain\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uhop/stream-json/commit/9d9b2a4c244292197c9ca52ebe0c8c7b421f3a5c\"\u003e\u003ccode\u003e9d9b2a4\u003c/code\u003e\u003c/a\u003e Added file adapters.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uhop/stream-json/commit/edd0b85f2d5b2a42d4445de789330ec206831792\"\u003e\u003ccode\u003eedd0b85\u003c/code\u003e\u003c/a\u003e Switched to char parsing for comments.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uhop/stream-json/commit/09c435f8dfc6483dedcc295ce0e4a26165aa02e1\"\u003e\u003ccode\u003e09c435f\u003c/code\u003e\u003c/a\u003e Updated docs.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uhop/stream-json/commit/d51498b257c6ec4e98784f50b6d73c847ce67c12\"\u003e\u003ccode\u003ed51498b\u003c/code\u003e\u003c/a\u003e Fixed stringer export.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uhop/stream-json/compare/3.1.0...3.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vue-router` from 5.0.7 to 5.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vuejs/router/releases\"\u003evue-router's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.1.0\u003c/h2\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTyped definePage params.path  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vuejs/router/issues/2716\"\u003evuejs/router#2716\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/d65de749\"\u003e\u003c!-- raw HTML omitted --\u003e(d65de)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStrict type for definePage param default  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/0ae10cdd\"\u003e\u003c!-- raw HTML omitted --\u003e(0ae10)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport raw param parsers  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/eadec558\"\u003e\u003c!-- raw HTML omitted --\u003e(eadec)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eForce array type raw param parsers  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/7a68b87c\"\u003e\u003c!-- raw HTML omitted --\u003e(7a68b)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow overriding the global Router type  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/1cd93b33\"\u003e\u003c!-- raw HTML omitted --\u003e(1cd93)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEmit runtime warning for invalid format in query params  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/8259a09c\"\u003e\u003c!-- raw HTML omitted --\u003e(8259a)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOverride useRouter() return with experimental types config  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/39a344f7\"\u003e\u003c!-- raw HTML omitted --\u003e(39a34)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow string as a param parser for convenience  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/be37b798\"\u003e\u003c!-- raw HTML omitted --\u003e(be37b)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix auto import fixes and make experimental esm only  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/db3a6b37\"\u003e\u003c!-- raw HTML omitted --\u003e(db3a6)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeterministic param parser types order  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/bf0fc9b6\"\u003e\u003c!-- raw HTML omitted --\u003e(bf0fc)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid importing unused param parsers  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/41c00e7c\"\u003e\u003c!-- raw HTML omitted --\u003e(41c00)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFilter invalid query params without failing to match  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/db7178a5\"\u003e\u003c!-- raw HTML omitted --\u003e(db717)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDetect not set format  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/aa89e2ee\"\u003e\u003c!-- raw HTML omitted --\u003e(aa89e)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow undefined values for params in query  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/4726e2b6\"\u003e\u003c!-- raw HTML omitted --\u003e(4726e)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eexperimental\u003c/strong\u003e: Repeatable params in subsegments  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/846640e4\"\u003e\u003c!-- raw HTML omitted --\u003e(84664)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes\u003c/strong\u003e: Add vite as optional peer dependency  -  by \u003ca href=\"https://github.com/ForgottenR\"\u003e\u003ccode\u003e@​ForgottenR\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eshihuijie\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vuejs/router/issues/2712\"\u003evuejs/router#2712\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/facbf6b1\"\u003e\u003c!-- raw HTML omitted --\u003e(facbf)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vuejs/router/compare/v5.0.7...v5.1.0\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/router/commit/c0e3226dabccd7596b996ce851386997ea2d3cca\"\u003e\u003ccode\u003ec0e3226\u003c/code\u003e\u003c/a\u003e release: vue-router@5.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/router/commit/9ca76720bb7189dbfda1f2cf6255b876517d121c\"\u003e\u003ccode\u003e9ca7672\u003c/code\u003e\u003c/a\u003e chore: fix playgroundc usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/router/commit/315cc09e6779615434186272503aba71684f7bc4\"\u003e\u003ccode\u003e315cc09\u003c/code\u003e\u003c/a\u003e refactor(experimental): remove defineQueryParamParser and definePathParamParser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/router/commit/7fa42f455d5fb660b7035722bd9ee373b590cbfb\"\u003e\u003ccode\u003e7fa42f4\u003c/code\u003e\u003c/a\u003e docs: fix gen and dead links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/router/commit/1b3a0683cbe7d95b5aadaea3b19a435c70489c53\"\u003e\u003ccode\u003e1b3a068\u003c/code\u003e\u003c/a\u003e refactor: organize imports and exports add back Router\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/router/commit/665be2dda8e770a7e9a2136c9692cf80519ab133\"\u003e\u003ccode\u003e665be2d\u003c/code\u003e\u003c/a\u003e docs: links update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/router/commit/5d79bd2b9c18db12f87d83e41c014efc10e617c9\"\u003e\u003ccode\u003e5d79bd2\u003c/code\u003e\u003c/a\u003e chore: unused param\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/router/commit/9ccf3d1758ee53eabe781ceabb46287f645ffa18\"\u003e\u003ccode\u003e9ccf3d1\u003c/code\u003e\u003c/a\u003e docs: experimental\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/router/commit/eee8ac6c6aee19b05910ae4147faae122869b186\"\u003e\u003ccode\u003eeee8ac6\u003c/code\u003e\u003c/a\u003e chore: playground param parsers testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/router/commit/0194b85b7275ee172024baed3da6fb180a1bda2b\"\u003e\u003ccode\u003e0194b85\u003c/code\u003e\u003c/a\u003e build: build before test:types\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vuejs/router/compare/v5.0.7...v5.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vuetify` from 4.0.7 to 4.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vuetifyjs/vuetify/releases\"\u003evuetify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.8\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!CAUTION]\nVuetify Needs Your Support! The OpenCollective funds dried up. We are currently \u003cstrong\u003eunable to compensate our contributors\u003c/strong\u003e for their continued work on the framework and the ecosystem tools.\u003c/p\u003e\n\u003cp\u003eIf Vuetify is part of your stack, please consider sponsoring the project so we can continue delivering updates and fixes.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ca href=\"https://opencollective.com/vuetify\"\u003eSponsor via Open Collective\u003c/a\u003e\u003c/strong\u003e | \u003cstrong\u003e\u003ca href=\"https://github.com/sponsors/johnleider\"\u003eSponsor via GitHub\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eWhat happens when you open source project depends on unpaid labor:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ereleases appear less frequently\u003c/li\u003e\n\u003cli\u003ehard bugs get sidelined because nobody can afford the time to fix them\u003c/li\u003e\n\u003cli\u003emaintainers burn out from juggling day jobs with the framework you depend on\u003c/li\u003e\n\u003cli\u003eroadmap targets are moved\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eEvery contribution helps us keep Vuetify alive and ship exciting new features.\u003c/p\u003e\n\u003cp\u003eThank you.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003chr /\u003e\n\u003ch3\u003e:wrench: Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etheme:\u003c/strong\u003e support transparent hex color for CSS variables (\u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22875\"\u003e#22875\u003c/a\u003e) (\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/a986920876beb7f0c8e90f1b44848b942fe535e4\"\u003ea986920\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22865\"\u003e#22865\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eVAutocomplete/VCombobox:\u003c/strong\u003e click in empty space should not close menu (\u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22754\"\u003e#22754\u003c/a\u003e) (\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/d8b16d4f793a813baabdceaf6171750d940bdf06\"\u003ed8b16d4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eVBtnToggle:\u003c/strong\u003e restore active overlay when no color is set (\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/70804c2955d1beca7af60b9c001492d432fc6c51\"\u003e70804c2\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22856\"\u003e#22856\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eVOverlay:\u003c/strong\u003e restore focus without preventing Enter keydown (\u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22276\"\u003e#22276\u003c/a\u003e) (\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/f4d376ddc9542a50fb6c32c1867536e431d92927\"\u003ef4d376d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/19872\"\u003e#19872\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22387\"\u003e#22387\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eVOverlay:\u003c/strong\u003e pull focus to trap when it biefly escapes (\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/5d52b80a0378c017a8f8215abf1eeb96fef0f470\"\u003e5d52b80\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22322\"\u003e#22322\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eVSelect/VAutocomplete/VCombobox:\u003c/strong\u003e keep menu open when scrolling (\u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22877\"\u003e#22877\u003c/a\u003e) (\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/300af6dd811ad78ebe51821284aae5fd4f5ea66b\"\u003e300af6d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22850\"\u003e#22850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eVSwitch:\u003c/strong\u003e suppress user-agent styles to avoid click dead-zone (\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/3e16cc04c01764921371e2eab41cf84e8cd7af99\"\u003e3e16cc0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e:fire: Performance Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eVForm:\u003c/strong\u003e avoid eager .value reads in default slot props (\u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22846\"\u003e#22846\u003c/a\u003e) (\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/43696084b969fa884a2f3b6f6f8797703293343f\"\u003e4369608\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22816\"\u003e#22816\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/fe43accf33123984d7afca86369cbc2048e604da\"\u003e\u003ccode\u003efe43acc\u003c/code\u003e\u003c/a\u003e chore(release): publish v4.0.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/b16628512cf52b6bf492bd14be2e604b2dcc18e1\"\u003e\u003ccode\u003eb166285\u003c/code\u003e\u003c/a\u003e chore(VCombobox): fix flaky test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/300af6dd811ad78ebe51821284aae5fd4f5ea66b\"\u003e\u003ccode\u003e300af6d\u003c/code\u003e\u003c/a\u003e fix(VSelect/VAutocomplete/VCombobox): keep menu open when scrolling (\u003ca href=\"https://github.com/vuetifyjs/vuetify/tree/HEAD/packages/vuetify/issues/22877\"\u003e#22877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/d8b16d4f793a813baabdceaf6171750d940bdf06\"\u003e\u003ccode\u003ed8b16d4\u003c/code\u003e\u003c/a\u003e fix(VAutocomplete/VCombobox): click in empty space should not close menu (\u003ca href=\"https://github.com/vuetifyjs/vuetify/tree/HEAD/packages/vuetify/issues/22\"\u003e#22\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/f4d376ddc9542a50fb6c32c1867536e431d92927\"\u003e\u003ccode\u003ef4d376d\u003c/code\u003e\u003c/a\u003e fix(VOverlay): restore focus without preventing Enter keydown (\u003ca href=\"https://github.com/vuetifyjs/vuetify/tree/HEAD/packages/vuetify/issues/22276\"\u003e#22276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/a986920876beb7f0c8e90f1b44848b942fe535e4\"\u003e\u003ccode\u003ea986920\u003c/code\u003e\u003c/a\u003e fix(theme): support transparent hex color for CSS variables (\u003ca href=\"https://github.com/vuetifyjs/vuetify/tree/HEAD/packages/vuetify/issues/22875\"\u003e#22875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/43696084b969fa884a2f3b6f6f8797703293343f\"\u003e\u003ccode\u003e4369608\u003c/code\u003e\u003c/a\u003e perf(VForm): avoid eager .value reads in default slot props (\u003ca href=\"https://github.com/vuetifyjs/vuetify/tree/HEAD/packages/vuetify/issues/22846\"\u003e#22846\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/3e16cc04c01764921371e2eab41cf84e8cd7af99\"\u003e\u003ccode\u003e3e16cc0\u003c/code\u003e\u003c/a\u003e fix(VSwitch): suppress user-agent styles to avoid click dead-zone\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/5d52b80a0378c017a8f8215abf1eeb96fef0f470\"\u003e\u003ccode\u003e5d52b80\u003c/code\u003e\u003c/a\u003e fix(VOverlay): pull focus to trap when it biefly escapes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/70804c2955d1beca7af60b9c001492d432fc6c51\"\u003e\u003ccode\u003e70804c2\u003c/code\u003e\u003c/a\u003e fix(VBtnToggle): restore active overlay when no color is set\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vuetifyjs/vuetify/commits/v4.0.8/packages/vuetify\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/berntpopp/VarLens/pull/252","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/berntpopp%2FVarLens/issues/252","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/252/packages"},{"uuid":"4544297545","node_id":"PR_kwDORu7QIs7gblj9","number":773,"state":"open","title":"chore(deps): bump @fastify/static from 8.3.0 to 9.1.1","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-28T22:37:47.000Z","updated_at":"2026-05-29T04:00:14.913Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"@fastify/static","old_version":"8.3.0","new_version":"9.1.1","repository_url":"https://github.com/fastify/fastify-static"}],"path":null,"ecosystem":"npm"},"body":"Bumps [@fastify/static](https://github.com/fastify/fastify-static) from 8.3.0 to 9.1.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6410 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\u003c/a\u003e.\nThis fixes CVE CVE-2026-6414 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/570\"\u003efastify/fastify-static#570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/552\"\u003efastify/fastify-static#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move ignoreTrailingSlash under routerOptions by \u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/543\"\u003efastify/fastify-static#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump pino and borp dependencies, delete stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update syntax typescript by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/558\"\u003efastify/fastify-static#558\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/560\"\u003efastify/fastify-static#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: sendFile ignoring option overrides in some cases by \u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade c8 to v11.0.0 and improvements test by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/564\"\u003efastify/fastify-static#564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/566\"\u003efastify/fastify-static#566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump content-disposition from 0.5.4 to 1.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/547\"\u003efastify/fastify-static#547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate glob@13 by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/550\"\u003efastify/fastify-static#550\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/48b136f5d8da0efea328f49f6202ab3edabf608b\"\u003e\u003ccode\u003e48b136f\u003c/code\u003e\u003c/a\u003e Bumped v9.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/cc7b7f7e00a5f028599ba17392b831afd0c651aa\"\u003e\u003ccode\u003ecc7b7f7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/9921faa7ffe4931f4bbd2d1a8b6d90e720081856\"\u003e\u003ccode\u003e9921faa\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/4183d2d8dd52b11c27f7adc22abb8d2531ad4a02\"\u003e\u003ccode\u003e4183d2d\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/a3a8cd6c7a5b0937d7ad939564991c284f09754a\"\u003e\u003ccode\u003ea3a8cd6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/8423c80016917b40a3e42c38fd55070a89d1b9b8\"\u003e\u003ccode\u003e8423c80\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/475dce148995ac754a8cb344bad63c8cbd6517d2\"\u003e\u003ccode\u003e475dce1\u003c/code\u003e\u003c/a\u003e chore: upgrade c8 to v11.0.0 and improvements test (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/3ff0f39b94da96f42a88ed57c554abc8381806c3\"\u003e\u003ccode\u003e3ff0f39\u003c/code\u003e\u003c/a\u003e fix: sendFile ignoring option overrides in some cases (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/559\"\u003e#559\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/663baa7da61ff69115995baf59efba6396d814a8\"\u003e\u003ccode\u003e663baa7\u003c/code\u003e\u003c/a\u003e chore(license): standardise license notice (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/560\"\u003e#560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/51bb66e88667850ff5e8f4e9a27ebbf8c5b7bbad\"\u003e\u003ccode\u003e51bb66e\u003c/code\u003e\u003c/a\u003e chore: update syntax typescript (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.3.0...v9.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@fastify/static\u0026package-manager=npm_and_yarn\u0026previous-version=8.3.0\u0026new-version=9.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/josephfung/curia/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/josephfung/curia/pull/773","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/josephfung%2Fcuria/issues/773","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/773/packages"},{"uuid":"4506421245","node_id":"PR_kwDOSlZRTs7eiQTf","number":6,"state":"closed","title":"deps(server): bump @fastify/static from 8.3.0 to 9.1.1 in /server","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-23T03:54:11.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-23T01:36:10.000Z","updated_at":"2026-05-23T03:54:13.000Z","time_to_close":8281,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(server)","packages":[{"name":"@fastify/static","old_version":"8.3.0","new_version":"9.1.1","repository_url":"https://github.com/fastify/fastify-static"}],"path":"/server","ecosystem":"npm"},"body":"Bumps [@fastify/static](https://github.com/fastify/fastify-static) from 8.3.0 to 9.1.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6410 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\u003c/a\u003e.\nThis fixes CVE CVE-2026-6414 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/570\"\u003efastify/fastify-static#570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/552\"\u003efastify/fastify-static#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move ignoreTrailingSlash under routerOptions by \u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/543\"\u003efastify/fastify-static#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump pino and borp dependencies, delete stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update syntax typescript by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/558\"\u003efastify/fastify-static#558\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/560\"\u003efastify/fastify-static#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: sendFile ignoring option overrides in some cases by \u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade c8 to v11.0.0 and improvements test by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/564\"\u003efastify/fastify-static#564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/566\"\u003efastify/fastify-static#566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump content-disposition from 0.5.4 to 1.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/547\"\u003efastify/fastify-static#547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate glob@13 by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/550\"\u003efastify/fastify-static#550\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/48b136f5d8da0efea328f49f6202ab3edabf608b\"\u003e\u003ccode\u003e48b136f\u003c/code\u003e\u003c/a\u003e Bumped v9.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/cc7b7f7e00a5f028599ba17392b831afd0c651aa\"\u003e\u003ccode\u003ecc7b7f7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/9921faa7ffe4931f4bbd2d1a8b6d90e720081856\"\u003e\u003ccode\u003e9921faa\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/4183d2d8dd52b11c27f7adc22abb8d2531ad4a02\"\u003e\u003ccode\u003e4183d2d\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/a3a8cd6c7a5b0937d7ad939564991c284f09754a\"\u003e\u003ccode\u003ea3a8cd6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/8423c80016917b40a3e42c38fd55070a89d1b9b8\"\u003e\u003ccode\u003e8423c80\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/475dce148995ac754a8cb344bad63c8cbd6517d2\"\u003e\u003ccode\u003e475dce1\u003c/code\u003e\u003c/a\u003e chore: upgrade c8 to v11.0.0 and improvements test (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/3ff0f39b94da96f42a88ed57c554abc8381806c3\"\u003e\u003ccode\u003e3ff0f39\u003c/code\u003e\u003c/a\u003e fix: sendFile ignoring option overrides in some cases (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/559\"\u003e#559\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/663baa7da61ff69115995baf59efba6396d814a8\"\u003e\u003ccode\u003e663baa7\u003c/code\u003e\u003c/a\u003e chore(license): standardise license notice (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/560\"\u003e#560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/51bb66e88667850ff5e8f4e9a27ebbf8c5b7bbad\"\u003e\u003ccode\u003e51bb66e\u003c/code\u003e\u003c/a\u003e chore: update syntax typescript (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.3.0...v9.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@fastify/static\u0026package-manager=npm_and_yarn\u0026previous-version=8.3.0\u0026new-version=9.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/tesseractAZ/ecoflow-panel/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/tesseractAZ/ecoflow-panel/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/tesseractAZ%2Fecoflow-panel/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"4498947752","node_id":"PR_kwDONiT-TM7eKI6p","number":1,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 27 updates","user":"dependabot[bot]","labels":["dependencies","javascript","packages/backend","packages/frontend"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-22T01:05:34.000Z","updated_at":"2026-05-22T01:07:50.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":27,"packages":[{"name":"vite","old_version":"7.2.2","new_version":"7.3.2","repository_url":"https://github.com/vitejs/vite"},{"name":"@fastify/express","old_version":"4.0.2","new_version":"4.0.5","repository_url":"https://github.com/fastify/fastify-express"},{"name":"@fastify/static","old_version":"8.3.0","new_version":"9.1.1","repository_url":"https://github.com/fastify/fastify-static"},{"name":"@nestjs/core","old_version":"11.1.9","new_version":"11.1.18","repository_url":"https://github.com/nestjs/nest"},{"name":"fastify","old_version":"5.6.2","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"},{"name":"file-type","old_version":"21.1.1","new_version":"21.3.2","repository_url":"https://github.com/sindresorhus/file-type"},{"name":"happy-dom","old_version":"20.0.10","new_version":"20.8.9","repository_url":"https://github.com/capricorn86/happy-dom"},{"name":"jsrsasign","old_version":"11.1.0","new_version":"11.1.1","repository_url":"https://github.com/kjur/jsrsasign"},{"name":"nodemailer","old_version":"7.0.10","new_version":"8.0.5","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"postcss","old_version":"8.5.6","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"rollup","old_version":"4.53.3","new_version":"4.59.0","repository_url":"https://github.com/rollup/rollup"},{"name":"systeminformation","old_version":"5.27.11","new_version":"5.31.6","repository_url":"https://github.com/sebhildebrandt/systeminformation"},{"name":"tar","old_version":"7.5.2","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"uuid","old_version":"13.0.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"ws","old_version":"8.18.3","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"@xmldom/xmldom","old_version":"0.9.8","new_version":"0.9.10","repository_url":"https://github.com/xmldom/xmldom"},{"name":"axios","old_version":"0.24.0","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"fast-uri","old_version":"3.1.0","new_version":"3.1.2","repository_url":"https://github.com/fastify/fast-uri"},{"name":"fast-xml-parser","old_version":"4.5.3","new_version":"5.2.5","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.15.11","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"immutable","old_version":"5.1.4","new_version":"5.1.5","repository_url":"https://github.com/immutable-js/immutable-js"},{"name":"ip-address","old_version":"9.0.5","new_version":"10.2.0","repository_url":"https://github.com/beaugunderson/ip-address"},{"name":"picomatch","old_version":"2.3.1","new_version":"4.0.4","repository_url":"https://github.com/micromatch/picomatch"},{"name":"svgo","old_version":"4.0.0","new_version":"4.0.1","repository_url":"https://github.com/svg/svgo"},{"name":"undici","old_version":"5.29.0","new_version":"7.25.0","repository_url":"https://github.com/nodejs/undici"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 3 updates in the /scripts/changelog-checker directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite), [rollup](https://github.com/rollup/rollup) and [picomatch](https://github.com/micromatch/picomatch).\nBumps the npm_and_yarn group with 26 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `7.2.2` | `7.3.2` |\n| [@fastify/express](https://github.com/fastify/fastify-express) | `4.0.2` | `4.0.5` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.3.0` | `9.1.1` |\n| [@nestjs/core](https://github.com/nestjs/nest/tree/HEAD/packages/core) | `11.1.9` | `11.1.18` |\n| [fastify](https://github.com/fastify/fastify) | `5.6.2` | `5.8.5` |\n| [file-type](https://github.com/sindresorhus/file-type) | `21.1.1` | `21.3.2` |\n| [happy-dom](https://github.com/capricorn86/happy-dom) | `20.0.10` | `20.8.9` |\n| [jsrsasign](https://github.com/kjur/jsrsasign) | `11.1.0` | `11.1.1` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `7.0.10` | `8.0.5` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.6` | `8.5.10` |\n| [rollup](https://github.com/rollup/rollup) | `4.53.3` | `4.59.0` |\n| [systeminformation](https://github.com/sebhildebrandt/systeminformation) | `5.27.11` | `5.31.6` |\n| [tar](https://github.com/isaacs/node-tar) | `7.5.2` | `7.5.11` |\n| [uuid](https://github.com/uuidjs/uuid) | `13.0.0` | `14.0.0` |\n| [ws](https://github.com/websockets/ws) | `8.18.3` | `8.20.1` |\n| [@xmldom/xmldom](https://github.com/xmldom/xmldom) | `0.9.8` | `0.9.10` |\n| [axios](https://github.com/axios/axios) | `0.24.0` | `1.16.1` |\n| [fast-uri](https://github.com/fastify/fast-uri) | `3.1.0` | `3.1.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.3` | `5.2.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.11` | `1.16.0` |\n| [immutable](https://github.com/immutable-js/immutable-js) | `5.1.4` | `5.1.5` |\n| [ip-address](https://github.com/beaugunderson/ip-address) | `9.0.5` | `10.2.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `4.0.4` |\n| [svgo](https://github.com/svg/svgo) | `4.0.0` | `4.0.1` |\n| [undici](https://github.com/nodejs/undici) | `5.29.0` | `7.25.0` |\n\n\nUpdates `vite` from 7.2.2 to 7.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.3\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.3/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.3.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.3.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.1/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.3.0\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.0/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.2.7\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.2.6\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.2.6/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.2.5\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.2.5/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eNote: 7.2.5 failed to publish so it is skipped on npm\u003c/em\u003e\u003c/p\u003e\n\u003ch2\u003ev7.2.4\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.2.4/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.2.3\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.2.3/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.3/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.2...v7.3.3\"\u003e7.3.3\u003c/a\u003e (2026-05-07)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid destructure lowering for newer safari (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22346\"\u003e#22346\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/5ab51c0f76f0896175e02ad797c1f5fe116d02f4\"\u003e5ab51c0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.1...v7.3.2\"\u003e7.3.2\u003c/a\u003e (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e09d8c90\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebackport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22162\"\u003e#22162\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e19db0f2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echeck \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22160\"\u003e#22160\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003ef8103cc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.0...v7.3.1\"\u003e7.3.1\u003c/a\u003e (2026-01-07)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eignoreOutdatedRequests\u003c/code\u003e option to \u003ccode\u003eoptimizeDeps\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21364\"\u003e#21364\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/9d39d373a7b4e0a93322b70b9dbeb202af06af3e\"\u003e9d39d37\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.2.7...v7.3.0\"\u003e7.3.0\u003c/a\u003e (2025-12-15)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update esbuild from ^0.25.0 to ^0.27.0 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21183\"\u003e#21183\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/cff26ec0fc13373d7125a5eac6cb01fe63fee4b1\"\u003ecff26ec\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.2.6...v7.2.7\"\u003e7.2.7\u003c/a\u003e (2025-12-08)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eplugin shortcut support (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21211\"\u003e#21211\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/721f16343d9555ae8fc71a2e5354b22e12ff0dc3\"\u003e721f163\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.2.5...v7.2.6\"\u003e7.2.6\u003c/a\u003e (2025-12-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.2.4...v7.2.5\"\u003e7.2.5\u003c/a\u003e (2025-12-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003econfig:\u003c/strong\u003e handle shebang properly (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21158\"\u003e#21158\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/df5a30d2690a2ebc4824a79becdcef30538dc602\"\u003edf5a30d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update all non-major dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21146\"\u003e#21146\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/a3cd262f37228967e455617e982b35fccc49ffe9\"\u003ea3cd262\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update all non-major dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21175\"\u003e#21175\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/72e398a46d8d2f54fbcbeb9ff0dceab346aeb642\"\u003e72e398a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix \u003ccode\u003eexternal: true\u003c/code\u003e merging (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21164\"\u003e#21164\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/5ef557a96c4a1f2b3a3aa25c12df3ee87b4a03f5\"\u003e5ef557a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eshortcuts not rebound after server restart (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21166\"\u003e#21166\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/3765f7baea36234bf3816eeed38776d27bfd3649\"\u003e3765f7b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e replace debug with obug (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21137\"\u003e#21137\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/203a5512a42a1031f685993f5d9cbae5f328354f\"\u003e203a551\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclarify manifest.json \u003ccode\u003eimports\u003c/code\u003e field is JS chunks only (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21136\"\u003e#21136\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/46d3077f2b63771cc50230bc907c48f5773c00fb\"\u003e46d3077\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update rolldown-related dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21174\"\u003e#21174\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/74559c947483a8ee24da052ac2d9568f7cb3546a\"\u003e74559c9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.2.3...v7.2.4\"\u003e7.2.4\u003c/a\u003e (2025-11-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca31424cccb075c88131132b929a63527d0e2b69\"\u003e\u003ccode\u003eca31424\u003c/code\u003e\u003c/a\u003e release: v7.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/5ab51c0f76f0896175e02ad797c1f5fe116d02f4\"\u003e\u003ccode\u003e5ab51c0\u003c/code\u003e\u003c/a\u003e fix: avoid destructure lowering for newer safari (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22346\"\u003e#22346\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cc383e07b66d4c5a9768fcb570e0af812cb8d999\"\u003e\u003ccode\u003ecc383e0\u003c/code\u003e\u003c/a\u003e release: v7.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e\u003ccode\u003e09d8c90\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003e\u003ccode\u003ef8103cc\u003c/code\u003e\u003c/a\u003e fix: check \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22160\"\u003e#22160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e\u003ccode\u003e19db0f2\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22162\"\u003e#22162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/95e8923f35d0252c9f6eb2d5e358c084542706f1\"\u003e\u003ccode\u003e95e8923\u003c/code\u003e\u003c/a\u003e release: v7.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/9d39d373a7b4e0a93322b70b9dbeb202af06af3e\"\u003e\u003ccode\u003e9d39d37\u003c/code\u003e\u003c/a\u003e feat: add \u003ccode\u003eignoreOutdatedRequests\u003c/code\u003e option to \u003ccode\u003eoptimizeDeps\u003c/code\u003e (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21364\"\u003e#21364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/acf7e05eaeb18e98f5e19e2d3e648950726f20d1\"\u003e\u003ccode\u003eacf7e05\u003c/code\u003e\u003c/a\u003e release: v7.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cff26ec0fc13373d7125a5eac6cb01fe63fee4b1\"\u003e\u003ccode\u003ecff26ec\u003c/code\u003e\u003c/a\u003e feat(deps): update esbuild from ^0.25.0 to ^0.27.0 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21183\"\u003e#21183\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v7.3.3/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rollup` from 4.53.3 to 4.60.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/releases\"\u003erollup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.60.4\u003c/h2\u003e\n\u003ch2\u003e4.60.4\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-05-14\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImprove stability of chunk hashes (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6362\"\u003e#6362\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6362\"\u003e#6362\u003c/a\u003e: fix: stabilize chunk assignment across parallel file reads (\u003ca href=\"https://github.com/sonukapoor\"\u003e\u003ccode\u003e@​sonukapoor\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/Sonu\"\u003e\u003ccode\u003e@​Sonu\u003c/code\u003e\u003c/a\u003e Kapoor, \u003ca href=\"https://github.com/TrickyPi\"\u003e\u003ccode\u003e@​TrickyPi\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6370\"\u003e#6370\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6371\"\u003e#6371\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6372\"\u003e#6372\u003c/a\u003e: chore(deps): update react monorepo to v19 (major) (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6373\"\u003e#6373\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6375\"\u003e#6375\u003c/a\u003e: Resolve vulnerabilities (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.60.2\u003c/h2\u003e\n\u003ch2\u003e4.60.2\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-04-18\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eResolve a variable rendering bug when generating different formats from the same build (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6350\"\u003e#6350\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6327\"\u003e#6327\u003c/a\u003e: docs: fix various typos in source and documentation (\u003ca href=\"https://github.com/Abhi3975\"\u003e\u003ccode\u003e@​Abhi3975\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6331\"\u003e#6331\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6332\"\u003e#6332\u003c/a\u003e: chore(deps): update codecov/codecov-action action to v6 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6333\"\u003e#6333\u003c/a\u003e: chore(deps): update dependency eslint-plugin-unicorn to v64 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6334\"\u003e#6334\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v51 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6335\"\u003e#6335\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6346\"\u003e#6346\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6347\"\u003e#6347\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6348\"\u003e#6348\u003c/a\u003e: fix(deps): update swc monorepo (major) (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6349\"\u003e#6349\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6350\"\u003e#6350\u003c/a\u003e: fix: reset variable render names between outputs in the same generate (\u003ca href=\"https://github.com/barry3406\"\u003e\u003ccode\u003e@​barry3406\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6351\"\u003e#6351\u003c/a\u003e: chore(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6352\"\u003e#6352\u003c/a\u003e: chore(deps): update cross-platform-actions/action action to v1 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6353\"\u003e#6353\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6354\"\u003e#6354\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6355\"\u003e#6355\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6356\"\u003e#6356\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6358\"\u003e#6358\u003c/a\u003e: chore: remove cross-env from devDeps (\u003ca href=\"https://github.com/K-tecchan\"\u003e\u003ccode\u003e@​K-tecchan\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.60.1\u003c/h2\u003e\n\u003ch2\u003e4.60.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/blob/master/CHANGELOG.md\"\u003erollup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.60.4\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-05-14\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImprove stability of chunk hashes (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6362\"\u003e#6362\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6362\"\u003e#6362\u003c/a\u003e: fix: stabilize chunk assignment across parallel file reads (\u003ca href=\"https://github.com/sonukapoor\"\u003e\u003ccode\u003e@​sonukapoor\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/Sonu\"\u003e\u003ccode\u003e@​Sonu\u003c/code\u003e\u003c/a\u003e Kapoor, \u003ca href=\"https://github.com/TrickyPi\"\u003e\u003ccode\u003e@​TrickyPi\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6370\"\u003e#6370\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6371\"\u003e#6371\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6372\"\u003e#6372\u003c/a\u003e: chore(deps): update react monorepo to v19 (major) (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6373\"\u003e#6373\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6375\"\u003e#6375\u003c/a\u003e: Resolve vulnerabilities (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.60.3\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-05-04\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure nested \u0026quot;exports\u0026quot; variables are not renamed (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6360\"\u003e#6360\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6360\"\u003e#6360\u003c/a\u003e: fix: do not rename nested \u0026quot;exports\u0026quot; bindings that do not conflict (\u003ca href=\"https://github.com/tariqrafique\"\u003e\u003ccode\u003e@​tariqrafique\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6364\"\u003e#6364\u003c/a\u003e: chore(deps): update msys2/setup-msys2 digest to e989830 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6365\"\u003e#6365\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6366\"\u003e#6366\u003c/a\u003e: fix(deps): update swc monorepo (major) (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6367\"\u003e#6367\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6368\"\u003e#6368\u003c/a\u003e: docs: add missing backticks in \u003ccode\u003eplugin-development\u003c/code\u003e (\u003ca href=\"https://github.com/lumirlumir\"\u003e\u003ccode\u003e@​lumirlumir\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.60.2\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-04-18\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eResolve a variable rendering bug when generating different formats from the same build (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6350\"\u003e#6350\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6327\"\u003e#6327\u003c/a\u003e: docs: fix various typos in source and documentation (\u003ca href=\"https://github.com/Abhi3975\"\u003e\u003ccode\u003e@​Abhi3975\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6331\"\u003e#6331\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6332\"\u003e#6332\u003c/a\u003e: chore(deps): update codecov/codecov-action action to v6 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6333\"\u003e#6333\u003c/a\u003e: chore(deps): update dependency eslint-plugin-unicorn to v64 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6334\"\u003e#6334\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v51 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6335\"\u003e#6335\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/d311a84b0bb4d4a6f50d19ffd2c29cca28660c88\"\u003e\u003ccode\u003ed311a84\u003c/code\u003e\u003c/a\u003e 4.60.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/6aa324854482e273b711972955d2d1b3bb445bcc\"\u003e\u003ccode\u003e6aa3248\u003c/code\u003e\u003c/a\u003e fix: stabilize chunk assignment across parallel file reads (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6362\"\u003e#6362\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/82a0fe76b1372a2cf509fc4067d69f25569b83f5\"\u003e\u003ccode\u003e82a0fe7\u003c/code\u003e\u003c/a\u003e Resolve vulnerabilities (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6375\"\u003e#6375\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/71f5ebc893d7ff76b5571d63b04ea2ed4a4ddd9d\"\u003e\u003ccode\u003e71f5ebc\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6371\"\u003e#6371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/af91d778cdf564dd1ae1bfd6e92604ec031824a7\"\u003e\u003ccode\u003eaf91d77\u003c/code\u003e\u003c/a\u003e chore(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6373\"\u003e#6373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/65e7b94ddda9f02334fa8f12ff6bf699c1f07833\"\u003e\u003ccode\u003e65e7b94\u003c/code\u003e\u003c/a\u003e chore(deps): update react monorepo to v19 (major) (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6372\"\u003e#6372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/642587f3d9c5b4aa482a5027672f0fa8ea76da12\"\u003e\u003ccode\u003e642587f\u003c/code\u003e\u003c/a\u003e fix(deps): update minor/patch updates (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6370\"\u003e#6370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/b47bdabeccbb7aa1b1d4117f2f4a781a9f6de297\"\u003e\u003ccode\u003eb47bdab\u003c/code\u003e\u003c/a\u003e 4.60.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/15c5f33083c8c6b1b2cbae548124fffbba2553bb\"\u003e\u003ccode\u003e15c5f33\u003c/code\u003e\u003c/a\u003e Add again some unneeded dev dependencies, to make some builds succeed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/12195dcebbd21f0f2d91e26720cd053526edbfe3\"\u003e\u003ccode\u003e12195dc\u003c/code\u003e\u003c/a\u003e fix: do not rename nested \u0026quot;exports\u0026quot; bindings that do not conflict (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6360\"\u003e#6360\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rollup/rollup/compare/v4.53.3...v4.60.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 4.0.3 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.0.4\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\"\u003ehttps://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e5474fc1a4d7991870058170407dda8a42be5334\"\u003e\u003ccode\u003ee5474fc\u003c/code\u003e\u003c/a\u003e Publish 4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903\"\u003e\u003ccode\u003e4516eb5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d\"\u003e\u003ccode\u003e5eceecd\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/0db7dd70651ca7c8265601c0442a996ed32e3238\"\u003e\u003ccode\u003e0db7dd7\u003c/code\u003e\u003c/a\u003e Run benchmark again against latest minimatch version (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/161\"\u003e#161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/95003777eb1c60dec09495a8231fa2ba4054d76a\"\u003e\u003ccode\u003e9500377\u003c/code\u003e\u003c/a\u003e docs: clarify what brace expansion syntax is and isn't supported (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/2661f23eca86c8b4a2b14815b9b2b3b74bd5a171\"\u003e\u003ccode\u003e2661f23\u003c/code\u003e\u003c/a\u003e fix typo in globstars.js test name (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/138\"\u003e#138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/1798b07e9df59500b9cf567294d44d559032f4c7\"\u003e\u003ccode\u003e1798b07\u003c/code\u003e\u003c/a\u003e docs: fix \u003ccode\u003emakeRe\u003c/code\u003e example (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/9d76bc57a03b7f57cc4ca516c8071daf632bafd8\"\u003e\u003ccode\u003e9d76bc5\u003c/code\u003e\u003c/a\u003e chore: undocument removed options (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e4d718bbfb47e4f030ab2612b5b04a9297fe272d\"\u003e\u003ccode\u003ee4d718b\u003c/code\u003e\u003c/a\u003e Remove unused time-require (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/38dffeb16221cc8eb8981524fb6895dd2aaaba76\"\u003e\u003ccode\u003e38dffeb\u003c/code\u003e\u003c/a\u003e chore(deps): pin dependencies (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/158\"\u003e#158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 7.2.2 to 7.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.3\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.3/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.3.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.3.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.1/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.3.0\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.0/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.2.7\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.2.6\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.2.6/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.2.5\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.2.5/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eNote: 7.2.5 failed to publish so it is skipped on npm\u003c/em\u003e\u003c/p\u003e\n\u003ch2\u003ev7.2.4\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.2.4/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.2.3\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.2.3/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.3/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.2...v7.3.3\"\u003e7.3.3\u003c/a\u003e (2026-05-07)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid destructure lowering for newer safari (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22346\"\u003e#22346\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/5ab51c0f76f0896175e02ad797c1f5fe116d02f4\"\u003e5ab51c0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.1...v7.3.2\"\u003e7.3.2\u003c/a\u003e (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e09d8c90\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebackport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22162\"\u003e#22162\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e19db0f2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echeck \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22160\"\u003e#22160\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003ef8103cc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.0...v7.3.1\"\u003e7.3.1\u003c/a\u003e (2026-01-07)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eignoreOutdatedRequests\u003c/code\u003e option to \u003ccode\u003eoptimizeDeps\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21364\"\u003e#21364\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/9d39d373a7b4e0a93322b70b9dbeb202af06af3e\"\u003e9d39d37\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.2.7...v7.3.0\"\u003e7.3.0\u003c/a\u003e (2025-12-15)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update esbuild from ^0.25.0 to ^0.27.0 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21183\"\u003e#21183\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/cff26ec0fc13373d7125a5eac6cb01fe63fee4b1\"\u003ecff26ec\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.2.6...v7.2.7\"\u003e7.2.7\u003c/a\u003e (2025-12-08)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eplugin shortcut support (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21211\"\u003e#21211\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/721f16343d9555ae8fc71a2e5354b22e12ff0dc3\"\u003e721f163\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.2.5...v7.2.6\"\u003e7.2.6\u003c/a\u003e (2025-12-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.2.4...v7.2.5\"\u003e7.2.5\u003c/a\u003e (2025-12-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003econfig:\u003c/strong\u003e handle shebang properly (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21158\"\u003e#21158\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/df5a30d2690a2ebc4824a79becdcef30538dc602\"\u003edf5a30d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update all non-major dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21146\"\u003e#21146\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/a3cd262f37228967e455617e982b35fccc49ffe9\"\u003ea3cd262\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update all non-major dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21175\"\u003e#21175\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/72e398a46d8d2f54fbcbeb9ff0dceab346aeb642\"\u003e72e398a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix \u003ccode\u003eexternal: true\u003c/code\u003e merging (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21164\"\u003e#21164\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/5ef557a96c4a1f2b3a3aa25c12df3ee87b4a03f5\"\u003e5ef557a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eshortcuts not rebound after server restart (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21166\"\u003e#21166\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/3765f7baea36234bf3816eeed38776d27bfd3649\"\u003e3765f7b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e replace debug with obug (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21137\"\u003e#21137\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/203a5512a42a1031f685993f5d9cbae5f328354f\"\u003e203a551\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclarify manifest.json \u003ccode\u003eimports\u003c/code\u003e field is JS chunks only (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21136\"\u003e#21136\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/46d3077f2b63771cc50230bc907c48f5773c00fb\"\u003e46d3077\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update rolldown-related dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21174\"\u003e#21174\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/74559c947483a8ee24da052ac2d9568f7cb3546a\"\u003e74559c9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.2.3...v7.2.4\"\u003e7.2.4\u003c/a\u003e (2025-11-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca31424cccb075c88131132b929a63527d0e2b69\"\u003e\u003ccode\u003eca31424\u003c/code\u003e\u003c/a\u003e release: v7.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/5ab51c0f76f0896175e02ad797c1f5fe116d02f4\"\u003e\u003ccode\u003e5ab51c0\u003c/code\u003e\u003c/a\u003e fix: avoid destructure lowering for newer safari (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22346\"\u003e#22346\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cc383e07b66d4c5a9768fcb570e0af812cb8d999\"\u003e\u003ccode\u003ecc383e0\u003c/code\u003e\u003c/a\u003e release: v7.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e\u003ccode\u003e09d8c90\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003e\u003ccode\u003ef8103cc\u003c/code\u003e\u003c/a\u003e fix: check \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22160\"\u003e#22160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e\u003ccode\u003e19db0f2\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22162\"\u003e#22162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/95e8923f35d0252c9f6eb2d5e358c084542706f1\"\u003e\u003ccode\u003e95e8923\u003c/code\u003e\u003c/a\u003e release: v7.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/9d39d373a7b4e0a93322b70b9dbeb202af06af3e\"\u003e\u003ccode\u003e9d39d37\u003c/code\u003e\u003c/a\u003e feat: add \u003ccode\u003eignoreOutdatedRequests\u003c/code\u003e option to \u003ccode\u003eoptimizeDeps\u003c/code\u003e (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21364\"\u003e#21364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/acf7e05eaeb18e98f5e19e2d3e648950726f20d1\"\u003e\u003ccode\u003eacf7e05\u003c/code\u003e\u003c/a\u003e release: v7.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cff26ec0fc13373d7125a5eac6cb01fe63fee4b1\"\u003e\u003ccode\u003ecff26ec\u003c/code\u003e\u003c/a\u003e feat(deps): update esbuild from ^0.25.0 to ^0.27.0 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21183\"\u003e#21183\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v7.3.3/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fastify/express` from 4.0.2 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-express/releases\"\u003e@​fastify/express's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33807 \u003ca href=\"https://github.com/fastify/fastify-express/security/advisories/GHSA-hrwm-hgmj-7p9c\"\u003ehttps://github.com/fastify/fastify-express/security/advisories/GHSA-hrwm-hgmj-7p9c\u003c/a\u003e.\nThis fixes CVE CVE-2026-33808 \u003ca href=\"https://github.com/fastify/fastify-express/security/advisories/GHSA-6hw5-45gm-fj88\"\u003ehttps://github.com/fastify/fastify-express/security/advisories/GHSA-6hw5-45gm-fj88\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump express from 4.22.1 to 5.2.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/179\"\u003efastify/fastify-express#179\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: remove stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/181\"\u003efastify/fastify-express#181\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump c8 from 10.1.3 to 11.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/183\"\u003efastify/fastify-express#183\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/182\"\u003efastify/fastify-express#182\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/185\"\u003efastify/fastify-express#185\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/187\"\u003efastify/fastify-express#187\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/188\"\u003efastify/fastify-express#188\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/181\"\u003efastify/fastify-express#181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-express/compare/v4.0.4...v4.0.5\"\u003ehttps://github.com/fastify/fastify-express/compare/v4.0.4...v4.0.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: decode url with query params by \u003ca href=\"https://github.com/nolway\"\u003e\u003ccode\u003e@​nolway\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/178\"\u003efastify/fastify-express#178\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolway\"\u003e\u003ccode\u003e@​nolway\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/178\"\u003efastify/fastify-express#178\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-express/compare/v4.0.3...v4.0.4\"\u003ehttps://github.com/fastify/fastify-express/compare/v4.0.3...v4.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(dependabot): reduce npm updates to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/157\"\u003efastify/fastify-express#157\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: rename master to main by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/158\"\u003efastify/fastify-express#158\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: migrate to node test runner by \u003ca href=\"https://github.com/ilteoood\"\u003e\u003ccode\u003e@​ilteoood\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/159\"\u003efastify/fastify-express#159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): set job permissions by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/161\"\u003efastify/fastify-express#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(readme): update plugin version syntax by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/162\"\u003efastify/fastify-express#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: set permissions at workflow level by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/163\"\u003efastify/fastify-express#163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore job level permissions by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/164\"\u003efastify/fastify-express#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump express from 4.21.2 to 5.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/166\"\u003efastify/fastify-express#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump serve-static from 1.16.2 to 2.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/165\"\u003efastify/fastify-express#165\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump tsd from 0.31.2 to 0.32.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/168\"\u003efastify/fastify-express#168\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): update date ranges; standardise style by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/169\"\u003efastify/fastify-express#169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(.npmrc): ignore scripts by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/171\"\u003efastify/fastify-express#171\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): add concurrency config by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/172\"\u003efastify/fastify-express#172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump tsd from 0.32.0 to 0.33.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/170\"\u003efastify/fastify-express#170\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: decode paths before matching by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/174\"\u003efastify/fastify-express#174\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore express4 by \u003ca href=\"https://github.com/Eomm\"\u003e\u003ccode\u003e@​Eomm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/176\"\u003efastify/fastify-express#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ilteoood\"\u003e\u003ccode\u003e@​ilteoood\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/159\"\u003efastify/fastify-express#159\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-express/commit/f52f4476cbd874a9526027082b9e075d3bff63ac\"\u003e\u003ccode\u003ef52f447\u003c/code\u003e\u003c/a\u003e Bumped v4.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-express/commit/c4e49b5244fcfadb38dc08e9b1808c5d759021a2\"\u003e\u003ccode\u003ec4e49b5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-express/commit/674020f27ddc1d1709e4369cb40158d4c958d42b\"\u003e\u003ccode\u003e674020f\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-express/commit/96eb39be998436e639401ce763941a919145b8ad\"\u003e\u003ccode\u003e96eb39b\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-express/issues/188\"\u003e#188\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-express/commit/65ddc99fba34f9f1561435daa08dd654f126bd46\"\u003e\u003ccode\u003e65ddc99\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-express/issues/187\"\u003e#187\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-express/commit/2746f1f040a9b57b24481d4e0dbbedbf05ca234e\"\u003e\u003ccode\u003e2746f1f\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-express/issues/185\"\u003e#185\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-express/commit/cce14b12102da13f84cedf21cdf18b2ac75676e7\"\u003e\u003ccode\u003ecce14b1\u003c/code\u003e\u003c/a\u003e chore(license): standardise license notice (\u003ca href=\"https://redirect.github.com/fastify/fastify-express/issues/182\"\u003e#182\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-express/commit/70a809411d0f4d4b4a0993c45bd9881e0b427847\"\u003e\u003ccode\u003e70a8094\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump c8 from 10.1.3 to 11.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-express/issues/183\"\u003e#183\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-express/commit/6f627c610007c0985d9af80f8dff072b9d21ee37\"\u003e\u003ccode\u003e6f627c6\u003c/code\u003e\u003c/a\u003e ci: remove stale.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-express/issues/181\"\u003e#181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-express/commit/fa4a726d0be418a1ce2ee7abe88250cce8213ea4\"\u003e\u003ccode\u003efa4a726\u003c/code\u003e\u003c/a\u003e build(deps): bump express from 4.22.1 to 5.2.1 (\u003ca href=\"https://redirect.github.com/fastify/fastify-express/issues/179\"\u003e#179\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-express/compare/v4.0.2...v4.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~climba03003\"\u003eclimba03003\u003c/a\u003e, a new releaser for \u003ccode\u003e@​fastify/express\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fastify/static` from 8.3.0 to 9.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6410 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\u003c/a\u003e.\nThis fixes CVE CVE-2026-6414 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/570\"\u003efastify/fastify-static#570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/552\"\u003efastify/fastify-static#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move ignoreTrailingSlash under routerOptions by \u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/543\"\u003efastify/fastify-static#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump pino and borp dependencies, delete stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update syntax typescript by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/558\"\u003efastify/fastify-static#558\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/560\"\u003efastify/fastify-static#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: sendFile ignoring option overrides in some cases by \u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade c8 to v11.0.0 and improvements test by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/564\"\u003efastify/fastify-static#564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/566\"\u003efastify/fastify-static#566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump content-disposition from 0.5.4 to 1.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/547\"\u003efastify/fastify-static#547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate glob@13 by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/550\"\u003efastify/fastify-static#550\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/48b136f5d8da0efea328f49f6202ab3edabf608b\"\u003e\u003ccode\u003e48b136f\u003c/code\u003e\u003c/a\u003e Bumped v9.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/cc7b7f7e00a5f028599ba17392b831afd0c651aa\"\u003e\u003ccode\u003ecc7b7f7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/9921faa7ffe4931f4bbd2d1a8b6d90e720081856\"\u003e\u003ccode\u003e9921faa\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/4183d2d8dd52b11c27f7adc22abb8d2531ad4a02\"\u003e\u003ccode\u003e4183d2d\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/a3a8cd6c7a5b0937d7ad939564991c284f09754a\"\u003e\u003ccode\u003ea3a8cd6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/8423c80016917b40a3e42c38fd55070a89d1b9b8\"\u003e\u003ccode\u003e8423c80\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/475dce148995ac754a8cb344bad63c8cbd6517d2\"\u003e\u003ccode\u003e475dce1\u003c/code\u003e\u003c/a\u003e chore: upgrade c8 to v11.0.0 and improvements test (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/3ff0f39b94da96f42a88ed57c554abc8381806c3\"\u003e\u003ccode\u003e3ff0f39\u003c/code\u003e\u003c/a\u003e fix: sendFile ignoring option overrides in some cases (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/559\"\u003e#559\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/663baa7da61ff69115995baf59efba6396d814a8\"\u003e\u003ccode\u003e663baa7\u003c/code\u003e\u003c/a\u003e chore(license): standardise license notice (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/560\"\u003e#560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/51bb66e88667850ff5e8f4e9a27ebbf8c5b7bbad\"\u003e\u003ccode\u003e51bb66e\u003c/code\u003e\u003c/a\u003e chore: update syntax typescript (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.3.0...v9.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@nestjs/core` from 11.1.9 to 11.1.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nestjs/nest/releases\"\u003e@​nestjs/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev11.1.18 (2026-04-03)\u003c/h2\u003e\n\u003ch4\u003eBug fixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003emicroservices\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16675\"\u003e#16675\u003c/a\u003e fix(microservices): preserve packet headers in nats serializer (\u003ca href=\"https://github.com/wwenrr\"\u003e\u003ccode\u003e@​wwenrr\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ecore\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16683\"\u003e#16683\u003c/a\u003e fix(core): prevent injector hang when design:paramtypes is missing (\u003ca href=\"https://github.com/Youmoo\"\u003e\u003ccode\u003e@​Youmoo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16637\"\u003e#16637\u003c/a\u003e fix(core): dependency injection edge case with moduleref.create (\u003ca href=\"https://github.com/JakobStaudinger\"\u003e\u003ccode\u003e@​JakobStaudinger\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16686\"\u003enestjs/nest#16686\u003c/a\u003e fix(core): sanitize sse message\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eDependencies\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecore\u003c/code\u003e, \u003ccode\u003eplatform-express\u003c/code\u003e, \u003ccode\u003eplatform-fastify\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16679\"\u003e#16679\u003c/a\u003e fix(deps): update dependency path-to-regexp to v8.4.2 (\u003ca href=\"https://github.com/apps/renovate\"\u003e\u003ccode\u003e@​renovate[bot]\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eplatform-fastify\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16623\"\u003e#16623\u003c/a\u003e fix(deps): update dependency fastify to v5.8.4 (\u003ca href=\"https://github.com/apps/renovate\"\u003e\u003ccode\u003e@​renovate[bot]\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eplatform-ws\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16618\"\u003e#16618\u003c/a\u003e chore(deps): bump ws from 8.19.0 to 8.20.0 (\u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ecommon\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16619\"\u003e#16619\u003c/a\u003e chore(deps): bump file-type from 21.3.3 to 21.3.4 (\u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAnkit San (\u003ca href=\"https://github.com/ankitbelal\"\u003e\u003ccode\u003e@​ankitbelal\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eJakob Staudinger (\u003ca href=\"https://github.com/JakobStaudinger\"\u003e\u003ccode\u003e@​JakobStaudinger\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKamil Mysliwiec (\u003ca href=\"https://github.com/kamilmysliwiec\"\u003e\u003ccode\u003e@​kamilmysliwiec\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKrishna Chaitanya (\u003ca href=\"https://github.com/Krishnachaitanyakc\"\u003e\u003ccode\u003e@​Krishnachaitanyakc\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMK (\u003ca href=\"https://github.com/wwenrr\"\u003e\u003ccode\u003e@​wwenrr\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eyoumoo (\u003ca href=\"https://github.com/Youmoo\"\u003e\u003ccode\u003e@​Youmoo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev11.1.17 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003eEnhancements\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003emicroservices\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16218\"\u003e#16218\u003c/a\u003e feat(microservices): add redis driver identification (\u003ca href=\"https://github.com/vchomakov\"\u003e\u003ccode\u003e@​vchomakov\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eBugs\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eplatform-fastify\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eauto-run middleware for HEAD requests as fastify redirects them to GET handlers (effectively skipping middleware execution) \u003ca href=\"https://github.com/nestjs/nest/commit/cbdf737cd6e7cefa52d05ecea2ae4af95c464614\"\u003ehttps://github.com/nestjs/nest/commit/cbdf737cd6e7cefa52d05ecea2ae4af95c464614\u003c/a\u003e (\u003ca href=\"https://github.com/kamilmysliwiec\"\u003e\u003ccode\u003e@​kamilmysliwiec\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eDependencies\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecommon\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16567\"\u003e#16567\u003c/a\u003e fix(deps): update dependency file-type to v21.3.2 (\u003ca href=\"https://github.com/apps/renovate\"\u003e\u003ccode\u003e@​renovate[bot]\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eplatform-fastify\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16533\"\u003e#16533\u003c/a\u003e fix(deps): update dependency fastify to v5.8.2 (\u003ca href=\"https://github.com/apps/renovate\"\u003e\u003ccode\u003e@​renovate[bot]\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRohan Santhosh Kumar (\u003ca href=\"https://github.com/Rohan5commit\"\u003e\u003ccode\u003e@​Rohan5commit\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eVasil Chomakov (\u003ca href=\"https://github.com/vchomakov\"\u003e\u003ccode\u003e@​vchomakov\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKamil Mysliwiec (\u003ca href=\"https://github.com/kamilmysliwiec\"\u003e\u003ccode\u003e@​kamilmysliwiec\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nestjs/nest/commit/3c1cc5f91e95fcec27c3694cd42a08a50e85cc5f\"\u003e\u003ccode\u003e3c1cc5f\u003c/code\u003e\u003c/a\u003e chore(release): publish v11.1.18 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nestjs/nest/commit/0f962c75a474b08fbc1bdf072b89eda14151c856\"\u003e\u003ccode\u003e0f962c7\u003c/code\u003e\u003c/a\u003e fix(core): sanitize sse message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nestjs/nest/commit/94aa4242f622d6f6b071c35dbcd90e0f2f3f32de\"\u003e\u003ccode\u003e94aa424\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/nestjs/nest/tree/HEAD/packages/core/issues/16679\"\u003e#16679\u003c/a\u003e from nestjs/renovate/path-to-regexp-8.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nestjs/nest/commit/368691c35fa221b68baad8d4e569d9d8685c0ea1\"\u003e\u003ccode\u003e368691c\u003c/code\u003e\u003c/a\u003e fix(core): prevent injector hang when design:paramtypes is missing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nestjs/nest/commit/25d4fdef37ac20930cc66b1283267651631e26f8\"\u003e\u003ccode\u003e25d4fde\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency path-to-regexp to v8.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nestjs/nest/commit/5c0b11e20c35c0a5692c16187519982091d57150\"\u003e\u003ccode\u003e5c0b11e\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency path-to-regexp to v8.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nestjs/nest/commit/f7d4460f0b34bd4a70be4552c3ca9e11eaecdb8c\"\u003e\u003ccode\u003ef7d4460\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/nestjs/nest/tree/HEAD/packages/core/issues/16637\"\u003e#16637\u003c/a\u003e from JakobStaudinger/moduleref-create-transient-sco...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nestjs/nest/commit/d0a9dc97acba4ae7b33d9a46d8941f4ad6b3b914\"\u003e\u003ccode\u003ed0a9dc9\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency path-to-regexp to v8.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nestjs/nest/commit/46774340b61d8e5751b13ba95a27628267266be3\"\u003e\u003ccode\u003e4677434\u003c/code\u003e\u003c/a\u003e feat(core): export \u003ccode\u003eIEntryNestModule\u003c/code\u003e type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nestjs/nest/commit/7493b94647fc51d6d774f1e20f1b2f66c692182f\"\u003e\u003ccode\u003e7493b94\u003c/code\u003e\u003c/a\u003e fix(core): dependency injection edge case with moduleref.create\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nestjs/nest/commits/v11.1.18/packages/core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.6.2 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e...\n\n_Description has been truncated_","html_url":"https://github.com/towan912/misskey/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/towan912%2Fmisskey/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4474588215","node_id":"PR_kwDOSg3iM87c7O-1","number":14,"state":"closed","title":"Bump @fastify/static from 7.0.4 to 9.1.3 in /server","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-19T05:11:19.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-19T05:10:45.000Z","updated_at":"2026-05-19T05:11:28.000Z","time_to_close":34,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"@fastify/static","old_version":"7.0.4","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"}],"path":"/server","ecosystem":"npm"},"body":"Bumps [@fastify/static](https://github.com/fastify/fastify-static) from 7.0.4 to 9.1.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: support wildcard prefixes with route params by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/576\"\u003efastify/fastify-static#576\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: resolve wildcard paths in encapsulated contexts by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/574\"\u003efastify/fastify-static#574\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6410 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\u003c/a\u003e.\nThis fixes CVE CVE-2026-6414 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/570\"\u003efastify/fastify-static#570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/552\"\u003efastify/fastify-static#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move ignoreTrailingSlash under routerOptions by \u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/543\"\u003efastify/fastify-static#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump pino and borp dependencies, delete stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update syntax typescript by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/558\"\u003efastify/fastify-static#558\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/560\"\u003efastify/fastify-static#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: sendFile ignoring option overrides in some cases by \u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade c8 to v11.0.0 and improvements test by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/564\"\u003efastify/fastify-static#564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/566\"\u003efastify/fastify-static#566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump content-disposition from 0.5.4 to 1.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/547\"\u003efastify/fastify-static#547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate glob@13 by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/550\"\u003efastify/fastify-static#550\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/880c1a6c9118c7ff7c74a5727e5697237183d5cf\"\u003e\u003ccode\u003e880c1a6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/7f92da5bf2366ccd2e0082e77d5222a7cb47d152\"\u003e\u003ccode\u003e7f92da5\u003c/code\u003e\u003c/a\u003e fix: support wildcard prefixes with route params (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/b0a66d5270a1ee1535e0c786d9beac2c7c7619c6\"\u003e\u003ccode\u003eb0a66d5\u003c/code\u003e\u003c/a\u003e Bumped v9.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/32af86372ab45d3799408d5b56fc7f7d3003e5de\"\u003e\u003ccode\u003e32af863\u003c/code\u003e\u003c/a\u003e fix: resolve wildcard paths in encapsulated contexts (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/48b136f5d8da0efea328f49f6202ab3edabf608b\"\u003e\u003ccode\u003e48b136f\u003c/code\u003e\u003c/a\u003e Bumped v9.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/cc7b7f7e00a5f028599ba17392b831afd0c651aa\"\u003e\u003ccode\u003ecc7b7f7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/9921faa7ffe4931f4bbd2d1a8b6d90e720081856\"\u003e\u003ccode\u003e9921faa\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/4183d2d8dd52b11c27f7adc22abb8d2531ad4a02\"\u003e\u003ccode\u003e4183d2d\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/a3a8cd6c7a5b0937d7ad939564991c284f09754a\"\u003e\u003ccode\u003ea3a8cd6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/8423c80016917b40a3e42c38fd55070a89d1b9b8\"\u003e\u003ccode\u003e8423c80\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v7.0.4...v9.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@fastify/static\u0026package-manager=npm_and_yarn\u0026previous-version=7.0.4\u0026new-version=9.1.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/chartmann1590/family-guardian/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/chartmann1590%2Ffamily-guardian/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"},{"uuid":"4472422412","node_id":"PR_kwDOShO_U87c0UPw","number":16,"state":"closed","title":"chore(deps)(deps): Bump the fastify group across 1 directory with 3 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-18T20:44:06.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-18T20:41:15.000Z","updated_at":"2026-05-18T20:44:15.000Z","time_to_close":171,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)(deps): Bump","group_name":"fastify","update_count":3,"packages":[{"name":"@fastify/cookie","old_version":"10.0.1","new_version":"11.0.2","repository_url":"https://github.com/fastify/fastify-cookie"},{"name":"@fastify/static","old_version":"9.1.1","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"},{"name":"fastify-type-provider-zod","old_version":"4.0.2","new_version":"6.1.0","repository_url":"https://github.com/turkerdev/fastify-type-provider-zod"}],"path":null,"ecosystem":"npm"},"body":"Bumps the fastify group with 3 updates in the / directory: [@fastify/cookie](https://github.com/fastify/fastify-cookie), [@fastify/static](https://github.com/fastify/fastify-static) and [fastify-type-provider-zod](https://github.com/turkerdev/fastify-type-provider-zod).\n\nUpdates `@fastify/cookie` from 10.0.1 to 11.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-cookie/releases\"\u003e@​fastify/cookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev11.0.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(readme): update ci badge syntax by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/309\"\u003efastify/fastify-cookie#309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): replace standard with neostandard by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/310\"\u003efastify/fastify-cookie#310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: move from tap to node:test by \u003ca href=\"https://github.com/eugleenyc\"\u003e\u003ccode\u003e@​eugleenyc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/306\"\u003efastify/fastify-cookie#306\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump neostandard from 0.11.9 to 0.12.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/311\"\u003efastify/fastify-cookie#311\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): add eslint, peer dep of neostandard by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/312\"\u003efastify/fastify-cookie#312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(package): add contribs and funding by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/313\"\u003efastify/fastify-cookie#313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(readme): add compatibility table by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/314\"\u003efastify/fastify-cookie#314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: prefix unused params with underscores by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/316\"\u003efastify/fastify-cookie#316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(signer): remove unused catch binding by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/315\"\u003efastify/fastify-cookie#315\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(readme): grammar fixes by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/317\"\u003efastify/fastify-cookie#317\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: merge duplicate \u003ccode\u003eFastifyCookieOptions\u003c/code\u003e interface exports by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/318\"\u003efastify/fastify-cookie#318\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eugleenyc\"\u003e\u003ccode\u003e@​eugleenyc\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/306\"\u003efastify/fastify-cookie#306\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-cookie/compare/v11.0.1...v11.0.2\"\u003ehttps://github.com/fastify/fastify-cookie/compare/v11.0.1...v11.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: remove redundant dependency, cookie-signature by \u003ca href=\"https://github.com/gurgunday\"\u003e\u003ccode\u003e@​gurgunday\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/305\"\u003efastify/fastify-cookie#305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-cookie/compare/v11.0.0...v11.0.1\"\u003ehttps://github.com/fastify/fastify-cookie/compare/v11.0.0...v11.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efastifyCookieClearCookie sets maxAge to zero by \u003ca href=\"https://github.com/aristofun\"\u003e\u003ccode\u003e@​aristofun\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/304\"\u003efastify/fastify-cookie#304\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse cookie package again by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/302\"\u003efastify/fastify-cookie#302\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aristofun\"\u003e\u003ccode\u003e@​aristofun\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/304\"\u003efastify/fastify-cookie#304\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/302\"\u003efastify/fastify-cookie#302\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-cookie/compare/v10.0.1...v11.0.0\"\u003ehttps://github.com/fastify/fastify-cookie/compare/v10.0.1...v11.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-cookie/commit/3ff06ef2b08487f3bdcd55218915aceaa8538250\"\u003e\u003ccode\u003e3ff06ef\u003c/code\u003e\u003c/a\u003e 11.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-cookie/commit/24a584436a52ecaf4df129437195bfa105929304\"\u003e\u003ccode\u003e24a5844\u003c/code\u003e\u003c/a\u003e types: merge duplicate \u003ccode\u003eFastifyCookieOptions\u003c/code\u003e interface exports (\u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/issues/318\"\u003e#318\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-cookie/commit/b9fcf1350bade8c6cd5f7f4e65ba371e01ee4422\"\u003e\u003ccode\u003eb9fcf13\u003c/code\u003e\u003c/a\u003e docs(readme): grammar fixes (\u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-cookie/commit/a8023cd1608977d8a6866a728920421dac51cb9a\"\u003e\u003ccode\u003ea8023cd\u003c/code\u003e\u003c/a\u003e refactor(signer): remove unused catch binding (\u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/issues/315\"\u003e#315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-cookie/commit/639f778584f4abb5157a3b515ce110e04457b4fa\"\u003e\u003ccode\u003e639f778\u003c/code\u003e\u003c/a\u003e refactor: prefix unused params with underscores (\u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/issues/316\"\u003e#316\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-cookie/commit/0f1acb119b2022d7d58b02375cc4a723c8ad3219\"\u003e\u003ccode\u003e0f1acb1\u003c/code\u003e\u003c/a\u003e docs(readme): add compatibility table (\u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-cookie/commit/645e80b6f5b04c426d88c8f286db8e63d5fc87ea\"\u003e\u003ccode\u003e645e80b\u003c/code\u003e\u003c/a\u003e chore(package): add contribs and funding (\u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/issues/313\"\u003e#313\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-cookie/commit/5e4c22ee572b098c5816b8ec4acff324d988e707\"\u003e\u003ccode\u003e5e4c22e\u003c/code\u003e\u003c/a\u003e build(deps-dev): add eslint, peer dep of neostandard (\u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/issues/312\"\u003e#312\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-cookie/commit/1f2af60d253ab4493d085a142504b9e5dad59570\"\u003e\u003ccode\u003e1f2af60\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump neostandard from 0.11.9 to 0.12.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/issues/311\"\u003e#311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-cookie/commit/38913b7ebea774a854b72d01d90d11c9864d1f02\"\u003e\u003ccode\u003e38913b7\u003c/code\u003e\u003c/a\u003e chore: move from tap to node:test (\u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/issues/306\"\u003e#306\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-cookie/compare/v10.0.1...v11.0.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~fdawgs\"\u003efdawgs\u003c/a\u003e, a new releaser for \u003ccode\u003e@​fastify/cookie\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fastify/static` from 9.1.1 to 9.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: support wildcard prefixes with route params by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/576\"\u003efastify/fastify-static#576\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: resolve wildcard paths in encapsulated contexts by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/574\"\u003efastify/fastify-static#574\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/880c1a6c9118c7ff7c74a5727e5697237183d5cf\"\u003e\u003ccode\u003e880c1a6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/7f92da5bf2366ccd2e0082e77d5222a7cb47d152\"\u003e\u003ccode\u003e7f92da5\u003c/code\u003e\u003c/a\u003e fix: support wildcard prefixes with route params (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/b0a66d5270a1ee1535e0c786d9beac2c7c7619c6\"\u003e\u003ccode\u003eb0a66d5\u003c/code\u003e\u003c/a\u003e Bumped v9.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/32af86372ab45d3799408d5b56fc7f7d3003e5de\"\u003e\u003ccode\u003e32af863\u003c/code\u003e\u003c/a\u003e fix: resolve wildcard paths in encapsulated contexts (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify-type-provider-zod` from 4.0.2 to 6.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/turkerdev/fastify-type-provider-zod/releases\"\u003efastify-type-provider-zod's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSignificantly improved compatibility with OpenAPI 3.0 for specification document population;\u003c/li\u003e\n\u003cli\u003eAutomatically switch between OpenAPI 3.0 and 3.1 modes based on the version in the \u003ccode\u003eopenapi\u003c/code\u003e field of the specification document root.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix exports\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.0\u003c/h2\u003e\n\u003cp\u003eBreaking changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSwitch to zod v4 API;\u003c/li\u003e\n\u003cli\u003eError response structure revised to reduce duplication\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/turkerdev/fastify-type-provider-zod/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/guiloklex-hub/mm-metricas-unifi/pull/16","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/guiloklex-hub%2Fmm-metricas-unifi/issues/16","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/16/packages"},{"uuid":"4466292410","node_id":"PR_kwDOQ1PoDs7cgcUn","number":98,"state":"closed","title":"chore(deps): bump the npm-dependencies group across 1 directory with 15 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-25T04:28:52.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-18T04:35:45.000Z","updated_at":"2026-05-25T04:28:54.000Z","time_to_close":604387,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm-dependencies","update_count":15,"packages":[{"name":"@playwright/test","old_version":"1.58.2","new_version":"1.60.0","repository_url":"https://github.com/microsoft/playwright"},{"name":"@types/pg","old_version":"8.18.0","new_version":"8.20.0","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"@fastify/static","old_version":"9.0.0","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"},{"name":"@prisma/adapter-pg","old_version":"7.5.0","new_version":"7.8.0","repository_url":"https://github.com/prisma/prisma"},{"name":"@prisma/client","old_version":"7.5.0","new_version":"7.8.0","repository_url":"https://github.com/prisma/prisma"},{"name":"dotenv","old_version":"17.3.1","new_version":"17.4.2","repository_url":"https://github.com/motdotla/dotenv"},{"name":"fastify","old_version":"5.8.2","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"},{"name":"@types/node","old_version":"25.5.0","new_version":"25.8.0","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"prisma","old_version":"7.5.0","new_version":"7.8.0","repository_url":"https://github.com/prisma/prisma"},{"name":"typescript","old_version":"5.9.3","new_version":"6.0.3","repository_url":"https://github.com/microsoft/TypeScript"},{"name":"react","old_version":"19.2.4","new_version":"19.2.6","repository_url":"https://github.com/facebook/react"},{"name":"react-dom","old_version":"19.2.4","new_version":"19.2.6","repository_url":"https://github.com/facebook/react"},{"name":"@vitejs/plugin-react","old_version":"6.0.1","new_version":"6.0.2","repository_url":"https://github.com/vitejs/vite-plugin-react"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm-dependencies group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@playwright/test](https://github.com/microsoft/playwright) | `1.58.2` | `1.60.0` |\n| [@types/pg](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/pg) | `8.18.0` | `8.20.0` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `9.0.0` | `9.1.3` |\n| [@prisma/adapter-pg](https://github.com/prisma/prisma/tree/HEAD/packages/adapter-pg) | `7.5.0` | `7.8.0` |\n| [@prisma/client](https://github.com/prisma/prisma/tree/HEAD/packages/client) | `7.5.0` | `7.8.0` |\n| [dotenv](https://github.com/motdotla/dotenv) | `17.3.1` | `17.4.2` |\n| [fastify](https://github.com/fastify/fastify) | `5.8.2` | `5.8.5` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.5.0` | `25.8.0` |\n| [prisma](https://github.com/prisma/prisma/tree/HEAD/packages/cli) | `7.5.0` | `7.8.0` |\n| [typescript](https://github.com/microsoft/TypeScript) | `5.9.3` | `6.0.3` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.4` | `19.2.6` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.4` | `19.2.6` |\n| [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) | `6.0.1` | `6.0.2` |\n\n\nUpdates `@playwright/test` from 1.58.2 to 1.60.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/microsoft/playwright/releases\"\u003e@​playwright/test's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.60.0\u003c/h2\u003e\n\u003ch2\u003e🌐 HAR recording on Tracing\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://playwright.dev/docs/api/class-tracing#tracing-start-har\"\u003etracing.startHar()\u003c/a\u003e / \u003ca href=\"https://playwright.dev/docs/api/class-tracing#tracing-stop-har\"\u003etracing.stopHar()\u003c/a\u003e expose HAR recording as a first-class tracing API, with the same \u003ccode\u003econtent\u003c/code\u003e, \u003ccode\u003emode\u003c/code\u003e and \u003ccode\u003eurlFilter\u003c/code\u003e options as \u003ccode\u003erecordHar\u003c/code\u003e. The returned \u003ca href=\"https://playwright.dev/docs/api/class-disposable\"\u003eDisposable\u003c/a\u003e makes it easy to scope a recording with \u003ccode\u003eawait using\u003c/code\u003e:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait using har = await context.tracing.startHar('trace.har');\r\nconst page = await context.newPage();\r\nawait page.goto('https://playwright.dev');\r\n// HAR is finalized when `har` goes out of scope.\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003e🪝 Drop API\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-locator#locator-drop\"\u003elocator.drop()\u003c/a\u003e simulates an external drag-and-drop of files or clipboard-like data onto an element. Playwright dispatches \u003ccode\u003edragenter\u003c/code\u003e, \u003ccode\u003edragover\u003c/code\u003e, and \u003ccode\u003edrop\u003c/code\u003e with a synthetic [DataTransfer] in the page context — works cross-browser and is great for testing upload zones:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait page.locator('#dropzone').drop({\r\n  files: { name: 'note.txt', mimeType: 'text/plain', buffer: Buffer.from('hello') },\r\n});\r\n\u003cp\u003eawait page.locator('#dropzone').drop({\ndata: {\n'text/plain': 'hello world',\n'text/uri-list': '\u003ca href=\"https://example.com\"\u003ehttps://example.com\u003c/a\u003e',\n},\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003ch2\u003e🎯 Aria snapshots\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://playwright.dev/docs/api/class-pageassertions#page-assertions-to-match-aria-snapshot\"\u003eexpect(page).toMatchAriaSnapshot()\u003c/a\u003e now works on a \u003ca href=\"https://playwright.dev/docs/api/class-page\"\u003ePage\u003c/a\u003e, in addition to a \u003ca href=\"https://playwright.dev/docs/api/class-locator\"\u003eLocator\u003c/a\u003e — equivalent to asserting against \u003ccode\u003epage.locator('body')\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eNew \u003ccode\u003eboxes\u003c/code\u003e option on \u003ca href=\"https://playwright.dev/docs/api/class-locator#locator-aria-snapshot\"\u003elocator.ariaSnapshot()\u003c/a\u003e / \u003ca href=\"https://playwright.dev/docs/api/class-page#page-aria-snapshot\"\u003epage.ariaSnapshot()\u003c/a\u003e appends each element's bounding box as \u003ccode\u003e[box=x,y,width,height]\u003c/code\u003e, useful for AI consumption.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🛑 test.abort()\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-test#test-abort\"\u003etest.abort()\u003c/a\u003e aborts the currently running test from a fixture, hook, or route handler with an optional message. Use it when you have detected an unrecoverable misuse and want to fail the test right away:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003etest('does not publish to the shared page', async ({ page }) =\u0026gt; {\r\n  await page.route('**/publish', route =\u0026gt; {\r\n    test.abort('Tests must not publish to the shared page. Use the `clone` option.');\r\n    return route.abort();\r\n  });\r\n  // ...\r\n});\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eNew APIs\u003c/h2\u003e\n\u003ch3\u003eBrowser, Context and Page\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/87bb9ddbd78f329df18c2b24847bc9409240cd07\"\u003e\u003ccode\u003e87bb9dd\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40747\"\u003e#40747\u003c/a\u003e): fix(yauzl): vendor yauzl with destroy-lifecycle fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9a9c51cb7d1b39fab51ca288e59f8ca38fd19910\"\u003e\u003ccode\u003e9a9c51c\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40733\"\u003e#40733\u003c/a\u003e): chore(electron): revert \u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40184\"\u003e#40184\u003c/a\u003e (move Electron API to a s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/4b3b628663031bcaaeca907e337892263524634d\"\u003e\u003ccode\u003e4b3b628\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40736\"\u003e#40736\u003c/a\u003e): Revert \u0026quot;feat(electron): add timeout option to electronAp...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/f869f96bbe6607cc3b88b4ca96fd82f17b301b50\"\u003e\u003ccode\u003ef869f96\u003c/code\u003e\u003c/a\u003e chore: bump version to v1.60.0 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40714\"\u003e#40714\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/7eb6918afadfb0dd5c7e94ca9ffbddd84d8fbb39\"\u003e\u003ccode\u003e7eb6918\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40710\"\u003e#40710\u003c/a\u003e): docs: release notes v1.60\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/118d2aa6076d82840decca15d96b48611b08e392\"\u003e\u003ccode\u003e118d2aa\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40693\"\u003e#40693\u003c/a\u003e): chore(python): formdata path type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/54012f5dcc586da2e5d6cccd75f13ca367b94579\"\u003e\u003ccode\u003e54012f5\u003c/code\u003e\u003c/a\u003e chore(deps): bump ip-address and express-rate-limit (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40680\"\u003e#40680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9fa531da5677a3807d6e1dccd22c5137339a44f7\"\u003e\u003ccode\u003e9fa531d\u003c/code\u003e\u003c/a\u003e fix(screencast): unblock frame ack when an async client disconnects (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40674\"\u003e#40674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/3649db560ff943e724185784d34f7db131a11961\"\u003e\u003ccode\u003e3649db5\u003c/code\u003e\u003c/a\u003e chore(mcp): bump default extension protocol to v2 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40678\"\u003e#40678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/bb6c00957f47ba04caad7fca75d426309a2d32d4\"\u003e\u003ccode\u003ebb6c009\u003c/code\u003e\u003c/a\u003e chore(extension): mark 0.2.1 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40679\"\u003e#40679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/playwright/compare/v1.58.2...v1.60.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/pg` from 8.18.0 to 8.20.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/pg\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `playwright` from 1.58.2 to 1.60.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/microsoft/playwright/releases\"\u003eplaywright's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.60.0\u003c/h2\u003e\n\u003ch2\u003e🌐 HAR recording on Tracing\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://playwright.dev/docs/api/class-tracing#tracing-start-har\"\u003etracing.startHar()\u003c/a\u003e / \u003ca href=\"https://playwright.dev/docs/api/class-tracing#tracing-stop-har\"\u003etracing.stopHar()\u003c/a\u003e expose HAR recording as a first-class tracing API, with the same \u003ccode\u003econtent\u003c/code\u003e, \u003ccode\u003emode\u003c/code\u003e and \u003ccode\u003eurlFilter\u003c/code\u003e options as \u003ccode\u003erecordHar\u003c/code\u003e. The returned \u003ca href=\"https://playwright.dev/docs/api/class-disposable\"\u003eDisposable\u003c/a\u003e makes it easy to scope a recording with \u003ccode\u003eawait using\u003c/code\u003e:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait using har = await context.tracing.startHar('trace.har');\r\nconst page = await context.newPage();\r\nawait page.goto('https://playwright.dev');\r\n// HAR is finalized when `har` goes out of scope.\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003e🪝 Drop API\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-locator#locator-drop\"\u003elocator.drop()\u003c/a\u003e simulates an external drag-and-drop of files or clipboard-like data onto an element. Playwright dispatches \u003ccode\u003edragenter\u003c/code\u003e, \u003ccode\u003edragover\u003c/code\u003e, and \u003ccode\u003edrop\u003c/code\u003e with a synthetic [DataTransfer] in the page context — works cross-browser and is great for testing upload zones:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait page.locator('#dropzone').drop({\r\n  files: { name: 'note.txt', mimeType: 'text/plain', buffer: Buffer.from('hello') },\r\n});\r\n\u003cp\u003eawait page.locator('#dropzone').drop({\ndata: {\n'text/plain': 'hello world',\n'text/uri-list': '\u003ca href=\"https://example.com\"\u003ehttps://example.com\u003c/a\u003e',\n},\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003ch2\u003e🎯 Aria snapshots\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://playwright.dev/docs/api/class-pageassertions#page-assertions-to-match-aria-snapshot\"\u003eexpect(page).toMatchAriaSnapshot()\u003c/a\u003e now works on a \u003ca href=\"https://playwright.dev/docs/api/class-page\"\u003ePage\u003c/a\u003e, in addition to a \u003ca href=\"https://playwright.dev/docs/api/class-locator\"\u003eLocator\u003c/a\u003e — equivalent to asserting against \u003ccode\u003epage.locator('body')\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eNew \u003ccode\u003eboxes\u003c/code\u003e option on \u003ca href=\"https://playwright.dev/docs/api/class-locator#locator-aria-snapshot\"\u003elocator.ariaSnapshot()\u003c/a\u003e / \u003ca href=\"https://playwright.dev/docs/api/class-page#page-aria-snapshot\"\u003epage.ariaSnapshot()\u003c/a\u003e appends each element's bounding box as \u003ccode\u003e[box=x,y,width,height]\u003c/code\u003e, useful for AI consumption.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🛑 test.abort()\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-test#test-abort\"\u003etest.abort()\u003c/a\u003e aborts the currently running test from a fixture, hook, or route handler with an optional message. Use it when you have detected an unrecoverable misuse and want to fail the test right away:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003etest('does not publish to the shared page', async ({ page }) =\u0026gt; {\r\n  await page.route('**/publish', route =\u0026gt; {\r\n    test.abort('Tests must not publish to the shared page. Use the `clone` option.');\r\n    return route.abort();\r\n  });\r\n  // ...\r\n});\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eNew APIs\u003c/h2\u003e\n\u003ch3\u003eBrowser, Context and Page\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/87bb9ddbd78f329df18c2b24847bc9409240cd07\"\u003e\u003ccode\u003e87bb9dd\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40747\"\u003e#40747\u003c/a\u003e): fix(yauzl): vendor yauzl with destroy-lifecycle fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9a9c51cb7d1b39fab51ca288e59f8ca38fd19910\"\u003e\u003ccode\u003e9a9c51c\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40733\"\u003e#40733\u003c/a\u003e): chore(electron): revert \u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40184\"\u003e#40184\u003c/a\u003e (move Electron API to a s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/4b3b628663031bcaaeca907e337892263524634d\"\u003e\u003ccode\u003e4b3b628\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40736\"\u003e#40736\u003c/a\u003e): Revert \u0026quot;feat(electron): add timeout option to electronAp...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/f869f96bbe6607cc3b88b4ca96fd82f17b301b50\"\u003e\u003ccode\u003ef869f96\u003c/code\u003e\u003c/a\u003e chore: bump version to v1.60.0 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40714\"\u003e#40714\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/7eb6918afadfb0dd5c7e94ca9ffbddd84d8fbb39\"\u003e\u003ccode\u003e7eb6918\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40710\"\u003e#40710\u003c/a\u003e): docs: release notes v1.60\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/118d2aa6076d82840decca15d96b48611b08e392\"\u003e\u003ccode\u003e118d2aa\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40693\"\u003e#40693\u003c/a\u003e): chore(python): formdata path type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/54012f5dcc586da2e5d6cccd75f13ca367b94579\"\u003e\u003ccode\u003e54012f5\u003c/code\u003e\u003c/a\u003e chore(deps): bump ip-address and express-rate-limit (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40680\"\u003e#40680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9fa531da5677a3807d6e1dccd22c5137339a44f7\"\u003e\u003ccode\u003e9fa531d\u003c/code\u003e\u003c/a\u003e fix(screencast): unblock frame ack when an async client disconnects (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40674\"\u003e#40674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/3649db560ff943e724185784d34f7db131a11961\"\u003e\u003ccode\u003e3649db5\u003c/code\u003e\u003c/a\u003e chore(mcp): bump default extension protocol to v2 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40678\"\u003e#40678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/bb6c00957f47ba04caad7fca75d426309a2d32d4\"\u003e\u003ccode\u003ebb6c009\u003c/code\u003e\u003c/a\u003e chore(extension): mark 0.2.1 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40679\"\u003e#40679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/playwright/compare/v1.58.2...v1.60.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fastify/static` from 9.0.0 to 9.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: support wildcard prefixes with route params by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/576\"\u003efastify/fastify-static#576\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: resolve wildcard paths in encapsulated contexts by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/574\"\u003efastify/fastify-static#574\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6410 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\u003c/a\u003e.\nThis fixes CVE CVE-2026-6414 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/570\"\u003efastify/fastify-static#570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/552\"\u003efastify/fastify-static#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move ignoreTrailingSlash under routerOptions by \u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/543\"\u003efastify/fastify-static#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump pino and borp dependencies, delete stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update syntax typescript by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/558\"\u003efastify/fastify-static#558\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/560\"\u003efastify/fastify-static#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: sendFile ignoring option overrides in some cases by \u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade c8 to v11.0.0 and improvements test by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/564\"\u003efastify/fastify-static#564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/566\"\u003efastify/fastify-static#566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/880c1a6c9118c7ff7c74a5727e5697237183d5cf\"\u003e\u003ccode\u003e880c1a6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/7f92da5bf2366ccd2e0082e77d5222a7cb47d152\"\u003e\u003ccode\u003e7f92da5\u003c/code\u003e\u003c/a\u003e fix: support wildcard prefixes with route params (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/b0a66d5270a1ee1535e0c786d9beac2c7c7619c6\"\u003e\u003ccode\u003eb0a66d5\u003c/code\u003e\u003c/a\u003e Bumped v9.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/32af86372ab45d3799408d5b56fc7f7d3003e5de\"\u003e\u003ccode\u003e32af863\u003c/code\u003e\u003c/a\u003e fix: resolve wildcard paths in encapsulated contexts (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/48b136f5d8da0efea328f49f6202ab3edabf608b\"\u003e\u003ccode\u003e48b136f\u003c/code\u003e\u003c/a\u003e Bumped v9.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/cc7b7f7e00a5f028599ba17392b831afd0c651aa\"\u003e\u003ccode\u003ecc7b7f7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/9921faa7ffe4931f4bbd2d1a8b6d90e720081856\"\u003e\u003ccode\u003e9921faa\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/4183d2d8dd52b11c27f7adc22abb8d2531ad4a02\"\u003e\u003ccode\u003e4183d2d\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/a3a8cd6c7a5b0937d7ad939564991c284f09754a\"\u003e\u003ccode\u003ea3a8cd6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/8423c80016917b40a3e42c38fd55070a89d1b9b8\"\u003e\u003ccode\u003e8423c80\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@prisma/adapter-pg` from 7.5.0 to 7.8.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prisma/prisma/releases\"\u003e@​prisma/adapter-pg's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.8.0\u003c/h2\u003e\n\u003cp\u003eToday, we are excited to share the \u003ccode\u003e7.8.0\u003c/code\u003e stable release 🎉\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e🌟 Star this repo for notifications about new releases, bug fixes \u0026amp; features — or \u003ca href=\"https://pris.ly/x\"\u003efollow us on X\u003c/a\u003e!\u003c/strong\u003e\u003c/p\u003e\n\u003ch1\u003eHighlights\u003c/h1\u003e\n\u003ch2\u003eORM\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003ePrisma Client\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded a \u003ccode\u003equeryPlanCacheMaxSize\u003c/code\u003e option to the \u003ccode\u003ePrismaClient\u003c/code\u003e constructor for fine-grained control over the query plan cache. Pass \u003ccode\u003e0\u003c/code\u003e to disable the cache entirely, or omit it to use the default cache size. A larger value can improve performance in applications that execute many unique queries, while a smaller one can reduce memory usage. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/adapter-pg/issues/29503\"\u003e#29503\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003ePrisma Client\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an equality filter panic and incorrect \u003ccode\u003e::jsonb\u003c/code\u003e cast when filtering on PostgreSQL JSON list columns. Queries using \u003ccode\u003ewhere: { jsonListField: { equals: [...] } }\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5804\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed case-insensitive JSON field filtering (\u003ccode\u003emode: insensitive\u003c/code\u003e), allowing \u003ccode\u003ewhere: { jsonField: { equals: \u0026quot;...\u0026quot;, mode: \u0026quot;insensitive\u0026quot; } }\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5806\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed incorrect parameterization of enum values that have a custom database name set via \u003ccode\u003e@map\u003c/code\u003e. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/adapter-pg/issues/29422\"\u003e#29422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a database parameter limit check (\u003ccode\u003eP2029\u003c/code\u003e), which could incorrectly reject or miss over-limit queries. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/adapter-pg/issues/29422\"\u003e#29422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a regression that caused missing SQL Server \u003ccode\u003eVARCHAR\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5801\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSchema Engine\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a misleading error message in \u003ccode\u003eprisma migrate diff\u003c/code\u003e that referenced the \u003ccode\u003e--shadow-database-url\u003c/code\u003e CLI flag, which was removed in Prisma 7. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/adapter-pg/issues/29455\"\u003e#29455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eprisma migrate dev\u003c/code\u003e (and shadow database migration replay in general) failing with \u003ccode\u003eCREATE INDEX CONCURRENTLY cannot run inside a transaction block\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5799\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed PostgreSQL introspection silently dropping sequence defaults when the database returns the schema-qualified form \u003ccode\u003epg_catalog.nextval('sequence_name'::regclass)\u003c/code\u003e instead of the bare \u003ccode\u003enextval(...)\u003c/code\u003e. Columns backed by sequences now correctly appear as \u003ccode\u003e@default(autoincrement())\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5802\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDriver Adapters\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003e@​prisma/adapter-d1\u003c/code\u003e\u003c/strong\u003e: Savepoint operations (\u003ccode\u003ecreateSavepoint\u003c/code\u003e, \u003ccode\u003erollbackToSavepoint\u003c/code\u003e, \u003ccode\u003ereleaseSavepoint\u003c/code\u003e) now silently no-op with debug logging instead of executing SQL statements, consistent with how the D1 adapter already treats top-level transactions. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/adapter-pg/issues/29499\"\u003e#29499\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOpen roles at Prisma\u003c/h2\u003e\n\u003cp\u003eInterested in joining Prisma? We're growing and have several exciting opportunities across the company for developers who are passionate about building with Prisma. Explore our open positions on our \u003ca href=\"https://www.prisma.io/careers#current\"\u003eCareers page\u003c/a\u003e and find the role that's right for you.\u003c/p\u003e\n\u003ch2\u003eEnterprise support\u003c/h2\u003e\n\u003cp\u003eThousands of teams use Prisma and many of them already tap into our Enterprise \u0026amp; Agency Support Program for hands-on help with everything from schema integrations and performance tuning to security and compliance.\u003c/p\u003e\n\u003cp\u003eWith this program you also get priority issue triage and bug fixes, expert scalability advice, and custom training so that your Prisma-powered apps stay rock-solid at any scale. Learn more or join: \u003ca href=\"https://prisma.io/enterprise\"\u003ehttps://prisma.io/enterprise\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e7.7.0\u003c/h2\u003e\n\u003cp\u003eToday, we are excited to share the \u003ccode\u003e7.7.0\u003c/code\u003e stable release 🎉\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e🌟 Star this repo for notifications about new releases, bug fixes \u0026amp; features — or \u003ca href=\"https://pris.ly/x\"\u003efollow us on X\u003c/a\u003e!\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/f2ca67e71d82a57dc5324a8cb5e6ed0d903c996a\"\u003e\u003ccode\u003ef2ca67e\u003c/code\u003e\u003c/a\u003e feat: pg statement name generator (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/adapter-pg/issues/29395\"\u003e#29395\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/4131568160a0efe49285991ced9bb2fa4133f50a\"\u003e\u003ccode\u003e4131568\u003c/code\u003e\u003c/a\u003e fix: set \u003ccode\u003e@​types/pg\u003c/code\u003e to ^8.16.0 (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/adapter-pg/issues/29390\"\u003e#29390\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/33667c373c0ae84ad37c7aed2497b99452da589c\"\u003e\u003ccode\u003e33667c3\u003c/code\u003e\u003c/a\u003e fix(adapter-pg): handle both quoted/unquoted column names in ColumnNotFound e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/e97b3e0401b234912490852cc10529ff1f83c44b\"\u003e\u003ccode\u003ee97b3e0\u003c/code\u003e\u003c/a\u003e feat(adapter-pg): accept connection string URL in PrismaPg constructor (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/adapter-pg/issues/29287\"\u003e#29287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/prisma/prisma/commits/7.8.0/packages/adapter-pg\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@prisma/client` from 7.5.0 to 7.8.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prisma/prisma/releases\"\u003e@​prisma/client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.8.0\u003c/h2\u003e\n\u003cp\u003eToday, we are excited to share the \u003ccode\u003e7.8.0\u003c/code\u003e stable release 🎉\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e🌟 Star this repo for notifications about new releases, bug fixes \u0026amp; features — or \u003ca href=\"https://pris.ly/x\"\u003efollow us on X\u003c/a\u003e!\u003c/strong\u003e\u003c/p\u003e\n\u003ch1\u003eHighlights\u003c/h1\u003e\n\u003ch2\u003eORM\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003ePrisma Client\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded a \u003ccode\u003equeryPlanCacheMaxSize\u003c/code\u003e option to the \u003ccode\u003ePrismaClient\u003c/code\u003e constructor for fine-grained control over the query plan cache. Pass \u003ccode\u003e0\u003c/code\u003e to disable the cache entirely, or omit it to use the default cache size. A larger value can improve performance in applications that execute many unique queries, while a smaller one can reduce memory usage. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/client/issues/29503\"\u003e#29503\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003ePrisma Client\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an equality filter panic and incorrect \u003ccode\u003e::jsonb\u003c/code\u003e cast when filtering on PostgreSQL JSON list columns. Queries using \u003ccode\u003ewhere: { jsonListField: { equals: [...] } }\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5804\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed case-insensitive JSON field filtering (\u003ccode\u003emode: insensitive\u003c/code\u003e), allowing \u003ccode\u003ewhere: { jsonField: { equals: \u0026quot;...\u0026quot;, mode: \u0026quot;insensitive\u0026quot; } }\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5806\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed incorrect parameterization of enum values that have a custom database name set via \u003ccode\u003e@map\u003c/code\u003e. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/client/issues/29422\"\u003e#29422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a database parameter limit check (\u003ccode\u003eP2029\u003c/code\u003e), which could incorrectly reject or miss over-limit queries. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/client/issues/29422\"\u003e#29422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a regression that caused missing SQL Server \u003ccode\u003eVARCHAR\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5801\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSchema Engine\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a misleading error message in \u003ccode\u003eprisma migrate diff\u003c/code\u003e that referenced the \u003ccode\u003e--shadow-database-url\u003c/code\u003e CLI flag, which was removed in Prisma 7. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/client/issues/29455\"\u003e#29455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eprisma migrate dev\u003c/code\u003e (and shadow database migration replay in general) failing with \u003ccode\u003eCREATE INDEX CONCURRENTLY cannot run inside a transaction block\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5799\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed PostgreSQL introspection silently dropping sequence defaults when the database returns the schema-qualified form \u003ccode\u003epg_catalog.nextval('sequence_name'::regclass)\u003c/code\u003e instead of the bare \u003ccode\u003enextval(...)\u003c/code\u003e. Columns backed by sequences now correctly appear as \u003ccode\u003e@default(autoincrement())\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5802\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDriver Adapters\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003e@​prisma/adapter-d1\u003c/code\u003e\u003c/strong\u003e: Savepoint operations (\u003ccode\u003ecreateSavepoint\u003c/code\u003e, \u003ccode\u003erollbackToSavepoint\u003c/code\u003e, \u003ccode\u003ereleaseSavepoint\u003c/code\u003e) now silently no-op with debug logging instead of executing SQL statements, consistent with how the D1 adapter already treats top-level transactions. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/client/issues/29499\"\u003e#29499\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOpen roles at Prisma\u003c/h2\u003e\n\u003cp\u003eInterested in joining Prisma? We're growing and have several exciting opportunities across the company for developers who are passionate about building with Prisma. Explore our open positions on our \u003ca href=\"https://www.prisma.io/careers#current\"\u003eCareers page\u003c/a\u003e and find the role that's right for you.\u003c/p\u003e\n\u003ch2\u003eEnterprise support\u003c/h2\u003e\n\u003cp\u003eThousands of teams use Prisma and many of them already tap into our Enterprise \u0026amp; Agency Support Program for hands-on help with everything from schema integrations and performance tuning to security and compliance.\u003c/p\u003e\n\u003cp\u003eWith this program you also get priority issue triage and bug fixes, expert scalability advice, and custom training so that your Prisma-powered apps stay rock-solid at any scale. Learn more or join: \u003ca href=\"https://prisma.io/enterprise\"\u003ehttps://prisma.io/enterprise\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e7.7.0\u003c/h2\u003e\n\u003cp\u003eToday, we are excited to share the \u003ccode\u003e7.7.0\u003c/code\u003e stable release 🎉\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e🌟 Star this repo for notifications about new releases, bug fixes \u0026amp; features — or \u003ca href=\"https://pris.ly/x\"\u003efollow us on X\u003c/a\u003e!\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/62b44ac01aafbe101dad63abaab7da9747f62839\"\u003e\u003ccode\u003e62b44ac\u003c/code\u003e\u003c/a\u003e chore(deps): update engines to 7.8.0-5.e96eae70cf4ade6a15d7e6064d5b0b4f7d835d...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/4104864e3fdcf0805562a6e95e318c28f302fd7b\"\u003e\u003ccode\u003e4104864\u003c/code\u003e\u003c/a\u003e feat: add a query plan cache size parameter (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/client/issues/29503\"\u003e#29503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/723ba7b1abda24cc29f535560eaf13087bfd20bc\"\u003e\u003ccode\u003e723ba7b\u003c/code\u003e\u003c/a\u003e chore(deps): update engines to 7.8.0-4.8c287008617e9b12f313df99e2c821ae61ea9a...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/cadbafe60594b909edbe3aebee7e6af1c1bb6c11\"\u003e\u003ccode\u003ecadbafe\u003c/code\u003e\u003c/a\u003e chore(deps): update engines to 7.8.0-2.3187e3937290320ba3c7dbd5aa94af67942b44...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/f7055337b1d1689af8a0680cc38248cb9af7bee2\"\u003e\u003ccode\u003ef705533\u003c/code\u003e\u003c/a\u003e chore(deps): update engines to 7.8.0-1.7b80cc56c645c6e03c7541474e6a7c8d91b70d...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/fbab4e8ec0359540d8e1bd8b8780ed48ee58cf54\"\u003e\u003ccode\u003efbab4e8\u003c/code\u003e\u003c/a\u003e Fix 29271 (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/client/issues/29303\"\u003e#29303\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/6a3c3ccf9cc2db7f27bbbf6df9f050fc112dc66e\"\u003e\u003ccode\u003e6a3c3cc\u003c/code\u003e\u003c/a\u003e chore: extract parameterization to client-engine-runtime (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/client/issues/29422\"\u003e#29422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/5b420f897bf7f98b1b826f55ebae334114d70eb7\"\u003e\u003ccode\u003e5b420f8\u003c/code\u003e\u003c/a\u003e fix(client): prevent caching of createMany queries to avoid cache bloat and p...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/30f0af635578207b29d8409d7d0cbcdcea264a07\"\u003e\u003ccode\u003e30f0af6\u003c/code\u003e\u003c/a\u003e feat: dmmf streaming with an E2E test (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/client/issues/29377\"\u003e#29377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/14c3c2eb02173048d5ac3a908598a8d7f2244598\"\u003e\u003ccode\u003e14c3c2e\u003c/code\u003e\u003c/a\u003e fix: pin E2E typescript to prevent 6 upgrade (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/client/issues/29383\"\u003e#29383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/prisma/prisma/commits/7.8.0/packages/client\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dotenv` from 17.3.1 to 17.4.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md\"\u003edotenv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/motdotla/dotenv/compare/v17.4.1...v17.4.2\"\u003e17.4.2\u003c/a\u003e (2026-04-12)\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImproved skill files - tightened up details (\u003ca href=\"https://redirect.github.com/motdotla/dotenv/pull/1009\"\u003e#1009\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/motdotla/dotenv/compare/v17.4.0...v17.4.1\"\u003e17.4.1\u003c/a\u003e (2026-04-05)\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eChange text \u003ccode\u003einjecting\u003c/code\u003e to \u003ccode\u003einjected\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/motdotla/dotenv/pull/1005\"\u003e#1005\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/motdotla/dotenv/compare/v17.3.1...v17.4.0\"\u003e17.4.0\u003c/a\u003e (2026-04-01)\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eskills/\u003c/code\u003e folder with focused agent skills: \u003ccode\u003eskills/dotenv/SKILL.md\u003c/code\u003e (core usage) and \u003ccode\u003eskills/dotenvx/SKILL.md\u003c/code\u003e (encryption, multiple environments, variable expansion) for AI coding agent discovery via the skills.sh ecosystem (\u003ccode\u003enpx skills add motdotla/dotenv\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTighten up logs: \u003ccode\u003e◇ injecting env (14) from .env\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/motdotla/dotenv/pull/1003\"\u003e#1003\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motdotla/dotenv/commit/f116f70310abab44fbfddbaeb833698b5bf84a9b\"\u003e\u003ccode\u003ef116f70\u003c/code\u003e\u003c/a\u003e 17.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motdotla/dotenv/commit/3a8161274fdd745239b86e604f4a7e972a1d3902\"\u003e\u003ccode\u003e3a81612\u003c/code\u003e\u003c/a\u003e fix visual order of faq\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motdotla/dotenv/commit/13f55a89e136b2024e68d277b836dd5260fc16cf\"\u003e\u003ccode\u003e13f55a8\u003c/code\u003e\u003c/a\u003e Merge branch 'skill'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motdotla/dotenv/commit/4bbbf73f0906bd69975c48bf310a84b686e5b1b4\"\u003e\u003ccode\u003e4bbbf73\u003c/code\u003e\u003c/a\u003e reorganize faq\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motdotla/dotenv/commit/c3da64bb2ba1d0e02f8b9b2b7ccb7e6f7a51d56c\"\u003e\u003ccode\u003ec3da64b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/motdotla/dotenv/issues/1009\"\u003e#1009\u003c/a\u003e from motdotla/skill\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motdotla/dotenv/commit/6f743b173fbd6c26f7eab7040d251f9a6c8b977d\"\u003e\u003ccode\u003e6f743b1\u003c/code\u003e\u003c/a\u003e update source\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motdotla/dotenv/commit/fc2c6247e858a32d4024cb06a5b0c79aa35851f5\"\u003e\u003ccode\u003efc2c624\u003c/code\u003e\u003c/a\u003e update skill\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motdotla/dotenv/commit/972315ba74bb2bbba4483d112e853fd26006ef8a\"\u003e\u003ccode\u003e972315b\u003c/code\u003e\u003c/a\u003e Tighten up skill\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motdotla/dotenv/commit/2795fce3d1ed07b4c570f1e06ab1c0d533c86997\"\u003e\u003ccode\u003e2795fce\u003c/code\u003e\u003c/a\u003e reorganize faq\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motdotla/dotenv/commit/d5495d4ae8e4e41ef9a682c9e00c81552794274e\"\u003e\u003ccode\u003ed5495d4\u003c/code\u003e\u003c/a\u003e adjust skill\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/motdotla/dotenv/compare/v17.3.1...v17.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.8.2 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.3\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-3635 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(readme): add \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e to plugin team by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6565\"\u003efastify/fastify#6565\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated Plugins-Guide.md; Changed \u0026quot;fastify\u0026quot; to \u0026quot;instance\u0026quot; during plugin registration to showcase that it's added as a child by \u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: use fastify.test in test case by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6568\"\u003efastify/fastify#6568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use fastify.example in documentation by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6567\"\u003efastify/fastify#6567\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add common performance degradation guidance by \u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(server): fix camelCase anchor links in TOC by \u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(link-checker): fix root-relative links resolution by \u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update syntax markdown, absolute paths and links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6569\"\u003efastify/fastify#6569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify content-type parser/schema mismatch is outside threat model by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6537\"\u003efastify/fastify#6537\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix incorrect code examples in Reply and Request reference by \u003ca href=\"https://github.com/mahmoodhamdi\"\u003e\u003ccode\u003e@​mahmoodhamdi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6582\"\u003efastify/fastify#6582\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: replace redirected npm.im http-errors link by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6588\"\u003efastify/fastify#6588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: Allow port to be null in request type definition by \u003ca href=\"https://github.com/TristanBarlow\"\u003e\u003ccode\u003e@​TristanBarlow\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6589\"\u003efastify/fastify#6589\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6593\"\u003efastify/fastify#6593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(lock-threads): use shared lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6592\"\u003efastify/fastify#6592\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3983cce8124714242099e8756a7a9a80a0ba0aea\"\u003e\u003ccode\u003e3983cce\u003c/code\u003e\u003c/a\u003e Bumped v5.8.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3ce3ae6752dbed672759856081af9cb1e2733105\"\u003e\u003ccode\u003e3ce3ae6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/b06a196b694c0c7aed53976cd77456f1ad7d4c9f\"\u003e\u003ccode\u003eb06a196\u003c/code\u003e\u003c/a\u003e docs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6610\"\u003e#6610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/909c5d5329536b0acc004da7649b3da8af9273b2\"\u003e\u003ccode\u003e909c5d5\u003c/code\u003e\u003c/a\u003e chore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6630\"\u003e#6630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/4db21a36ddb588acaebf5a4472ccb3b0d5fc9db0\"\u003e\u003ccode\u003e4db21a3\u003c/code\u003e\u003c/a\u003e chore: Bump borp from 0.21.0 to 1.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6633\"\u003e#6633\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/0f4e544c8acd7c42df347936e613a73cecc4f3fe\"\u003e\u003ccode\u003e0f4e544\u003c/code\u003e\u003c/a\u003e chore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6632\"\u003e#6632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/33a2fcd39de584713495bf4b3bd864137746f224\"\u003e\u003ccode\u003e33a2fcd\u003c/code\u003e\u003c/a\u003e chore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6629\"\u003e#6629\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/fd35d829a8cd496a3c1170c0c1c021130e3ca0e8\"\u003e\u003ccode\u003efd35d82\u003c/code\u003e\u003c/a\u003e ci: reduce cron schedules from daily/weekly to monthly (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6623\"\u003e#6623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/8dee9be05ebf683cd212aeff1d294f6ea1ec405c\"\u003e\u003ccode\u003e8dee9be\u003c/code\u003e\u003c/a\u003e fix: restore trustProxy function for number and string types, add null check ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/d457aeda8611777389c7e4713a288eb7ddb9a389\"\u003e\u003ccode\u003ed457aed\u003c/code\u003e\u003c/a\u003e chore: upgrade to typescript v6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6605\"\u003e#6605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.2...v5.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 25.5.0 to 25.8.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `prisma` from 7.5.0 to 7.8.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prisma/prisma/releases\"\u003eprisma's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.8.0\u003c/h2\u003e\n\u003cp\u003eToday, we are excited to share the \u003ccode\u003e7.8.0\u003c/code\u003e stable release 🎉\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e🌟 Star this repo for notifications about new releases, bug fixes \u0026amp; features — or \u003ca href=\"https://pris.ly/x\"\u003efollow us on X\u003c/a\u003e!\u003c/strong\u003e\u003c/p\u003e\n\u003ch1\u003eHighlights\u003c/h1\u003e\n\u003ch2\u003eORM\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003ePrisma Client\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded a \u003ccode\u003equeryPlanCacheMaxSize\u003c/code\u003e option to the \u003ccode\u003ePrismaClient\u003c/code\u003e constructor for fine-grained control over the query plan cache. Pass \u003ccode\u003e0\u003c/code\u003e to disable the cache entirely, or omit it to use the default cache size. A larger value can improve performance in applications that execute many unique queries, while a smaller one can reduce memory usage. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29503\"\u003e#29503\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003ePrisma Client\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an equality filter panic and incorrect \u003ccode\u003e::jsonb\u003c/code\u003e cast when filtering on PostgreSQL JSON list columns. Queries using \u003ccode\u003ewhere: { jsonListField: { equals: [...] } }\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5804\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed case-insensitive JSON field filtering (\u003ccode\u003emode: insensitive\u003c/code\u003e), allowing \u003ccode\u003ewhere: { jsonField: { equals: \u0026quot;...\u0026quot;, mode: \u0026quot;insensitive\u0026quot; } }\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5806\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed incorrect parameterization of enum values that have a custom database name set via \u003ccode\u003e@map\u003c/code\u003e. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29422\"\u003e#29422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a database parameter limit check (\u003ccode\u003eP2029\u003c/code\u003e), which could incorrectly reject or miss over-limit queries. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29422\"\u003e#29422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a regression that caused missing SQL Server \u003ccode\u003eVARCHAR\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5801\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSchema Engine\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a misleading error message in \u003ccode\u003eprisma migrate diff\u003c/code\u003e that referenced the \u003ccode\u003e--shadow-database-url\u003c/code\u003e CLI flag, which was removed in Prisma 7. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29455\"\u003e#29455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eprisma migrate dev\u003c/code\u003e (and shadow database migration replay in general) failing with \u003ccode\u003eCREATE INDEX CONCURRENTLY cannot run inside a transaction block\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5799\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed PostgreSQL introspection silently dropping sequence defaults when the database returns the schema-qualified form \u003ccode\u003epg_catalog.nextval('sequence_name'::regclass)\u003c/code\u003e instead of the bare \u003ccode\u003enextval(...)\u003c/code\u003e. Columns backed by sequences now correctly appear as \u003ccode\u003e@default(autoincrement())\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5802\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDriver Adapters\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003e@​prisma/adapter-d1\u003c/code\u003e\u003c/strong\u003e: Savepoint operations (\u003ccode\u003ecreateSavepoint\u003c/code\u003e, \u003ccode\u003erollbackToSavepoint\u003c/code\u003e, \u003ccode\u003ereleaseSavepoint\u003c/code\u003e) now silently no-op with debug logging instead of executing SQL statements, consistent with how the D1 adapter already treats top-level transactions. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29499\"\u003e#29499\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOpen roles at Prisma\u003c/h2\u003e\n\u003cp\u003eInterested in joining Prisma? We're growing and have several exciting opportunities across the company for developers who are passionate about building with Prisma. Explore our open positions on our \u003ca href=\"https://www.prisma.io/careers#current\"\u003eCareers page\u003c/a\u003e and find the role that's right for you.\u003c/p\u003e\n\u003ch2\u003eEnterprise support\u003c/h2\u003e\n\u003cp\u003eThousands of teams use Prisma and many of them already tap into our Enterprise \u0026amp; Agency Support Program for hands-on help with everything from schema integrations and performance tuning to security and compliance.\u003c/p\u003e\n\u003cp\u003eWith this program you also get priority issue triage and bug fixes, expert scalability advice, and custom training so that your Prisma-powered apps stay rock-solid at any scale. Learn more or join: \u003ca href=\"https://prisma.io/enterprise\"\u003ehttps://prisma.io/enterprise\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e7.7.0\u003c/h2\u003e\n\u003cp\u003eToday, we are excited to share the \u003ccode\u003e7.7.0\u003c/code\u003e stable release 🎉\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e🌟 Star this repo for notifications about new releases, bug fixes \u0026amp; features — or \u003ca href=\"https://pris.ly/x\"\u003efollow us on X\u003c/a\u003e!\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/572340698b1b81bbe22ef9793e72d13113c11d4c\"\u003e\u003ccode\u003e5723406\u003c/code\u003e\u003c/a\u003e fix(cli): route bootstrap telemetry to Prisma Web Properties project (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29473\"\u003e#29473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/8e71aa7b8de5d897ff4e8dbc92fa85a5ee91469f\"\u003e\u003ccode\u003e8e71aa7\u003c/code\u003e\u003c/a\u003e fix(cli): install missing \u003ccode\u003e@prisma/client\u003c/code\u003e in \u003ccode\u003eprisma bootstrap\u003c/code\u003e (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29444\"\u003e#29444\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/ada077ba32b5801d00d32f1434a45aaae7bc09a9\"\u003e\u003ccode\u003eada077b\u003c/code\u003e\u003c/a\u003e fix(cli): bootstrap UX — auto-install deps, resumable flow, timeout handling ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/9b0b7f5d59f4f9d0dca4d558f4e537e83da18203\"\u003e\u003ccode\u003e9b0b7f5\u003c/code\u003e\u003c/a\u003e feat(cli): add prisma bootstrap command (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29374\"\u003e#29374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/5fece0a97ca3f7a05a7ae6691d49728d19b795a4\"\u003e\u003ccode\u003e5fece0a\u003c/code\u003e\u003c/a\u003e chore: bump \u003ccode\u003e@​prisma/dev\u003c/code\u003e to 0.24.3 (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29396\"\u003e#29396\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/45d7e0f0d595df3ee4ca1e469e3d7381b5247ccf\"\u003e\u003ccode\u003e45d7e0f\u003c/code\u003e\u003c/a\u003e feat(cli): add \u003ccode\u003eprisma postgres link\u003c/code\u003e command (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29352\"\u003e#29352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/adbdf15a2418358c93cca2615bf7eafeff5b5391\"\u003e\u003ccode\u003eadbdf15\u003c/code\u003e\u003c/a\u003e Pre-bundle Studio frontend assets and replace Hono (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29389\"\u003e#29389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/f8258ad65bf4fcd2599ffc8da18ee88e800bd2c5\"\u003e\u003ccode\u003ef8258ad\u003c/code\u003e\u003c/a\u003e chore: bump effect to fix vulnerability (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29384\"\u003e#29384\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/74839a9078e233c8bf8f7fe7416832d3bd6e4175\"\u003e\u003ccode\u003e74839a9\u003c/code\u003e\u003c/a\u003e feat(cli): update bundled \u003ccode\u003e@​prisma/studio-core\u003c/code\u003e to 0.27.3 (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29376\"\u003e#29376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/309b4bccd632d8b40246eab131f3ada578fb4c23\"\u003e\u003ccode\u003e309b4bc\u003c/code\u003e\u003c/a\u003e refactor: extract 'prisma-client-js' into PRISMA_CLIENT_JS_PROVIDER constant ...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/prisma/prisma/commits/7.8.0/packages/cli\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `typescript` from 5.9.3 to 6.0.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/microsoft/TypeScript/releases\"\u003etypescript's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTypeScript 6.0.3\u003c/h2\u003e\n\u003cp\u003eFor release notes, check out the \u003ca href=\"https://devblogs.microsoft.com/typescript/announcing-typescript-6-0/\"\u003erelease announcement blog post\u003c/a\u003e.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93\u0026amp;q=milestone%3A%22TypeScript+6.0.0%22\"\u003efixed issues query for TypeScript 6.0.0 (Beta)\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93\u0026amp;q=milestone%3A%22TypeScript+6.0.1%22\"\u003efixed issues query for TypeScript 6.0.1 (RC)\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93\u0026amp;q=milestone%3A%22TypeScript+6.0.2%22\"\u003efixed issues query for TypeScript 6.0.2 (Stable)\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93\u0026amp;q=milestone%3A%22TypeScript+6.0.3%22\"\u003efixed issues query for TypeScript 6.0.3 (Stable)\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDownloads are available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/typescript\"\u003enpm\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eTypeScript 6.0\u003c/h2\u003e\n\u003cp\u003eFor release notes, check out the \u003ca href=\"https://devblogs.microsoft.com/typescript/announcing-typescript-6-0/\"\u003erelease announcement blog post\u003c/a\u003e.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93\u0026amp;q=milestone%3A%22TypeScript+6.0.0%22\"\u003efixed issues query for TypeScript 6.0.0 (Beta)\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93\u0026amp;q=milestone%3A%22TypeScript+6.0.1%22\"\u003efixed issues query for TypeScript 6.0.1 (RC)\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93\u0026amp;q=milestone%3A%22TypeScript+6.0.2%22\"\u003efixed issues query for TypeScript 6.0.2 (Stable)\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDownloads are available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/typescript\"\u003enpm\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eTypeScript 6.0 Beta\u003c/h2\u003e\n\u003cp\u003eFor release notes, check out the \u003ca href=\"https://devblogs.microsoft.com/typescript/announcing-typescript-6-0-beta/\"\u003erelease announcement\u003c/a\u003e.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93\u0026amp;q=milestone%3A%22TypeScript+6.0.0%22+is%3Aclosed+\"\u003efixed issues query for Typescript 6.0.0 (Beta)\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDownloads are available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/typescript\"\u003enpm\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/TypeScript/commit/050880ce59e30b356b686bd3144efe24f875ebc8\"\u003e\u003ccode\u003e050880c\u003c/code\u003e\u003c/a\u003e Bump version to 6.0.3 and LKG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/TypeScript/commit/eeae9dd0f17aa494658e4ec079dc002e02dd625e\"\u003e\u003ccode\u003eeeae9dd\u003c/code\u003e\u003c/a\u003e 🤖 Pick PR \u003ca href=\"https://redirect.github.com/microsoft/TypeScript/issues/63401\"\u003e#63401\u003c/a\u003e (Also check package name validity in...) into release-6.0 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/TypeScript/commit/ad1c695fada682764bb510dd680e8f175ae54094\"\u003e\u003ccode\u003ead1c695\u003c/code\u003e\u003c/a\u003e 🤖 Pick PR \u003ca href=\"https://redirect.github.com/microsoft/TypeScript/issues/63368\"\u003e#63368\u003c/a\u003e (Harden ATA package name filtering) into release-6.0 (\u003ca href=\"https://redirect.github.com/microsoft/TypeScript/issues/63372\"\u003e#63372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/TypeScript/commit/0725fb4664a1d5ec94040b6d94db77dc1cc354e4\"\u003e\u003ccode\u003e0725fb4\u003c/code\u003e\u003c/a\u003e 🤖 Pick PR \u003ca href=\"https://redirect.github.com/microsoft/TypeScript/issues/63310\"\u003e#63310\u003c/a\u003e (Mark class property initializers as...) into release-6.0 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/TypeScript/commit/607a22a90d1a5a1b507ce01bb8cd7ec020f954e7\"\u003e\u003ccode\u003e607a22a\u003c/code\u003e\u003c/a\u003e Bump version to 6.0.2 and LKG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/TypeScript/commit/9e72ab71b575e26795d0d9eac3d2d9957beed17c\"\u003e\u003ccode\u003e9e72ab7\u003c/code\u003e\u003c/a\u003e 🤖 Pick PR \u003ca href=\"https://redirect.github.com/microsoft/TypeScript/issues/63239\"\u003e#63239\u003c/a\u003e (Fix missing lib files in reused pro...) into release-6.0 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/TypeScript/commit/35ff23d4b0cc715691323ebe54f523c16fe6e3a5\"\u003e\u003ccode\u003e35ff23d\u003c/code\u003e\u003c/a\u003e 🤖 Pick PR \u003ca href=\"https://redirect.github.com/microsoft/TypeScript/issues/63163\"\u003e#63163\u003c/a\u003e (Port anyFunctionType subtype fix an...) into release-6.0 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/TypeScript/commit/e175b69138038953d4e85bf6529afe88d56d8fbe\"\u003e\u003ccode\u003ee175b69\u003c/code\u003e\u003c/a\u003e Bump version to 6.0.1-rc and LKG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/TypeScript/commit/af4caac0e91e838c46b3fdc1c9afacad68800f89\"\u003e\u003ccode\u003eaf4caac\u003c/code\u003e\u003c/a\u003e Update LKG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/TypeScript/commit/8efd7e8544d8b35c9b33bca44a3124aa2613bf09\"\u003e\u003ccode\u003e8efd7e8\u003c/code\u003e\u003c/a\u003e Merge remote-tracking branch 'origin/main' into release-6.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/TypeScript/compare/v5.9.3...v6.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react` from 19.2.4 to 19.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/releases\"\u003ereact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.6 (May 6th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eType hardening and performance improvements\n(\u003ca href=\"https://redirect.github.com/facebook/react/pull/36425\"\u003e#36425\u003c/a\u003e by \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.5 (April 8th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd more cycle protections (\u003ca href=\"https://redirect.github.com/facebook/react/pull/36236\"\u003e#36236\u003c/a\u003e by \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/eaf3e95ca92be7a23d3c9cc8ffd6f199a40be401\"\u003e\u003ccode\u003eeaf3e95\u003c/code\u003e\u003c/a\u003e Version 19.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/23f4f9f30da9e9af2108c18bb197bae75ab584ea\"\u003e\u003ccode\u003e23f4f9f\u003c/code\u003e\u003c/a\u003e 19.2.5\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/facebook/react/commits/v19.2.6/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-dom` from 19.2.4 to 19.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/releases\"\u003ereact-dom's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.6 (May 6th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eType hardening and performance improvements\n(\u003ca href=\"https://redirect.github.com/facebook/react/pull/36425\"\u003e#36425\u003c/a\u003e by \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.5 (April 8th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd more cycle protections (\u003ca href=\"https://redirect.github.com/facebook/react/pull/36236\"\u003e#36236\u003c/a\u003e by \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/eaf3e95ca92be7a23d3c9cc8ffd6f199a40be401\"\u003e\u003ccode\u003eeaf3e95\u003c/code\u003e\u003c/a\u003e Version 19.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/23f4f9f30da9e9af2108c18bb197bae75ab584ea\"\u003e\u003ccode\u003e23f4f9f\u003c/code\u003e\u003c/a\u003e 19.2.5\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/facebook/react/commits/v19.2.6/packages/react-dom\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@vitejs/plugin-react` from 6.0.1 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite-plugin-react/releases\"\u003e@​vitejs/plugin-react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eplugin-react@6.0.2\u003c/h2\u003e\n\u003ch3\u003eAllow all options in reactCompilerPreset (\u003ca href=\"https://redirect.github.com/vitejs/vite-plugin-react/pull/1189\"\u003e#1189\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003eThis is a type only change. Only \u003ccode\u003ecompilationMode\u003c/code\u003e and \u003ccode\u003etarget\u003c/code\u003e options were available for \u003ccode\u003ereactCompilerPreset\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md\"\u003e@​vitejs/plugin-react's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.0.2 (2026-05-14)\u003c/h2\u003e\n\u003ch3\u003eAllow all options in reactCompilerPreset (\u003ca href=\"https://redirect.github.com/vitejs/vite-plugin-react/pull/1189\"\u003e#1189\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003eThis is a type only change. Only \u003ccode\u003ecompilationMode\u003c/code\u003e and \u003ccode\u003etarget\u003c/code\u003e options were available for \u003ccode\u003ereactCompilerPreset\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/6535b55e956b425e6650ffc2cc98fd23cca1d231\"\u003e\u003ccode\u003e6535b55\u003c/code\u003e\u003c/a\u003e release: plugin-react@6.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/bf0e43b756e3be81f8572d59727c218311f431ef\"\u003e\u003ccode\u003ebf0e43b\u003c/code\u003e\u003c/a\u003e feat(react): whitelist debugging-options (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1189\"\u003e#1189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/3bd1f08ae0b82ee0e96feb2ff265e61c6fe74b54\"\u003e\u003ccode\u003e3bd1f08\u003c/code\u003e\u003c/a\u003e feat: use carets for rolldown versions (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1216\"\u003e#1216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/2b8df67323265d1ff5ddf47b2db9ab0b9de5c688\"\u003e\u003ccode\u003e2b8df67\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1218\"\u003e#1218\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/8fa9619e1b1f51b079f4c1df6b...\n\n_Description has been truncated_","html_url":"https://github.com/macel94/ip-geo-analytics/pull/98","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/macel94%2Fip-geo-analytics/issues/98","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/98/packages"},{"uuid":"4420153633","node_id":"PR_kwDOSZ_ZV87aNomo","number":15,"state":"open","title":"chore: bump @fastify/static from 8.2.0 to 9.1.3","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-11T10:47:07.000Z","updated_at":"2026-05-11T10:47:08.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore","packages":[{"name":"@fastify/static","old_version":"8.2.0","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"}],"path":null,"ecosystem":"npm"},"body":"Bumps [@fastify/static](https://github.com/fastify/fastify-static) from 8.2.0 to 9.1.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: support wildcard prefixes with route params by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/576\"\u003efastify/fastify-static#576\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: resolve wildcard paths in encapsulated contexts by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/574\"\u003efastify/fastify-static#574\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6410 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\u003c/a\u003e.\nThis fixes CVE CVE-2026-6414 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/570\"\u003efastify/fastify-static#570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/552\"\u003efastify/fastify-static#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move ignoreTrailingSlash under routerOptions by \u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/543\"\u003efastify/fastify-static#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump pino and borp dependencies, delete stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update syntax typescript by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/558\"\u003efastify/fastify-static#558\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/560\"\u003efastify/fastify-static#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: sendFile ignoring option overrides in some cases by \u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade c8 to v11.0.0 and improvements test by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/564\"\u003efastify/fastify-static#564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/566\"\u003efastify/fastify-static#566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump content-disposition from 0.5.4 to 1.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/547\"\u003efastify/fastify-static#547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate glob@13 by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/550\"\u003efastify/fastify-static#550\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/880c1a6c9118c7ff7c74a5727e5697237183d5cf\"\u003e\u003ccode\u003e880c1a6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/7f92da5bf2366ccd2e0082e77d5222a7cb47d152\"\u003e\u003ccode\u003e7f92da5\u003c/code\u003e\u003c/a\u003e fix: support wildcard prefixes with route params (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/b0a66d5270a1ee1535e0c786d9beac2c7c7619c6\"\u003e\u003ccode\u003eb0a66d5\u003c/code\u003e\u003c/a\u003e Bumped v9.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/32af86372ab45d3799408d5b56fc7f7d3003e5de\"\u003e\u003ccode\u003e32af863\u003c/code\u003e\u003c/a\u003e fix: resolve wildcard paths in encapsulated contexts (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/48b136f5d8da0efea328f49f6202ab3edabf608b\"\u003e\u003ccode\u003e48b136f\u003c/code\u003e\u003c/a\u003e Bumped v9.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/cc7b7f7e00a5f028599ba17392b831afd0c651aa\"\u003e\u003ccode\u003ecc7b7f7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/9921faa7ffe4931f4bbd2d1a8b6d90e720081856\"\u003e\u003ccode\u003e9921faa\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/4183d2d8dd52b11c27f7adc22abb8d2531ad4a02\"\u003e\u003ccode\u003e4183d2d\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/a3a8cd6c7a5b0937d7ad939564991c284f09754a\"\u003e\u003ccode\u003ea3a8cd6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/8423c80016917b40a3e42c38fd55070a89d1b9b8\"\u003e\u003ccode\u003e8423c80\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.2.0...v9.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@fastify/static\u0026package-manager=npm_and_yarn\u0026previous-version=8.2.0\u0026new-version=9.1.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/can4hou6joeng4/mall-saas/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/can4hou6joeng4%2Fmall-saas/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"},{"uuid":"4409416824","node_id":"PR_kwDOQPGo0c7ZsC7w","number":2,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 8 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-09T03:36:40.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-08T21:09:45.000Z","updated_at":"2026-05-09T03:36:42.000Z","time_to_close":23215,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":8,"packages":[{"name":"vite","old_version":"7.3.1","new_version":"7.3.2","repository_url":"https://github.com/vitejs/vite"},{"name":"fast-xml-parser","old_version":"5.5.7","new_version":"5.7.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"drizzle-orm","old_version":"0.42.0","new_version":"0.45.2","repository_url":"https://github.com/drizzle-team/drizzle-orm"},{"name":"postcss","old_version":"8.5.8","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"@fastify/middie","old_version":"9.1.0","new_version":"9.3.2","repository_url":"https://github.com/fastify/middie"},{"name":"@fastify/static","old_version":"9.0.0","new_version":"9.1.1","repository_url":"https://github.com/fastify/fastify-static"},{"name":"fastify","old_version":"5.8.3","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `7.3.1` | `7.3.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.5.7` | `5.7.0` |\n| [drizzle-orm](https://github.com/drizzle-team/drizzle-orm) | `0.42.0` | `0.45.2` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.8` | `8.5.10` |\n| [@fastify/middie](https://github.com/fastify/middie) | `9.1.0` | `9.3.2` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `9.0.0` | `9.1.1` |\n| [fastify](https://github.com/fastify/fastify) | `5.8.3` | `5.8.5` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/db directory: [drizzle-orm](https://github.com/drizzle-team/drizzle-orm).\n\nUpdates `vite` from 7.3.1 to 7.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.1...v7.3.2\"\u003e7.3.2\u003c/a\u003e (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e09d8c90\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebackport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22162\"\u003e#22162\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e19db0f2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echeck \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22160\"\u003e#22160\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003ef8103cc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cc383e07b66d4c5a9768fcb570e0af812cb8d999\"\u003e\u003ccode\u003ecc383e0\u003c/code\u003e\u003c/a\u003e release: v7.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e\u003ccode\u003e09d8c90\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003e\u003ccode\u003ef8103cc\u003c/code\u003e\u003c/a\u003e fix: check \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22160\"\u003e#22160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e\u003ccode\u003e19db0f2\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22162\"\u003e#22162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vitejs/vite/commits/v7.3.2/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 5.5.7 to 5.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003euse \u003ccode\u003e@​nodable/entities\u003c/code\u003e to replace entities\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo API change\u003c/li\u003e\n\u003cli\u003eNo change in performance for basic usage\u003c/li\u003e\n\u003cli\u003eNo typing change\u003c/li\u003e\n\u003cli\u003eNo config change\u003c/li\u003e\n\u003cli\u003enew dependency\u003c/li\u003e\n\u003cli\u003ebreaking: error messages for entities might have been changed.\u003c/li\u003e\n\u003cli\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.12...v5.6.0\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.12...v5.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eperformance improvment, increase entity expansion default limit\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eincrease default entity explansion limit as many projects demand for that\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre\u003e\u003ccode\u003emaxEntitySize: 10000,\r\nmaxExpansionDepth: 10000,\r\nmaxTotalExpansions: Infinity,\r\nmaxExpandedLength: 100000,\r\nmaxEntityCount: 1000,\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cul\u003e\n\u003cli\u003eperformance improvement\n\u003cul\u003e\n\u003cli\u003ereduce calls to toString\u003c/li\u003e\n\u003cli\u003eearly return when entities are not present\u003c/li\u003e\n\u003cli\u003eprepare rawAttrsForMatcher only if user sets \u003ccode\u003ejPath: false\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.9...v5.5.10\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.9...v5.5.10\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003efix typins and matcher instance in callbacks\u003c/h2\u003e\n\u003cp\u003ecombine typings file to avoid configuration changes\npass readonly instance of matcher to the call backs to avoid accidental push/pop call\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003efast-xml-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003eNote: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003cp\u003eNote: Due to some last quick changes on v4, detail of v4.5.3 \u0026amp; v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.3 / 2006-05-05\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: alwaysCreateTextNode should create text node when attributes are present for self closing node\u003c/li\u003e\n\u003cli\u003efix stop node expression when ns prefix is removed (found by \u003ca href=\"https://github.com/iruizsalinas\"\u003eiruizsalinas\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate XML Builder to 1.1.7\u003c/li\u003e\n\u003cli\u003emark addEntity deprecated\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.2 / 2026-04-25\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eallow numerical external entity for backward compatibility\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/705\"\u003e#705\u003c/a\u003e: attributesGroupName working with preserveOrder\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/817\"\u003e#817\u003c/a\u003e: stackoverflow when tag expression is very long\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.1 / 2026-04-20\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix typo in CJS typing file\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.0 / 2026-04-17\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse \u003ccode\u003e@nodable/entities\u003c/code\u003e v2.1.0\n\u003cul\u003e\n\u003cli\u003ebreaking changes\n\u003cul\u003e\n\u003cli\u003esingle entity scan. You're not allowed to user entity value to form another entity name.\u003c/li\u003e\n\u003cli\u003eyou cant add numeric external entity\u003c/li\u003e\n\u003cli\u003eentity error message when expantion limit is crossed might change\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003etypings are updated for new options related to process entity\u003c/li\u003e\n\u003cli\u003eplease follow documentation of \u003ccode\u003e@nodable/entities\u003c/code\u003e for more detail.\u003c/li\u003e\n\u003cli\u003eperformance\n\u003cul\u003e\n\u003cli\u003eif processEntities is false, then there should not be impact on performance.\u003c/li\u003e\n\u003cli\u003eif processEntities is true, but you dont pass entity decoder separately then performance may degrade by approx 8-10%\u003c/li\u003e\n\u003cli\u003eif processEntities is true, and you pass entity decoder separately\n\u003cul\u003e\n\u003cli\u003eif no entity then performance should be same as before\u003c/li\u003e\n\u003cli\u003eif there are entities then performance should be increased from past versions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eignoreAttributes is not required to be set to set xml version for NCR entity value\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eupdate 'fast-xml-builder' to sanitize malicious CDATA and comment's content\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.6.0 / 2026-04-15\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: entity replacement for numeric entities\u003c/li\u003e\n\u003cli\u003euse \u003ccode\u003e@​nodable/entities\u003c/code\u003e to replace entities\n\u003cul\u003e\n\u003cli\u003ethis may change some error messages related to entities expansion limit or inavlid use\u003c/li\u003e\n\u003cli\u003epost check would be exposed in future version\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.12 / 2026-04-13\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePerformance Improvement: update path-expression-matcher\n\u003cul\u003e\n\u003cli\u003euse proxy pattern than Proxy class\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.11 / 2026-04-08\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePerformance Improvement\n\u003cul\u003e\n\u003cli\u003eintegrate ExpressionSet for stopNodes\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f529642d760ef53bb9115ad4798af5dc77ac22c4\"\u003e\u003ccode\u003ef529642\u003c/code\u003e\u003c/a\u003e update to release v5.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/52a8583465d6a67ad19e86fe34714879a981c18e\"\u003e\u003ccode\u003e52a8583\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;improve performance of attributes reading\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/8d187f9abaf42ebdd85623a9ae942b08e8ae5d0c\"\u003e\u003ccode\u003e8d187f9\u003c/code\u003e\u003c/a\u003e update builder\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/e174168a72a65a8fccad2c42bde329d2167edf27\"\u003e\u003ccode\u003ee174168\u003c/code\u003e\u003c/a\u003e improve performance of attributes reading\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/79a8dde50cebaeeda75cc1ad5b97c328da106316\"\u003e\u003ccode\u003e79a8dde\u003c/code\u003e\u003c/a\u003e update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f5cd5a595f313ed7b0820cabfa82ebdaa08651f7\"\u003e\u003ccode\u003ef5cd5a5\u003c/code\u003e\u003c/a\u003e set xml version to decoder even if attributes are ignored\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f44b9236f4bee07bba75f0549fe86c981b1aeeef\"\u003e\u003ccode\u003ef44b923\u003c/code\u003e\u003c/a\u003e remove unwanted tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/869ec8b3588304a3a6aa9f22e38445e06d4547c8\"\u003e\u003ccode\u003e869ec8b\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003e@​nodable/entities\u003c/code\u003e v2.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/7cb49e51cd060caecf296fbf718a98d8c044c8c5\"\u003e\u003ccode\u003e7cb49e5\u003c/code\u003e\u003c/a\u003e update release detail\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/1b14fa7e2a957ea4eae7bbf144534737a19d4527\"\u003e\u003ccode\u003e1b14fa7\u003c/code\u003e\u003c/a\u003e include currency entities in default list\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.7...v5.7.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `drizzle-orm` from 0.42.0 to 0.45.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/drizzle-team/drizzle-orm/releases\"\u003edrizzle-orm's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.45.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003esql.identifier()\u003c/code\u003e, \u003ccode\u003esql.as()\u003c/code\u003e escaping issues. Previously all the values passed to this functions were not properly escaped\ncausing a possible SQL Injection (CWE-89) vulnerability\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/EthanKim88\"\u003e\u003ccode\u003e@​EthanKim88\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/0x90sh\"\u003e\u003ccode\u003e@​0x90sh\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/wgoodall01\"\u003e\u003ccode\u003e@​wgoodall01\u003c/code\u003e\u003c/a\u003e for reaching out to us with a reproduction and suggested fix\u003c/p\u003e\n\u003ch2\u003e0.45.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed pg-native Pool detection in node-postgres transactions breaking in environments with forbidden \u003ccode\u003erequire()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5107\"\u003e#5107\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.45.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed pg-native Pool detection in node-postgres transactions\u003c/li\u003e\n\u003cli\u003eAllowed subqueries in select fields\u003c/li\u003e\n\u003cli\u003eUpdated typo algorythm =\u0026gt; algorithm\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003e$onUpdate\u003c/code\u003e not handling \u003ccode\u003eSQL\u003c/code\u003e values (fixes \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/2388\"\u003e#2388\u003c/a\u003e, tests implemented by \u003ca href=\"https://github.com/L-Mario564\"\u003eL-Mario564\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/pull/2911\"\u003e#2911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003epg\u003c/code\u003e mappers not handling \u003ccode\u003eDate\u003c/code\u003e instances in \u003ccode\u003ebun-sql:postgresql\u003c/code\u003e driver responses for \u003ccode\u003edate\u003c/code\u003e, \u003ccode\u003etimestamp\u003c/code\u003e types (fixes \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/4493\"\u003e#4493\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix durable sqlite transaction return value \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/3746\"\u003e#3746\u003c/a\u003e - thanks \u003ca href=\"https://github.com/joaocstro\"\u003e\u003ccode\u003e@​joaocstro\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add $replicas reference \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/4874\"\u003e#4874\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed invalid usage of \u003ccode\u003e.one()\u003c/code\u003e in \u003ccode\u003edurable-sqlite\u003c/code\u003e session\u003c/li\u003e\n\u003cli\u003eFixed spread operator related crash in sqlite \u003ccode\u003eblob\u003c/code\u003e columns\u003c/li\u003e\n\u003cli\u003eBetter browser support for sqlite \u003ccode\u003eblob\u003c/code\u003e columns\u003c/li\u003e\n\u003cli\u003eImproved sqlite \u003ccode\u003eblob\u003c/code\u003e mapping\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix wrong DrizzleQueryError export. thanks \u003ca href=\"https://github.com/nathankleyn\"\u003e\u003ccode\u003e@​nathankleyn\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed types of \u003ccode\u003e$client\u003c/code\u003e for clients created by drizzle function\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003eawait db.$client.[...]\n\u003c/code\u003e\u003c/pre\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eupdated_at\u003c/code\u003e column to the \u003ccode\u003eneon_auth.users_sync\u003c/code\u003e table definition.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[BUG]: Fixed type issues with joins with certain variations of \u003ccode\u003etsconfig\u003c/code\u003e: \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/4535\"\u003e#4535\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/4457\"\u003e#4457\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/4586\"\u003e[BUG]: Drizzle can no longer run on Durable Objects\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.0\u003c/h2\u003e\n\u003ch2\u003eError handling\u003c/h2\u003e\n\u003cp\u003eStarting from this version, we’ve introduced a new \u003ccode\u003eDrizzleQueryError\u003c/code\u003e that wraps all errors from database drivers and provides a set of useful information:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/273c78071d4841b497f5144734b38294df7ec64b\"\u003e\u003ccode\u003e273c780\u003c/code\u003e\u003c/a\u003e + 0.45.2 (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5534\"\u003e#5534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/4aa6ecfee4b4728dadf6f77f071a149878a3c6c0\"\u003e\u003ccode\u003e4aa6ecf\u003c/code\u003e\u003c/a\u003e Kit updates (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5490\"\u003e#5490\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/e8e6edfef5ca69c6188d320388ad440265911057\"\u003e\u003ccode\u003ee8e6edf\u003c/code\u003e\u003c/a\u003e feat(drizzle-kit): support d1 via binding (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5302\"\u003e#5302\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/a086f59fba7f46f3a077893ba912c99e91eaa760\"\u003e\u003ccode\u003ea086f59\u003c/code\u003e\u003c/a\u003e Fixed pg-native Pool detection in node-postgres transactions breaking in envi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/c445637df39366bcf47b12601896ce851771c1c2\"\u003e\u003ccode\u003ec445637\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5095\"\u003e#5095\u003c/a\u003e from drizzle-team/main-workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/e7b3aaa26456b88cd23a7843ebc95b3bddde1ba4\"\u003e\u003ccode\u003ee7b3aaa\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into main-workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/0d885a54ddafd8717f8610cf3d2899f3eef61e65\"\u003e\u003ccode\u003e0d885a5\u003c/code\u003e\u003c/a\u003e refactor: Update condition for run-feature job to improve clarity and functio...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/45a1ffbcbfdd96772d0aba7d9e43744db2dce471\"\u003e\u003ccode\u003e45a1ffb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5087\"\u003e#5087\u003c/a\u003e from drizzle-team/main-workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/6357645bd33b1f444e1d081769dd4b71c3de31f8\"\u003e\u003ccode\u003e6357645\u003c/code\u003e\u003c/a\u003e chore: Comment out NEON_HTTP_CONNECTION_STRING requirement in release workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/53dec98a936f549d0cc2e668f19db3a2df842f51\"\u003e\u003ccode\u003e53dec98\u003c/code\u003e\u003c/a\u003e refactor: Simplify release router workflow by removing unnecessary switch job...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/drizzle-team/drizzle-orm/compare/0.42.0...0.45.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for drizzle-orm since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.5.8 to 8.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986\"\u003e\u003ccode\u003e33b9790\u003c/code\u003e\u003c/a\u003e Release 8.5.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b\"\u003e\u003ccode\u003e536c79e\u003c/code\u003e\u003c/a\u003e Escape \u0026lt;/style\u0026gt; in CSS output (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2074\"\u003e#2074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4\"\u003e\u003ccode\u003eafa96b2\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2073\"\u003e#2073\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d\"\u003e\u003ccode\u003eeffe88b\u003c/code\u003e\u003c/a\u003e Typo (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2072\"\u003e#2072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad\"\u003e\u003ccode\u003e3ee79a2\u003c/code\u003e\u003c/a\u003e Thread model (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01\"\u003e\u003ccode\u003e2e0683d\u003c/code\u003e\u003c/a\u003e Create incident response docs (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/fe88ac29c06b7b218be32994cdc6ca1525bdf2c9\"\u003e\u003ccode\u003efe88ac2\u003c/code\u003e\u003c/a\u003e Release 8.5.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/c551632496b87ab3f1965bfda5dc386b6c71963e\"\u003e\u003ccode\u003ec551632\u003c/code\u003e\u003c/a\u003e Avoid RegExp when we can use simple JS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/89a6b744060eb8dee743351c785a9fbe37d4525a\"\u003e\u003ccode\u003e89a6b74\u003c/code\u003e\u003c/a\u003e Move SECURITY.txt for docs folder to keep GitHub page cleaner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/6ceb8a46af9f9de821faee98f861bdf84617347b\"\u003e\u003ccode\u003e6ceb8a4\u003c/code\u003e\u003c/a\u003e Create SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.5.8...8.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fastify/middie` from 9.1.0 to 9.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/middie/releases\"\u003e@​fastify/middie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.3.2\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6270 \u003ca href=\"https://github.com/fastify/middie/security/advisories/GHSA-72c6-fx6q-fr5w\"\u003ehttps://github.com/fastify/middie/security/advisories/GHSA-72c6-fx6q-fr5w\u003c/a\u003e.\nThis fixes CVE CVE-2026-33804 \u003ca href=\"https://github.com/fastify/middie/security/advisories/GHSA-v9ww-2j6r-98q6\"\u003ehttps://github.com/fastify/middie/security/advisories/GHSA-v9ww-2j6r-98q6\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/middie/pull/256\"\u003efastify/middie#256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/middie/pull/258\"\u003efastify/middie#258\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/middie/pull/259\"\u003efastify/middie#259\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/middie/compare/v9.3.1...v9.3.2\"\u003ehttps://github.com/fastify/middie/compare/v9.3.1...v9.3.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: preserve percent-encoding in prefix stripping by \u003ca href=\"https://github.com/panva\"\u003e\u003ccode\u003e@​panva\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/middie/pull/255\"\u003efastify/middie#255\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/middie/compare/v9.3.0...v9.3.1\"\u003ehttps://github.com/fastify/middie/compare/v9.3.0...v9.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/middie/pull/250\"\u003efastify/middie#250\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: preserve query string when stripping path prefix by \u003ca href=\"https://github.com/panva\"\u003e\u003ccode\u003e@​panva\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/middie/pull/249\"\u003efastify/middie#249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump c8 from 10.1.3 to 11.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/middie/pull/253\"\u003efastify/middie#253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/panva\"\u003e\u003ccode\u003e@​panva\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/middie/pull/249\"\u003efastify/middie#249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/middie/compare/v9.2.0...v9.3.0\"\u003ehttps://github.com/fastify/middie/compare/v9.2.0...v9.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.2.0\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eFixes \u003ca href=\"https://github.com/fastify/middie/security/advisories/GHSA-8p85-9qpw-fwgw\"\u003ehttps://github.com/fastify/middie/security/advisories/GHSA-8p85-9qpw-fwgw\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: remove stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/middie/pull/247\"\u003efastify/middie#247\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/middie/pull/247\"\u003efastify/middie#247\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/middie/compare/v9.1.0...v9.2.0\"\u003ehttps://github.com/fastify/middie/compare/v9.1.0...v9.2.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/middie/commit/792d2f46ae68516d3122c9a4468a5748a34efb47\"\u003e\u003ccode\u003e792d2f4\u003c/code\u003e\u003c/a\u003e Bumped v9.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/middie/commit/ca42dd768f64d4fd7cc827a4c415fec546a2c8bb\"\u003e\u003ccode\u003eca42dd7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/middie/commit/29162c8e3074baaebdf40ca43b4c91c384713eb4\"\u003e\u003ccode\u003e29162c8\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/middie/commit/33c75539a4626e3943c1c86fe378d7c8c4a39790\"\u003e\u003ccode\u003e33c7553\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/middie/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/middie/commit/caf538bb68daa236c34d4709db6ee0dc99943c45\"\u003e\u003ccode\u003ecaf538b\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (\u003ca href=\"https://redirect.github.com/fastify/middie/issues/258\"\u003e#258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/middie/commit/57dd100de57aacea3264f7271ce917f4ad69460a\"\u003e\u003ccode\u003e57dd100\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/middie/issues/256\"\u003e#256\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/middie/commit/fb129379ce05dc0f5400f43c22f178a8b9b09214\"\u003e\u003ccode\u003efb12937\u003c/code\u003e\u003c/a\u003e Bumped v9.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/middie/commit/24aa8d3009e5dd9bdf252e90f23ff89c48748fef\"\u003e\u003ccode\u003e24aa8d3\u003c/code\u003e\u003c/a\u003e fix: preserve percent-encoding in prefix stripping (\u003ca href=\"https://redirect.github.com/fastify/middie/issues/255\"\u003e#255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/middie/commit/f57b37f05b193e504574449a74335aef8f319237\"\u003e\u003ccode\u003ef57b37f\u003c/code\u003e\u003c/a\u003e Bumped v9.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/middie/commit/5b47608efabacfc7e74ac4ec9f0f0f8e1b897ba1\"\u003e\u003ccode\u003e5b47608\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump c8 from 10.1.3 to 11.0.0 (\u003ca href=\"https://redirect.github.com/fastify/middie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/middie/compare/v9.1.0...v9.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fastify/static` from 9.0.0 to 9.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6410 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\u003c/a\u003e.\nThis fixes CVE CVE-2026-6414 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/570\"\u003efastify/fastify-static#570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/552\"\u003efastify/fastify-static#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move ignoreTrailingSlash under routerOptions by \u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/543\"\u003efastify/fastify-static#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump pino and borp dependencies, delete stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update syntax typescript by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/558\"\u003efastify/fastify-static#558\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/560\"\u003efastify/fastify-static#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: sendFile ignoring option overrides in some cases by \u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade c8 to v11.0.0 and improvements test by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/564\"\u003efastify/fastify-static#564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/566\"\u003efastify/fastify-static#566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/48b136f5d8da0efea328f49f6202ab3edabf608b\"\u003e\u003ccode\u003e48b136f\u003c/code\u003e\u003c/a\u003e Bumped v9.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/cc7b7f7e00a5f028599ba17392b831afd0c651aa\"\u003e\u003ccode\u003ecc7b7f7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/9921faa7ffe4931f4bbd2d1a8b6d90e720081856\"\u003e\u003ccode\u003e9921faa\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/4183d2d8dd52b11c27f7adc22abb8d2531ad4a02\"\u003e\u003ccode\u003e4183d2d\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/a3a8cd6c7a5b0937d7ad939564991c284f09754a\"\u003e\u003ccode\u003ea3a8cd6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/8423c80016917b40a3e42c38fd55070a89d1b9b8\"\u003e\u003ccode\u003e8423c80\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/475dce148995ac754a8cb344bad63c8cbd6517d2\"\u003e\u003ccode\u003e475dce1\u003c/code\u003e\u003c/a\u003e chore: upgrade c8 to v11.0.0 and improvements test (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/3ff0f39b94da96f42a88ed57c554abc8381806c3\"\u003e\u003ccode\u003e3ff0f39\u003c/code\u003e\u003c/a\u003e fix: sendFile ignoring option overrides in some cases (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/559\"\u003e#559\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/663baa7da61ff69115995baf59efba6396d814a8\"\u003e\u003ccode\u003e663baa7\u003c/code\u003e\u003c/a\u003e chore(license): standardise license notice (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/560\"\u003e#560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/51bb66e88667850ff5e8f4e9a27ebbf8c5b7bbad\"\u003e\u003ccode\u003e51bb66e\u003c/code\u003e\u003c/a\u003e chore: update syntax typescript (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.8.3 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3983cce8124714242099e8756a7a9a80a0ba0aea\"\u003e\u003ccode\u003e3983cce\u003c/code\u003e\u003c/a\u003e Bumped v5.8.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3ce3ae6752dbed672759856081af9cb1e2733105\"\u003e\u003ccode\u003e3ce3ae6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/b06a196b694c0c7aed53976cd77456f1ad7d4c9f\"\u003e\u003ccode\u003eb06a196\u003c/code\u003e\u003c/a\u003e docs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6610\"\u003e#6610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/909c5d5329536b0acc004da7649b3da8af9273b2\"\u003e\u003ccode\u003e909c5d5\u003c/code\u003e\u003c/a\u003e chore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6630\"\u003e#6630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/4db21a36ddb588acaebf5a4472ccb3b0d5fc9db0\"\u003e\u003ccode\u003e4db21a3\u003c/code\u003e\u003c/a\u003e chore: Bump borp from 0.21.0 to 1.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6633\"\u003e#6633\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/0f4e544c8acd7c42df347936e613a73cecc4f3fe\"\u003e\u003ccode\u003e0f4e544\u003c/code\u003e\u003c/a\u003e chore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6632\"\u003e#6632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/33a2fcd39de584713495bf4b3bd864137746f224\"\u003e\u003ccode\u003e33a2fcd\u003c/code\u003e\u003c/a\u003e chore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6629\"\u003e#6629\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/fd35d829a8cd496a3c1170c0c1c021130e3ca0e8\"\u003e\u003ccode\u003efd35d82\u003c/code\u003e\u003c/a\u003e ci: reduce cron schedules from daily/weekly to monthly (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6623\"\u003e#6623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/8dee9be05ebf683cd212aeff1d294f6ea1ec405c\"\u003e\u003ccode\u003e8dee9be\u003c/code\u003e\u003c/a\u003e fix: restore trustProxy function for number and string types, add null check ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/d457aeda8611777389c7e4713a288eb7ddb9a389\"\u003e\u003ccode\u003ed457aed\u003c/code\u003e\u003c/a\u003e chore: upgrade to typescript v6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6605\"\u003e#6605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.3...v5.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-builder` from 1.1.4 to 1.1.8\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/blob/main/CHANGELOG.md\"\u003efast-xml-builder's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003cstrong\u003e1.2.0\u003c/strong\u003e (2026-05-08)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003esanitizeName\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eSupport xml-naming for validating and sanitizing tag and attribute names\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.9\u003c/strong\u003e (2026-05-06)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: format output for preserve order when indent by is set to empty string\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.8\u003c/strong\u003e (2026-05-05)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: skip text property for PI tags\u003c/li\u003e\n\u003cli\u003eimprove typings\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.7\u003c/strong\u003e (2026--05-04)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix security issues when attribute value contains quotes\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.6\u003c/strong\u003e (2026--05-04)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix security issues related to comment\u003c/li\u003e\n\u003cli\u003eskip comment with null value\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.5\u003c/strong\u003e (2026-04-17)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix security issues related to comment and cdata\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.4\u003c/strong\u003e (2026-03-16)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esupport maxNestedTags option\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.3\u003c/strong\u003e (2026-03-13)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003edeclare Matcher \u0026amp; Expression as unknown so user is not forced to install path-expression-matcher\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.2\u003c/strong\u003e (2026-03-11)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix typings\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.1\u003c/strong\u003e (2026-03-11)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade path-expression-matcher to 1.1.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.0\u003c/strong\u003e (2026-03-10)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntegrate \u003ca href=\"https://github.com/NaturalIntelligence/path-expression-matcher\"\u003epath-expression-matcher\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/15d5668b53777400c8d80b6e21029c1a70888c78\"\u003e\u003ccode\u003e15d5668\u003c/code\u003e\u003c/a\u003e update for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/98774853a696a1aee4dca830dd3eee2759676bd2\"\u003e\u003ccode\u003e9877485\u003c/code\u003e\u003c/a\u003e fix: skip text property for PI tags\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/311a2213a817cf31558bea7c0e0807b0d4441814\"\u003e\u003ccode\u003e311a221\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-builder/issues/5\"\u003e#5\u003c/a\u003e typing import issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/e8fc5b15d9d54b559781961f066de82a55aabcdd\"\u003e\u003ccode\u003ee8fc5b1\u003c/code\u003e\u003c/a\u003e update for releast\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/fddfaf31a1cb25958ca2f573057fb14c9451fad7\"\u003e\u003ccode\u003efddfaf3\u003c/code\u003e\u003c/a\u003e escape quotes in attribute value\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/b74fb4c4037345262fddb44bf28c88395d08ff84\"\u003e\u003ccode\u003eb74fb4c\u003c/code\u003e\u003c/a\u003e update for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/e1ea778d89dada90fe322d4d1c24a3915bf91014\"\u003e\u003ccode\u003ee1ea778\u003c/code\u003e\u003c/a\u003e fix security issue when comment val can have 3 consecutive dashes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/5342696bfc93f93eb4df813fe3787edd86db96e1\"\u003e\u003ccode\u003e5342696\u003c/code\u003e\u003c/a\u003e update version to release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/2dda5746d07068a05228c4c165676e6852167a7c\"\u003e\u003ccode\u003e2dda574\u003c/code\u003e\u003c/a\u003e safely handle cdata and comment content\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/compare/v1.1.4...v1.1.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `drizzle-orm` from 0.42.0 to 0.45.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/drizzle-team/drizzle-orm/releases\"\u003edrizzle-orm's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.45.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003esql.identifier()\u003c/code\u003e, \u003ccode\u003esql.as()\u003c/code\u003e escaping issues. Previously all the values passed to this functions were not properly escaped\ncausing a possible SQL Injection (CWE-89) vulnerability\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/EthanKim88\"\u003e\u003ccode\u003e@​EthanKim88\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/0x90sh\"\u003e\u003ccode\u003e@​0x90sh\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/wgoodall01\"\u003e\u003ccode\u003e@​wgoodall01\u003c/code\u003e\u003c/a\u003e for reaching out to us with a reproduction and suggested fix\u003c/p\u003e\n\u003ch2\u003e0.45.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed pg-native Pool detection in node-postgres transactions breaking in environments with forbidden \u003ccode\u003erequire()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5107\"\u003e#5107\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.45.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed pg-native Pool detection in node-postgres transactions\u003c/li\u003e\n\u003cli\u003eAllowed subqueries in select fields\u003c/li\u003e\n\u003cli\u003eUpdated typo algorythm =\u0026gt; algorithm\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003e$onUpdate\u003c/code\u003e not handling \u003ccode\u003eSQL\u003c/code\u003e values (fixes \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/2388\"\u003e#2388\u003c/a\u003e, tests implemented by \u003ca href=\"https://github.com/L-Mario564\"\u003eL-Mario564\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/pull/2911\"\u003e#2911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003epg\u003c/code\u003e mappers not handling \u003ccode\u003eDate\u003c/code\u003e instances in \u003ccode\u003ebun-sql:postgresql\u003c/code\u003e driver responses for \u003ccode\u003edate\u003c/code\u003e, \u003ccode\u003etimestamp\u003c/code\u003e types (fixes \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/4493\"\u003e#4493\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix durable sqlite transaction return value \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/3746\"\u003e#3746\u003c/a\u003e - thanks \u003ca href=\"https://github.com/joaocstro\"\u003e\u003ccode\u003e@​joaocstro\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add $replicas reference \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/4874\"\u003e#4874\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed invalid usage of \u003ccode\u003e.one()\u003c/code\u003e in \u003ccode\u003edurable-sqlite\u003c/code\u003e session\u003c/li\u003e\n\u003cli\u003eFixed spread operator related crash in sqlite \u003ccode\u003eblob\u003c/code\u003e columns\u003c/li\u003e\n\u003cli\u003eBetter browser support for sqlite \u003ccode\u003eblob\u003c/code\u003e columns\u003c/li\u003e\n\u003cli\u003eImproved sqlite \u003ccode\u003eblob\u003c/code\u003e mapping\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix wrong DrizzleQueryError export. thanks \u003ca href=\"https://github.com/nathankleyn\"\u003e\u003ccode\u003e@​nathankleyn\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed types of \u003ccode\u003e$client\u003c/code\u003e for clients created by drizzle function\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003eawait db.$client.[...]\n\u003c/code\u003e\u003c/pre\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eupdated_at\u003c/code\u003e column to the \u003ccode\u003eneon_auth.users_sync\u003c/code\u003e table definition.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[BUG]: Fixed type issues with joins with certain variations of \u003ccode\u003etsconfig\u003c/code\u003e: \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/4535\"\u003e#4535\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/4457\"\u003e#4457\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/4586\"\u003e[BUG]: Drizzle can no longer run on Durable Objects\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.0\u003c/h2\u003e\n\u003ch2\u003eError handling\u003c/h2\u003e\n\u003cp\u003eStarting from this version, we’ve introduced a new \u003ccode\u003eDrizzleQueryError\u003c/code\u003e that wraps all errors from database drivers and provides a set of useful information:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/273c78071d4841b497f5144734b38294df7ec64b\"\u003e\u003ccode\u003e273c780\u003c/code\u003e\u003c/a\u003e + 0.45.2 (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5534\"\u003e#5534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/4aa6ecfee4b4728dadf6f77f071a149878a3c6c0\"\u003e\u003ccode\u003e4aa6ecf\u003c/code\u003e\u003c/a\u003e Kit updates (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5490\"\u003e#5490\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/e8e6edfef5ca69c6188d320388ad440265911057\"\u003e\u003ccode\u003ee8e6edf\u003c/code\u003e\u003c/a\u003e feat(drizzle-kit): support d1 via binding (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5302\"\u003e#5302\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/a086f59fba7f46f3a077893ba912c99e91eaa760\"\u003e\u003ccode\u003ea086f59\u003c/code\u003e\u003c/a\u003e Fixed pg-native Pool detection in node-postgres transactions breaking in envi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/c445637df39366bcf47b12601896ce851771c1c2\"\u003e\u003ccode\u003ec445637\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5095\"\u003e#5095\u003c/a\u003e from drizzle-team/main-workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/e7b3aaa26456b88cd23a7843ebc95b3bddde1ba4\"\u003e\u003ccode\u003ee7b3aaa\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into main-workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/0d885a54ddafd8717f8610cf3d2899f3eef61e65\"\u003e\u003ccode\u003e0d885a5\u003c/code\u003e\u003c/a\u003e refactor: Update condition for run-feature job to improve clarity and functio...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/45a1ffbcbfdd96772d0aba7d9e43744db2dce471\"\u003e\u003ccode\u003e45a1ffb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5087\"\u003e#5087\u003c/a\u003e from drizzle-team/main-workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/6357645bd33b1f444e1d081769dd4b71c3de31f8\"\u003e\u003ccode\u003e6357645\u003c/code\u003e\u003c/a\u003e chore: Comment out NEON_HTTP_CONNECTION_STRING requirement in release workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/53dec98a936f549d0cc2e668f19db3a2df842f51\"\u003e\u003ccode\u003e53dec98\u003c/code\u003e\u003c/a\u003e refactor: Simplify release router workflow by removing unnecessary switch job...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/drizzle-team/drizzle-orm/compare/0.42.0...0.45.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for drizzle-orm since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/jrin0340-420/astroglider/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/jrin0340-420/astroglider/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/jrin0340-420%2Fastroglider/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"4404069769","node_id":"PR_kwDORSKvL87ZaSlN","number":24,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 27 directories with 13 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-08T05:43:33.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-08T05:43:25.000Z","updated_at":"2026-05-08T05:43:36.000Z","time_to_close":8,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":13,"packages":[{"name":"@fastify/http-proxy","old_version":"11.3.0","new_version":"11.4.4","repository_url":"https://github.com/fastify/fastify-http-proxy"},{"name":"axios","old_version":"1.13.5","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"fast-xml-parser","old_version":"5.3.7","new_version":"5.7.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"fastify","old_version":"5.7.3","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"},{"name":"i18next-http-backend","old_version":"2.5.2","new_version":"3.0.5","repository_url":"https://github.com/i18next/i18next-http-backend"},{"name":"nodemailer","old_version":"7.0.11","new_version":"8.0.5","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"vite","old_version":"6.4.1","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"mammoth","old_version":"1.8.0","new_version":"1.11.0","repository_url":"https://github.com/mwilliamson/mammoth.js"},{"name":"@fastify/static","old_version":"8.1.0","new_version":"9.1.1","repository_url":"https://github.com/fastify/fastify-static"},{"name":"systeminformation","old_version":"5.25.11","new_version":"5.30.8","repository_url":"https://github.com/sebhildebrandt/systeminformation"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.3.1","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"ajv","old_version":"8.12.0","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"lodash","old_version":"4.17.23","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/http-proxy](https://github.com/fastify/fastify-http-proxy) | `11.3.0` | `11.4.4` |\n| [axios](https://github.com/axios/axios) | `1.13.5` | `1.15.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.3.7` | `5.7.0` |\n| [fastify](https://github.com/fastify/fastify) | `5.7.3` | `5.8.5` |\n| [i18next-http-backend](https://github.com/i18next/i18next-http-backend) | `2.5.2` | `3.0.5` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `7.0.11` | `8.0.5` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.4.1` | `6.4.2` |\n| [mammoth](https://github.com/mwilliamson/mammoth.js) | `1.8.0` | `1.11.0` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.1.0` | `9.1.1` |\n| [systeminformation](https://github.com/sebhildebrandt/systeminformation) | `5.25.11` | `5.30.8` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.3.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.12.0` | `8.18.0` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/cli directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/common directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/ai directory: [ajv](https://github.com/ajv-validator/ajv).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/campaign-monitor directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/crisp directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/docusign directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/firecrawl directory: [ajv](https://github.com/ajv-validator/ajv).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/github directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/gmail directory: [nodemailer](https://github.com/nodemailer/nodemailer).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/google-sheets directory: [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/help-scout directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/http-oauth2 directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/kizeo-forms directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/pastebin directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/rss directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/salesforce directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/sendgrid directory: [nodemailer](https://github.com/nodemailer/nodemailer).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/vtex directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/youtube directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/graphql directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/http directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/sftp directory: [basic-ftp](https://github.com/patrickjuchli/basic-ftp).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/smtp directory: [nodemailer](https://github.com/nodemailer/nodemailer).\nBumps the npm_and_yarn group with 6 updates in the /packages/server/api directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/http-proxy](https://github.com/fastify/fastify-http-proxy) | `11.3.0` | `11.4.4` |\n| [axios](https://github.com/axios/axios) | `1.13.5` | `1.15.2` |\n| [fastify](https://github.com/fastify/fastify) | `5.7.3` | `5.8.5` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `7.0.11` | `8.0.5` |\n| [mammoth](https://github.com/mwilliamson/mammoth.js) | `1.8.0` | `1.11.0` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.1.0` | `9.1.1` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/server/utils directory: [systeminformation](https://github.com/sebhildebrandt/systeminformation).\nBumps the npm_and_yarn group with 2 updates in the /packages/web directory: [axios](https://github.com/axios/axios) and [i18next-http-backend](https://github.com/i18next/i18next-http-backend).\n\nUpdates `@fastify/http-proxy` from 11.3.0 to 11.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-http-proxy/releases\"\u003e@​fastify/http-proxy's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev11.4.4\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33805 \u003ca href=\"https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37\"\u003ehttps://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: remove fast-proxy dependency by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/453\"\u003efastify/fastify-http-proxy#453\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/454\"\u003efastify/fastify-http-proxy#454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump pino-test from 1.1.0 to 2.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/456\"\u003efastify/fastify-http-proxy#456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 5.9.3 to 6.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/455\"\u003efastify/fastify-http-proxy#455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/457\"\u003efastify/fastify-http-proxy#457\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/459\"\u003efastify/fastify-http-proxy#459\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.3...v11.4.4\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.3...v11.4.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Only replace the prefix at the beginning of the URL. by \u003ca href=\"https://github.com/ShogunPanda\"\u003e\u003ccode\u003e@​ShogunPanda\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/452\"\u003efastify/fastify-http-proxy#452\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.2...v11.4.3\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.2...v11.4.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/443\"\u003efastify/fastify-http-proxy#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade borp to v1.0.0 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/445\"\u003efastify/fastify-http-proxy#445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/446\"\u003efastify/fastify-http-proxy#446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/448\"\u003efastify/fastify-http-proxy#448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: removed stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/449\"\u003efastify/fastify-http-proxy#449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(qs): preserve fromParameters query params by \u003ca href=\"https://github.com/rozzilla\"\u003e\u003ccode\u003e@​rozzilla\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/451\"\u003efastify/fastify-http-proxy#451\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/445\"\u003efastify/fastify-http-proxy#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.1...v11.4.2\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.1...v11.4.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add types and updated docs for 'preRewrite'. by \u003ca href=\"https://github.com/mn4367\"\u003e\u003ccode\u003e@​mn4367\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/442\"\u003efastify/fastify-http-proxy#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mn4367\"\u003e\u003ccode\u003e@​mn4367\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/442\"\u003efastify/fastify-http-proxy#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.0...v11.4.1\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.0...v11.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 22.15.34 to 24.0.8 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/424\"\u003efastify/fastify-http-proxy#424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 5.8.3 to 5.9.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/426\"\u003efastify/fastify-http-proxy#426\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/15df3dc5eca55e2e61dba1745f422690b4a55257\"\u003e\u003ccode\u003e15df3dc\u003c/code\u003e\u003c/a\u003e Bumped v11.4.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/87ded36a2a67b3530a4c04f836ba4f26b26b12ae\"\u003e\u003ccode\u003e87ded36\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/459\"\u003e#459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/4011c5d6a3da2b33e8fea5234f09cbd447dfa8f0\"\u003e\u003ccode\u003e4011c5d\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/457\"\u003e#457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/7d287c244a6ec8b222bad4e8fff289c26d0b1606\"\u003e\u003ccode\u003e7d287c2\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump typescript from 5.9.3 to 6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/455\"\u003e#455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/801beea98c3a61b168c64deef4ce694fdafd8804\"\u003e\u003ccode\u003e801beea\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump pino-test from 1.1.0 to 2.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/456\"\u003e#456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/b05568e6b7db701c95171c3a0194516cbb0fea13\"\u003e\u003ccode\u003eb05568e\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/454\"\u003e#454\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/1d675fd2add0e523ea1a97c6f8506ce769366cdc\"\u003e\u003ccode\u003e1d675fd\u003c/code\u003e\u003c/a\u003e chore: remove fast-proxy dependency (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/453\"\u003e#453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/16e2044b7c4b59e6069712510da3a3f4f6bab636\"\u003e\u003ccode\u003e16e2044\u003c/code\u003e\u003c/a\u003e Bumped v11.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/be4a26865b1a588fb016523b35db4baeb16cfe0a\"\u003e\u003ccode\u003ebe4a268\u003c/code\u003e\u003c/a\u003e fix: Only replace the prefix at the beginning of the URL. (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/452\"\u003e#452\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/f5719401e8693716be0001c9e8f777675b965cc5\"\u003e\u003ccode\u003ef571940\u003c/code\u003e\u003c/a\u003e v11.4.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.3.0...v11.4.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.5 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10702\"\u003e#10702\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10726\"\u003e#10726\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter:\u003c/strong\u003e Handles socket-only request errors without leaking keep-alive listeners. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10576\"\u003e#10576\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProgress Events:\u003c/strong\u003e Clamps \u003ccode\u003eloaded\u003c/code\u003e to \u003ccode\u003etotal\u003c/code\u003e for computable upload/download progress events. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7458\"\u003e#7458\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Aligns \u003ccode\u003erunWhen\u003c/code\u003e type with the runtime behaviour in \u003ccode\u003eInterceptorManager\u003c/code\u003e and makes response header keys case-insensitive. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7529\"\u003e#7529\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10677\"\u003e#10677\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ebuildFullPath\u003c/code\u003e:\u003c/strong\u003e Uses strict equality in the base/relative URL check. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7252\"\u003e#7252\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eAxiosURLSearchParams\u003c/code\u003e Regex:\u003c/strong\u003e Improves the regex used for param serialisation to avoid edge-case mismatches. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10736\"\u003e#10736\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResilient Value Parsing:\u003c/strong\u003e Parses out header/config values instead of throwing on malformed input. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10687\"\u003e#10687\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003ev1.15.1 - April 19, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/582934382e4e0e0bcb679c628071a4203e93cf57\"\u003e\u003ccode\u003e5829343\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10789\"\u003e#10789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4709a48fa2717ba97f43f5432d48ca4e26c2d326\"\u003e\u003ccode\u003e4709a48\u003c/code\u003e\u003c/a\u003e fix: added fix for memory leak in sockets (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/be3336014e01f9a4fc1f8aef15303cf7daaf58db\"\u003e\u003ccode\u003ebe33360\u003c/code\u003e\u003c/a\u003e chore: update changelog (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa\"\u003e\u003ccode\u003e4791514\u003c/code\u003e\u003c/a\u003e fix: more header pollutions (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6feafcff6c2dbafe206161c5d09e38e1d36af66f\"\u003e\u003ccode\u003e6feafcf\u003c/code\u003e\u003c/a\u003e fix: socket issue (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/302e2739c602f00e323d4f3f5c79500647633a73\"\u003e\u003ccode\u003e302e273\u003c/code\u003e\u003c/a\u003e docs: update docs, add a couple actions etc (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ac42446be51300fe214ba3c6e40cc95f34fd6871\"\u003e\u003ccode\u003eac42446\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/908f2206b6bfeff67236784abce85935698ac1d9\"\u003e\u003ccode\u003e908f220\u003c/code\u003e\u003c/a\u003e docs: update threatmodel (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10765\"\u003e#10765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f93f8155250c2e066205521eda05ae22983a1f6d\"\u003e\u003ccode\u003ef93f815\u003c/code\u003e\u003c/a\u003e docs: added docs around potential decompressions bomb (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10763\"\u003e#10763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1728aa1b15b8857f970611fd8983c06b423fc486\"\u003e\u003ccode\u003e1728aa1\u003c/code\u003e\u003c/a\u003e fix: short-circuits on any truthy non-boolean in withXSRFToken (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.13.5...v1.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 5.3.7 to 5.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003euse \u003ccode\u003e@​nodable/entities\u003c/code\u003e to replace entities\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo API change\u003c/li\u003e\n\u003cli\u003eNo change in performance for basic usage\u003c/li\u003e\n\u003cli\u003eNo typing change\u003c/li\u003e\n\u003cli\u003eNo config change\u003c/li\u003e\n\u003cli\u003enew dependency\u003c/li\u003e\n\u003cli\u003ebreaking: error messages for entities might have been changed.\u003c/li\u003e\n\u003cli\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.12...v5.6.0\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.12...v5.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eperformance improvment, increase entity expansion default limit\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eincrease default entity explansion limit as many projects demand for that\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre\u003e\u003ccode\u003emaxEntitySize: 10000,\r\nmaxExpansionDepth: 10000,\r\nmaxTotalExpansions: Infinity,\r\nmaxExpandedLength: 100000,\r\nmaxEntityCount: 1000,\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cul\u003e\n\u003cli\u003eperformance improvement\n\u003cul\u003e\n\u003cli\u003ereduce calls to toString\u003c/li\u003e\n\u003cli\u003eearly return when entities are not present\u003c/li\u003e\n\u003cli\u003eprepare rawAttrsForMatcher only if user sets \u003ccode\u003ejPath: false\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.9...v5.5.10\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.9...v5.5.10\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003efix typins and matcher instance in callbacks\u003c/h2\u003e\n\u003cp\u003ecombine typings file to avoid configuration changes\npass readonly instance of matcher to the call backs to avoid accidental push/pop call\u003c/p\u003e\n\u003ch2\u003efix bugs of entity parsing and value parsing\u003c/h2\u003e\n\u003cp\u003efix: entity expansion limits\nupdate strnum package to 2.2.0\u003c/p\u003e\n\u003ch2\u003efix entity expansion and incorrect replacement and performance\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003esupport onDangerousProperty\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eupdate dependecies to fix typings\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eintegrate path-expression-matcher\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esupport path-expression-matcher\u003c/li\u003e\n\u003cli\u003efix: stopNode should not be parsed\u003c/li\u003e\n\u003cli\u003eperformance improvement for stopNode checking\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eSeparate Builder\u003c/h2\u003e\n\u003cp\u003eXML Builder was the part of \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder\"\u003efast-xml-parser\u003c/a\u003e for years. But considering that any bug in builder may false-alarm the users who are only using parser and vice-versa, we have decided to split it into a separate package.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003efast-xml-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003eNote: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003cp\u003eNote: Due to some last quick changes on v4, detail of v4.5.3 \u0026amp; v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.3 / 2006-05-05\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: alwaysCreateTextNode should create text node when attributes are present for self closing node\u003c/li\u003e\n\u003cli\u003efix stop node expression when ns prefix is removed (found by \u003ca href=\"https://github.com/iruizsalinas\"\u003eiruizsalinas\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate XML Builder to 1.1.7\u003c/li\u003e\n\u003cli\u003emark addEntity deprecated\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.2 / 2026-04-25\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eallow numerical external entity for backward compatibility\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/705\"\u003e#705\u003c/a\u003e: attributesGroupName working with preserveOrder\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/817\"\u003e#817\u003c/a\u003e: stackoverflow when tag expression is very long\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.1 / 2026-04-20\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix typo in CJS typing file\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.0 / 2026-04-17\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse \u003ccode\u003e@nodable/entities\u003c/code\u003e v2.1.0\n\u003cul\u003e\n\u003cli\u003ebreaking changes\n\u003cul\u003e\n\u003cli\u003esingle entity scan. You're not allowed to user entity value to form another entity name.\u003c/li\u003e\n\u003cli\u003eyou cant add numeric external entity\u003c/li\u003e\n\u003cli\u003eentity error message when expantion limit is crossed might change\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003etypings are updated for new options related to process entity\u003c/li\u003e\n\u003cli\u003eplease follow documentation of \u003ccode\u003e@nodable/entities\u003c/code\u003e for more detail.\u003c/li\u003e\n\u003cli\u003eperformance\n\u003cul\u003e\n\u003cli\u003eif processEntities is false, then there should not be impact on performance.\u003c/li\u003e\n\u003cli\u003eif processEntities is true, but you dont pass entity decoder separately then performance may degrade by approx 8-10%\u003c/li\u003e\n\u003cli\u003eif processEntities is true, and you pass entity decoder separately\n\u003cul\u003e\n\u003cli\u003eif no entity then performance should be same as before\u003c/li\u003e\n\u003cli\u003eif there are entities then performance should be increased from past versions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eignoreAttributes is not required to be set to set xml version for NCR entity value\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eupdate 'fast-xml-builder' to sanitize malicious CDATA and comment's content\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.6.0 / 2026-04-15\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: entity replacement for numeric entities\u003c/li\u003e\n\u003cli\u003euse \u003ccode\u003e@​nodable/entities\u003c/code\u003e to replace entities\n\u003cul\u003e\n\u003cli\u003ethis may change some error messages related to entities expansion limit or inavlid use\u003c/li\u003e\n\u003cli\u003epost check would be exposed in future version\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.12 / 2026-04-13\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePerformance Improvement: update path-expression-matcher\n\u003cul\u003e\n\u003cli\u003euse proxy pattern than Proxy class\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.11 / 2026-04-08\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePerformance Improvement\n\u003cul\u003e\n\u003cli\u003eintegrate ExpressionSet for stopNodes\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f529642d760ef53bb9115ad4798af5dc77ac22c4\"\u003e\u003ccode\u003ef529642\u003c/code\u003e\u003c/a\u003e update to release v5.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/52a8583465d6a67ad19e86fe34714879a981c18e\"\u003e\u003ccode\u003e52a8583\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;improve performance of attributes reading\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/8d187f9abaf42ebdd85623a9ae942b08e8ae5d0c\"\u003e\u003ccode\u003e8d187f9\u003c/code\u003e\u003c/a\u003e update builder\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/e174168a72a65a8fccad2c42bde329d2167edf27\"\u003e\u003ccode\u003ee174168\u003c/code\u003e\u003c/a\u003e improve performance of attributes reading\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/79a8dde50cebaeeda75cc1ad5b97c328da106316\"\u003e\u003ccode\u003e79a8dde\u003c/code\u003e\u003c/a\u003e update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f5cd5a595f313ed7b0820cabfa82ebdaa08651f7\"\u003e\u003ccode\u003ef5cd5a5\u003c/code\u003e\u003c/a\u003e set xml version to decoder even if attributes are ignored\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f44b9236f4bee07bba75f0549fe86c981b1aeeef\"\u003e\u003ccode\u003ef44b923\u003c/code\u003e\u003c/a\u003e remove unwanted tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/869ec8b3588304a3a6aa9f22e38445e06d4547c8\"\u003e\u003ccode\u003e869ec8b\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003e@​nodable/entities\u003c/code\u003e v2.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/7cb49e51cd060caecf296fbf718a98d8c044c8c5\"\u003e\u003ccode\u003e7cb49e5\u003c/code\u003e\u003c/a\u003e update release detail\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/1b14fa7e2a957ea4eae7bbf144534737a19d4527\"\u003e\u003ccode\u003e1b14fa7\u003c/code\u003e\u003c/a\u003e include currency entities in default list\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.7...v5.7.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.7.3 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.3\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-3635 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(readme): add \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e to plugin team by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6565\"\u003efastify/fastify#6565\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated Plugins-Guide.md; Changed \u0026quot;fastify\u0026quot; to \u0026quot;instance\u0026quot; during plugin registration to showcase that it's added as a child by \u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: use fastify.test in test case by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6568\"\u003efastify/fastify#6568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use fastify.example in documentation by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6567\"\u003efastify/fastify#6567\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add common performance degradation guidance by \u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(server): fix camelCase anchor links in TOC by \u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(link-checker): fix root-relative links resolution by \u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update syntax markdown, absolute paths and links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6569\"\u003efastify/fastify#6569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify content-type parser/schema mismatch is outside threat model by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6537\"\u003efastify/fastify#6537\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix incorrect code examples in Reply and Request reference by \u003ca href=\"https://github.com/mahmoodhamdi\"\u003e\u003ccode\u003e@​mahmoodhamdi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6582\"\u003efastify/fastify#6582\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: replace redirected npm.im http-errors link by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6588\"\u003efastify/fastify#6588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: Allow port to be null in request type definition by \u003ca href=\"https://github.com/TristanBarlow\"\u003e\u003ccode\u003e@​TristanBarlow\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6589\"\u003efastify/fastify#6589\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6593\"\u003efastify/fastify#6593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(lock-threads): use shared lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6592\"\u003efastify/fastify#6592\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3983cce8124714242099e8756a7a9a80a0ba0aea\"\u003e\u003ccode\u003e3983cce\u003c/code\u003e\u003c/a\u003e Bumped v5.8.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3ce3ae6752dbed672759856081af9cb1e2733105\"\u003e\u003ccode\u003e3ce3ae6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/b06a196b694c0c7aed53976cd77456f1ad7d4c9f\"\u003e\u003ccode\u003eb06a196\u003c/code\u003e\u003c/a\u003e docs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6610\"\u003e#6610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/909c5d5329536b0acc004da7649b3da8af9273b2\"\u003e\u003ccode\u003e909c5d5\u003c/code\u003e\u003c/a\u003e chore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6630\"\u003e#6630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/4db21a36ddb588acaebf5a4472ccb3b0d5fc9db0\"\u003e\u003ccode\u003e4db21a3\u003c/code\u003e\u003c/a\u003e chore: Bump borp from 0.21.0 to 1.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6633\"\u003e#6633\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/0f4e544c8acd7c42df347936e613a73cecc4f3fe\"\u003e\u003ccode\u003e0f4e544\u003c/code\u003e\u003c/a\u003e chore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6632\"\u003e#6632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/33a2fcd39de584713495bf4b3bd864137746f224\"\u003e\u003ccode\u003e33a2fcd\u003c/code\u003e\u003c/a\u003e chore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6629\"\u003e#6629\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/fd35d829a8cd496a3c1170c0c1c021130e3ca0e8\"\u003e\u003ccode\u003efd35d82\u003c/code\u003e\u003c/a\u003e ci: reduce cron schedules from daily/weekly to monthly (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6623\"\u003e#6623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/8dee9be05ebf683cd212aeff1d294f6ea1ec405c\"\u003e\u003ccode\u003e8dee9be\u003c/code\u003e\u003c/a\u003e fix: restore trustProxy function for number and string types, add null check ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/d457aeda8611777389c7e4713a288eb7ddb9a389\"\u003e\u003ccode\u003ed457aed\u003c/code\u003e\u003c/a\u003e chore: upgrade to typescript v6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6605\"\u003e#6605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify/compare/v5.7.3...v5.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `i18next-http-backend` from 2.5.2 to 3.0.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/i18next/i18next-http-backend/blob/master/CHANGELOG.md\"\u003ei18next-http-backend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e3.0.5\u003c/h3\u003e\n\u003cp\u003eSecurity release — all issues found via an internal audit. See published advisory \u003ca href=\"https://github.com/i18next/i18next-http-backend/security/advisories/GHSA-q89c-q3h5-w34g\"\u003eGHSA-q89c-q3h5-w34g\u003c/a\u003e.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity: refuse to build request URLs when \u003ccode\u003elng\u003c/code\u003e or \u003ccode\u003ens\u003c/code\u003e values contain path-traversal, URL-structure (\u003ccode\u003e?\u003c/code\u003e, \u003ccode\u003e#\u003c/code\u003e, \u003ccode\u003e%\u003c/code\u003e, \u003ccode\u003e@\u003c/code\u003e, whitespace), path separators, control characters, prototype keys, or exceed 128 chars. Prevents path traversal / SSRF / URL injection via attacker-controlled language-code values. \u003ccode\u003eisSafeUrlSegment\u003c/code\u003e is permissive for legitimate i18next language codes (any BCP-47-like shape, underscores, hyphens, dots, \u003ccode\u003e+\u003c/code\u003e-joined multi-language requests) (\u003ca href=\"https://github.com/i18next/i18next-http-backend/security/advisories/GHSA-q89c-q3h5-w34g\"\u003eGHSA-q89c-q3h5-w34g\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esecurity: per-instance \u003ccode\u003eomitFetchOptions\u003c/code\u003e — the fetch-options-stripping fallback is now scoped to a single backend instance via \u003ccode\u003eoptions._omitFetchOptions\u003c/code\u003e instead of a module-level boolean. One instance hitting a \u0026quot;not implemented\u0026quot; fetch error no longer permanently strips \u003ccode\u003erequestOptions\u003c/code\u003e (including \u003ccode\u003ecredentials\u003c/code\u003e, \u003ccode\u003emode\u003c/code\u003e, \u003ccode\u003ecache\u003c/code\u003e) from every other backend instance in the same process\u003c/li\u003e\n\u003cli\u003esecurity: strip CR/LF/NUL and other C0/C1 control characters from \u003ccode\u003elng\u003c/code\u003e/\u003ccode\u003ens\u003c/code\u003e / URL values before they appear in error-callback strings (CWE-117 log forging)\u003c/li\u003e\n\u003cli\u003esecurity: redact \u003ccode\u003euser:password\u003c/code\u003e credentials from URLs before including them in error-callback strings — prevents leaking basic-auth credentials embedded in \u003ccode\u003eloadPath\u003c/code\u003e / \u003ccode\u003eaddPath\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003esecurity: iterate own enumerable keys only (\u003ccode\u003eObject.keys\u003c/code\u003e + prototype-key guard) in \u003ccode\u003eaddQueryString\u003c/code\u003e and in the \u003ccode\u003ecustomHeaders\u003c/code\u003e loop in XHR mode — prevents prototype-pollution amplification into the URL and request headers\u003c/li\u003e\n\u003cli\u003echore: ignore \u003ccode\u003e.env*\u003c/code\u003e and \u003ccode\u003e*.pem\u003c/code\u003e/\u003ccode\u003e*.key\u003c/code\u003e files in \u003ccode\u003e.gitignore\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse own interpolation function for loadPath and addPath instead of relying on i18next's interpolator \u003ca href=\"https://redirect.github.com/i18next/i18next/issues/2420\"\u003ei18next#2420\u003c/a\u003e — this means only \u003ccode\u003e{{lng}}\u003c/code\u003e and \u003ccode\u003e{{ns}}\u003c/code\u003e placeholders are supported; custom interpolation prefix/suffix from i18next config no longer applies to backend paths\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize fetchApi selector\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etry to get rid of top-level await\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix for Deno 2 and removal of unnecessary .cjs file\u003c/li\u003e\n\u003cli\u003efor esm build environments not supporting top-level await, you should import the \u003ccode\u003ei18next-http-backend/cjs\u003c/code\u003e export or stay at v2.6.2 or v2.7.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize fetchApi selector [backported]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esame as 2.6.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeprecated, same as v3.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove network error detection across browsers \u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/pull/152\"\u003e152\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize \u0026quot;Failed to fetch\u0026quot; retry case \u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/issues/147\"\u003e147\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.0\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/5757fa3283bff31bd75e75598c3bcb44179bd892\"\u003e\u003ccode\u003e5757fa3\u003c/code\u003e\u003c/a\u003e 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4cee84f229c637b9c182366d3156f726d407a621\"\u003e\u003ccode\u003e4cee84f\u003c/code\u003e\u003c/a\u003e security: hardening for 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4cbc48741128d9b1f6cceb43edabfbec84c92615\"\u003e\u003ccode\u003e4cbc487\u003c/code\u003e\u003c/a\u003e Bump next from 16.2.1 to 16.2.3 in /example/next (\u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/issues/180\"\u003e#180\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/0d7dcbb09989d358b3af9a67658469ae8ed361dc\"\u003e\u003ccode\u003e0d7dcbb\u003c/code\u003e\u003c/a\u003e make last change more clear\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/c740e013ab5ff4ea3a71f9e0842a302bdf4147ae\"\u003e\u003ccode\u003ec740e01\u003c/code\u003e\u003c/a\u003e year\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/e1dc72b3fb016932959d2bf796d94985baca7050\"\u003e\u003ccode\u003ee1dc72b\u003c/code\u003e\u003c/a\u003e changelog fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4dbb4851ff53b0058d8f0a254779b45c839e6c24\"\u003e\u003ccode\u003e4dbb485\u003c/code\u003e\u003c/a\u003e 3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/5f33a0c2d72f8f9c1e0add30b9b75a0c2edeb7b6\"\u003e\u003ccode\u003e5f33a0c\u003c/code\u003e\u003c/a\u003e use own interpolation function for loadPath and addPath instead of relying on...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/681c09d12ebfafef09351b784d2e7b250328879f\"\u003e\u003ccode\u003e681c09d\u003c/code\u003e\u003c/a\u003e update ci actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/e63ff163717ba02c589e27fa81cc881add892fbd\"\u003e\u003ccode\u003ee63ff16\u003c/code\u003e\u003c/a\u003e adjust deno test\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/i18next/i18next-http-backend/compare/v2.5.2...v3.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nodemailer` from 7.0.11 to 8.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/releases\"\u003enodemailer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.4...v8.0.5\"\u003e8.0.5\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edecode SMTP server responses as UTF-8 at line boundary (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e95876b1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esanitize CRLF in transport name option to prevent SMTP command injection (GHSA-vvjj-xcjg-gr5g) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e0a43876\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4\"\u003e8.0.4\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esanitize envelope size to prevent SMTP command injection (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e2d7b971\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.2...v8.0.3\"\u003e8.0.3\u003c/a\u003e (2026-03-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up addressparser and fix group name fallback producing undefined (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9d55877f8ed15a6aefd7ba76cbb6b6a6cdbcc4fd\"\u003e9d55877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix cookie bugs, remove dead code, and improve hot-path efficiency (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003ee8c8b92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor smtp-connection for clarity and add Node.js 6 syntax compat test (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c5b48ea61c28eabf347972f4198a12cdab226ff7\"\u003ec5b48ea\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove familySupportCache that broke DNS resolution tests (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003ec803d90\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.2\"\u003e8.0.2\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emerge fragmented display names with unquoted commas in addressparser (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/fe27f7fd57f7587d897274438da2f628ad0ad7d9\"\u003efe27f7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.0...v8.0.1\"\u003e8.0.1\u003c/a\u003e (2026-02-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/7f8dde41438c66b8311e888fa5f8c518fcaba6f1\"\u003e7f8dde4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/381f628d55e62bb3131bd2a452fa1ce00bc48aea\"\u003e381f628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Gmail Workspace service configuration (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1787\"\u003e#1787\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/dc97ede417b3030b311771541b1f17f5ca76bcbf\"\u003edc97ede\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.13...v8.0.0\"\u003e8.0.0\u003c/a\u003e (2026-02-04)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md\"\u003enodemailer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.4...v8.0.5\"\u003e8.0.5\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edecode SMTP server responses as UTF-8 at line boundary (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e95876b1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esanitize CRLF in transport name option to prevent SMTP command injection (GHSA-vvjj-xcjg-gr5g) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e0a43876\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4\"\u003e8.0.4\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esanitize envelope size to prevent SMTP command injection (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e2d7b971\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.2...v8.0.3\"\u003e8.0.3\u003c/a\u003e (2026-03-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up addressparser and fix group name fallback producing undefined (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9d55877f8ed15a6aefd7ba76cbb6b6a6cdbcc4fd\"\u003e9d55877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix cookie bugs, remove dead code, and improve hot-path efficiency (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003ee8c8b92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor smtp-connection for clarity and add Node.js 6 syntax compat test (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c5b48ea61c28eabf347972f4198a12cdab226ff7\"\u003ec5b48ea\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove familySupportCache that broke DNS resolution tests (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003ec803d90\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.2\"\u003e8.0.2\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emerge fragmented display names with unquoted commas in addressparser (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/fe27f7fd57f7587d897274438da2f628ad0ad7d9\"\u003efe27f7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.0...v8.0.1\"\u003e8.0.1\u003c/a\u003e (2026-02-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/7f8dde41438c66b8311e888fa5f8c518fcaba6f1\"\u003e7f8dde4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/381f628d55e62bb3131bd2a452fa1ce00bc48aea\"\u003e381f628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Gmail Workspace service configuration (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1787\"\u003e#1787\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/dc97ede417b3030b311771541b1f17f5ca76bcbf\"\u003edc97ede\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.13...v8.0.0\"\u003e8.0.0\u003c/a\u003e (2026-02-04)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eError code 'NoAuth' renamed to 'ENOAUTH'\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/202cfb3e14010223204e9ba9f7430176be624f0f\"\u003e\u003ccode\u003e202cfb3\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.5 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1809\"\u003e#1809\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/b634abf05959edcc7207cdaba2c6541f92994cbb\"\u003e\u003ccode\u003eb634abf\u003c/code\u003e\u003c/a\u003e docs: add CLAUDE.md with project conventions and release process\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e\u003ccode\u003e95876b1\u003c/code\u003e\u003c/a\u003e fix: decode SMTP server responses as UTF-8 at line boundary\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e\u003ccode\u003e0a43876\u003c/code\u003e\u003c/a\u003e fix: sanitize CRLF in transport name option to prevent SMTP command injection...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/08e59e64d0f8595fa535f07061787e0946372657\"\u003e\u003ccode\u003e08e59e6\u003c/code\u003e\u003c/a\u003e chore: update dev dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d319753c34d2f0ced24d8eb1d7d866d965f59f4\"\u003e\u003ccode\u003e2d31975\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.4 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1806\"\u003e#1806\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e\u003ccode\u003e2d7b971\u003c/code\u003e\u003c/a\u003e fix: sanitize envelope size to prevent SMTP command injection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/4e702e97650aaff442a7bc040957ba9c53c614b8\"\u003e\u003ccode\u003e4e702e9\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.3 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1804\"\u003e#1804\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003e\u003ccode\u003ec803d90\u003c/code\u003e\u003c/a\u003e fix: remove familySupportCache that broke DNS resolution tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003e\u003ccode\u003ee8c8b92\u003c/code\u003e\u003c/a\u003e fix: fix cookie bugs, remove dead code, and improve hot-path efficiency\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.11...v8.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 6.4.1 to 6.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.4.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.2 (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003efe28e47\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22163\"\u003e#22163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: avoid path traversal with optimize deps s...\n\n_Description has been truncated_","html_url":"https://github.com/szabiiii/activepieces/pull/24","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/szabiiii%2Factivepieces/issues/24","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/24/packages"},{"uuid":"4404069262","node_id":"PR_kwDORSKvL87ZaSeJ","number":21,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 20 directories with 7 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-08T05:43:27.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-08T05:43:19.000Z","updated_at":"2026-05-08T05:43:30.000Z","time_to_close":8,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":7,"packages":[{"name":"@fastify/http-proxy","old_version":"11.3.0","new_version":"11.4.4","repository_url":"https://github.com/fastify/fastify-http-proxy"},{"name":"axios","old_version":"1.13.5","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"fast-xml-parser","old_version":"5.3.7","new_version":"5.7.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"fastify","old_version":"5.7.3","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"},{"name":"i18next-http-backend","old_version":"2.5.2","new_version":"3.0.5","repository_url":"https://github.com/i18next/i18next-http-backend"},{"name":"@fastify/static","old_version":"8.1.0","new_version":"9.1.1","repository_url":"https://github.com/fastify/fastify-static"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.3.1","repository_url":"https://github.com/patrickjuchli/basic-ftp"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/http-proxy](https://github.com/fastify/fastify-http-proxy) | `11.3.0` | `11.4.4` |\n| [axios](https://github.com/axios/axios) | `1.13.5` | `1.15.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.3.7` | `5.7.0` |\n| [fastify](https://github.com/fastify/fastify) | `5.7.3` | `5.8.5` |\n| [i18next-http-backend](https://github.com/i18next/i18next-http-backend) | `2.5.2` | `3.0.5` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.1.0` | `9.1.1` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.3.1` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/cli directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/common directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/campaign-monitor directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/crisp directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/docusign directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/github directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/help-scout directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/http-oauth2 directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/kizeo-forms directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/pastebin directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/rss directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/salesforce directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/vtex directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/youtube directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/graphql directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/http directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/sftp directory: [basic-ftp](https://github.com/patrickjuchli/basic-ftp).\nBumps the npm_and_yarn group with 4 updates in the /packages/server/api directory: [@fastify/http-proxy](https://github.com/fastify/fastify-http-proxy), [axios](https://github.com/axios/axios), [fastify](https://github.com/fastify/fastify) and [@fastify/static](https://github.com/fastify/fastify-static).\nBumps the npm_and_yarn group with 2 updates in the /packages/web directory: [axios](https://github.com/axios/axios) and [i18next-http-backend](https://github.com/i18next/i18next-http-backend).\n\nUpdates `@fastify/http-proxy` from 11.3.0 to 11.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-http-proxy/releases\"\u003e@​fastify/http-proxy's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev11.4.4\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33805 \u003ca href=\"https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37\"\u003ehttps://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: remove fast-proxy dependency by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/453\"\u003efastify/fastify-http-proxy#453\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/454\"\u003efastify/fastify-http-proxy#454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump pino-test from 1.1.0 to 2.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/456\"\u003efastify/fastify-http-proxy#456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 5.9.3 to 6.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/455\"\u003efastify/fastify-http-proxy#455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/457\"\u003efastify/fastify-http-proxy#457\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/459\"\u003efastify/fastify-http-proxy#459\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.3...v11.4.4\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.3...v11.4.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Only replace the prefix at the beginning of the URL. by \u003ca href=\"https://github.com/ShogunPanda\"\u003e\u003ccode\u003e@​ShogunPanda\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/452\"\u003efastify/fastify-http-proxy#452\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.2...v11.4.3\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.2...v11.4.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/443\"\u003efastify/fastify-http-proxy#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade borp to v1.0.0 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/445\"\u003efastify/fastify-http-proxy#445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/446\"\u003efastify/fastify-http-proxy#446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/448\"\u003efastify/fastify-http-proxy#448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: removed stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/449\"\u003efastify/fastify-http-proxy#449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(qs): preserve fromParameters query params by \u003ca href=\"https://github.com/rozzilla\"\u003e\u003ccode\u003e@​rozzilla\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/451\"\u003efastify/fastify-http-proxy#451\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/445\"\u003efastify/fastify-http-proxy#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.1...v11.4.2\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.1...v11.4.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add types and updated docs for 'preRewrite'. by \u003ca href=\"https://github.com/mn4367\"\u003e\u003ccode\u003e@​mn4367\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/442\"\u003efastify/fastify-http-proxy#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mn4367\"\u003e\u003ccode\u003e@​mn4367\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/442\"\u003efastify/fastify-http-proxy#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.0...v11.4.1\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.0...v11.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 22.15.34 to 24.0.8 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/424\"\u003efastify/fastify-http-proxy#424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 5.8.3 to 5.9.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/426\"\u003efastify/fastify-http-proxy#426\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/15df3dc5eca55e2e61dba1745f422690b4a55257\"\u003e\u003ccode\u003e15df3dc\u003c/code\u003e\u003c/a\u003e Bumped v11.4.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/87ded36a2a67b3530a4c04f836ba4f26b26b12ae\"\u003e\u003ccode\u003e87ded36\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/459\"\u003e#459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/4011c5d6a3da2b33e8fea5234f09cbd447dfa8f0\"\u003e\u003ccode\u003e4011c5d\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/457\"\u003e#457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/7d287c244a6ec8b222bad4e8fff289c26d0b1606\"\u003e\u003ccode\u003e7d287c2\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump typescript from 5.9.3 to 6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/455\"\u003e#455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/801beea98c3a61b168c64deef4ce694fdafd8804\"\u003e\u003ccode\u003e801beea\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump pino-test from 1.1.0 to 2.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/456\"\u003e#456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/b05568e6b7db701c95171c3a0194516cbb0fea13\"\u003e\u003ccode\u003eb05568e\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/454\"\u003e#454\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/1d675fd2add0e523ea1a97c6f8506ce769366cdc\"\u003e\u003ccode\u003e1d675fd\u003c/code\u003e\u003c/a\u003e chore: remove fast-proxy dependency (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/453\"\u003e#453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/16e2044b7c4b59e6069712510da3a3f4f6bab636\"\u003e\u003ccode\u003e16e2044\u003c/code\u003e\u003c/a\u003e Bumped v11.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/be4a26865b1a588fb016523b35db4baeb16cfe0a\"\u003e\u003ccode\u003ebe4a268\u003c/code\u003e\u003c/a\u003e fix: Only replace the prefix at the beginning of the URL. (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/452\"\u003e#452\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/f5719401e8693716be0001c9e8f777675b965cc5\"\u003e\u003ccode\u003ef571940\u003c/code\u003e\u003c/a\u003e v11.4.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.3.0...v11.4.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.5 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10702\"\u003e#10702\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10726\"\u003e#10726\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter:\u003c/strong\u003e Handles socket-only request errors without leaking keep-alive listeners. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10576\"\u003e#10576\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProgress Events:\u003c/strong\u003e Clamps \u003ccode\u003eloaded\u003c/code\u003e to \u003ccode\u003etotal\u003c/code\u003e for computable upload/download progress events. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7458\"\u003e#7458\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Aligns \u003ccode\u003erunWhen\u003c/code\u003e type with the runtime behaviour in \u003ccode\u003eInterceptorManager\u003c/code\u003e and makes response header keys case-insensitive. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7529\"\u003e#7529\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10677\"\u003e#10677\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ebuildFullPath\u003c/code\u003e:\u003c/strong\u003e Uses strict equality in the base/relative URL check. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7252\"\u003e#7252\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eAxiosURLSearchParams\u003c/code\u003e Regex:\u003c/strong\u003e Improves the regex used for param serialisation to avoid edge-case mismatches. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10736\"\u003e#10736\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResilient Value Parsing:\u003c/strong\u003e Parses out header/config values instead of throwing on malformed input. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10687\"\u003e#10687\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003ev1.15.1 - April 19, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/582934382e4e0e0bcb679c628071a4203e93cf57\"\u003e\u003ccode\u003e5829343\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10789\"\u003e#10789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4709a48fa2717ba97f43f5432d48ca4e26c2d326\"\u003e\u003ccode\u003e4709a48\u003c/code\u003e\u003c/a\u003e fix: added fix for memory leak in sockets (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/be3336014e01f9a4fc1f8aef15303cf7daaf58db\"\u003e\u003ccode\u003ebe33360\u003c/code\u003e\u003c/a\u003e chore: update changelog (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa\"\u003e\u003ccode\u003e4791514\u003c/code\u003e\u003c/a\u003e fix: more header pollutions (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6feafcff6c2dbafe206161c5d09e38e1d36af66f\"\u003e\u003ccode\u003e6feafcf\u003c/code\u003e\u003c/a\u003e fix: socket issue (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/302e2739c602f00e323d4f3f5c79500647633a73\"\u003e\u003ccode\u003e302e273\u003c/code\u003e\u003c/a\u003e docs: update docs, add a couple actions etc (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ac42446be51300fe214ba3c6e40cc95f34fd6871\"\u003e\u003ccode\u003eac42446\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/908f2206b6bfeff67236784abce85935698ac1d9\"\u003e\u003ccode\u003e908f220\u003c/code\u003e\u003c/a\u003e docs: update threatmodel (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10765\"\u003e#10765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f93f8155250c2e066205521eda05ae22983a1f6d\"\u003e\u003ccode\u003ef93f815\u003c/code\u003e\u003c/a\u003e docs: added docs around potential decompressions bomb (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10763\"\u003e#10763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1728aa1b15b8857f970611fd8983c06b423fc486\"\u003e\u003ccode\u003e1728aa1\u003c/code\u003e\u003c/a\u003e fix: short-circuits on any truthy non-boolean in withXSRFToken (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.13.5...v1.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 5.3.7 to 5.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003euse \u003ccode\u003e@​nodable/entities\u003c/code\u003e to replace entities\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo API change\u003c/li\u003e\n\u003cli\u003eNo change in performance for basic usage\u003c/li\u003e\n\u003cli\u003eNo typing change\u003c/li\u003e\n\u003cli\u003eNo config change\u003c/li\u003e\n\u003cli\u003enew dependency\u003c/li\u003e\n\u003cli\u003ebreaking: error messages for entities might have been changed.\u003c/li\u003e\n\u003cli\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.12...v5.6.0\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.12...v5.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eperformance improvment, increase entity expansion default limit\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eincrease default entity explansion limit as many projects demand for that\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre\u003e\u003ccode\u003emaxEntitySize: 10000,\r\nmaxExpansionDepth: 10000,\r\nmaxTotalExpansions: Infinity,\r\nmaxExpandedLength: 100000,\r\nmaxEntityCount: 1000,\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cul\u003e\n\u003cli\u003eperformance improvement\n\u003cul\u003e\n\u003cli\u003ereduce calls to toString\u003c/li\u003e\n\u003cli\u003eearly return when entities are not present\u003c/li\u003e\n\u003cli\u003eprepare rawAttrsForMatcher only if user sets \u003ccode\u003ejPath: false\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.9...v5.5.10\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.9...v5.5.10\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003efix typins and matcher instance in callbacks\u003c/h2\u003e\n\u003cp\u003ecombine typings file to avoid configuration changes\npass readonly instance of matcher to the call backs to avoid accidental push/pop call\u003c/p\u003e\n\u003ch2\u003efix bugs of entity parsing and value parsing\u003c/h2\u003e\n\u003cp\u003efix: entity expansion limits\nupdate strnum package to 2.2.0\u003c/p\u003e\n\u003ch2\u003efix entity expansion and incorrect replacement and performance\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003esupport onDangerousProperty\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eupdate dependecies to fix typings\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eintegrate path-expression-matcher\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esupport path-expression-matcher\u003c/li\u003e\n\u003cli\u003efix: stopNode should not be parsed\u003c/li\u003e\n\u003cli\u003eperformance improvement for stopNode checking\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eSeparate Builder\u003c/h2\u003e\n\u003cp\u003eXML Builder was the part of \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder\"\u003efast-xml-parser\u003c/a\u003e for years. But considering that any bug in builder may false-alarm the users who are only using parser and vice-versa, we have decided to split it into a separate package.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003efast-xml-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003eNote: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003cp\u003eNote: Due to some last quick changes on v4, detail of v4.5.3 \u0026amp; v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.3 / 2006-05-05\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: alwaysCreateTextNode should create text node when attributes are present for self closing node\u003c/li\u003e\n\u003cli\u003efix stop node expression when ns prefix is removed (found by \u003ca href=\"https://github.com/iruizsalinas\"\u003eiruizsalinas\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate XML Builder to 1.1.7\u003c/li\u003e\n\u003cli\u003emark addEntity deprecated\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.2 / 2026-04-25\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eallow numerical external entity for backward compatibility\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/705\"\u003e#705\u003c/a\u003e: attributesGroupName working with preserveOrder\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/817\"\u003e#817\u003c/a\u003e: stackoverflow when tag expression is very long\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.1 / 2026-04-20\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix typo in CJS typing file\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.0 / 2026-04-17\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse \u003ccode\u003e@nodable/entities\u003c/code\u003e v2.1.0\n\u003cul\u003e\n\u003cli\u003ebreaking changes\n\u003cul\u003e\n\u003cli\u003esingle entity scan. You're not allowed to user entity value to form another entity name.\u003c/li\u003e\n\u003cli\u003eyou cant add numeric external entity\u003c/li\u003e\n\u003cli\u003eentity error message when expantion limit is crossed might change\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003etypings are updated for new options related to process entity\u003c/li\u003e\n\u003cli\u003eplease follow documentation of \u003ccode\u003e@nodable/entities\u003c/code\u003e for more detail.\u003c/li\u003e\n\u003cli\u003eperformance\n\u003cul\u003e\n\u003cli\u003eif processEntities is false, then there should not be impact on performance.\u003c/li\u003e\n\u003cli\u003eif processEntities is true, but you dont pass entity decoder separately then performance may degrade by approx 8-10%\u003c/li\u003e\n\u003cli\u003eif processEntities is true, and you pass entity decoder separately\n\u003cul\u003e\n\u003cli\u003eif no entity then performance should be same as before\u003c/li\u003e\n\u003cli\u003eif there are entities then performance should be increased from past versions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eignoreAttributes is not required to be set to set xml version for NCR entity value\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eupdate 'fast-xml-builder' to sanitize malicious CDATA and comment's content\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.6.0 / 2026-04-15\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: entity replacement for numeric entities\u003c/li\u003e\n\u003cli\u003euse \u003ccode\u003e@​nodable/entities\u003c/code\u003e to replace entities\n\u003cul\u003e\n\u003cli\u003ethis may change some error messages related to entities expansion limit or inavlid use\u003c/li\u003e\n\u003cli\u003epost check would be exposed in future version\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.12 / 2026-04-13\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePerformance Improvement: update path-expression-matcher\n\u003cul\u003e\n\u003cli\u003euse proxy pattern than Proxy class\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.11 / 2026-04-08\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePerformance Improvement\n\u003cul\u003e\n\u003cli\u003eintegrate ExpressionSet for stopNodes\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f529642d760ef53bb9115ad4798af5dc77ac22c4\"\u003e\u003ccode\u003ef529642\u003c/code\u003e\u003c/a\u003e update to release v5.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/52a8583465d6a67ad19e86fe34714879a981c18e\"\u003e\u003ccode\u003e52a8583\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;improve performance of attributes reading\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/8d187f9abaf42ebdd85623a9ae942b08e8ae5d0c\"\u003e\u003ccode\u003e8d187f9\u003c/code\u003e\u003c/a\u003e update builder\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/e174168a72a65a8fccad2c42bde329d2167edf27\"\u003e\u003ccode\u003ee174168\u003c/code\u003e\u003c/a\u003e improve performance of attributes reading\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/79a8dde50cebaeeda75cc1ad5b97c328da106316\"\u003e\u003ccode\u003e79a8dde\u003c/code\u003e\u003c/a\u003e update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f5cd5a595f313ed7b0820cabfa82ebdaa08651f7\"\u003e\u003ccode\u003ef5cd5a5\u003c/code\u003e\u003c/a\u003e set xml version to decoder even if attributes are ignored\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f44b9236f4bee07bba75f0549fe86c981b1aeeef\"\u003e\u003ccode\u003ef44b923\u003c/code\u003e\u003c/a\u003e remove unwanted tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/869ec8b3588304a3a6aa9f22e38445e06d4547c8\"\u003e\u003ccode\u003e869ec8b\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003e@​nodable/entities\u003c/code\u003e v2.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/7cb49e51cd060caecf296fbf718a98d8c044c8c5\"\u003e\u003ccode\u003e7cb49e5\u003c/code\u003e\u003c/a\u003e update release detail\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/1b14fa7e2a957ea4eae7bbf144534737a19d4527\"\u003e\u003ccode\u003e1b14fa7\u003c/code\u003e\u003c/a\u003e include currency entities in default list\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.7...v5.7.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.7.3 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.3\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-3635 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(readme): add \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e to plugin team by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6565\"\u003efastify/fastify#6565\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated Plugins-Guide.md; Changed \u0026quot;fastify\u0026quot; to \u0026quot;instance\u0026quot; during plugin registration to showcase that it's added as a child by \u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: use fastify.test in test case by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6568\"\u003efastify/fastify#6568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use fastify.example in documentation by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6567\"\u003efastify/fastify#6567\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add common performance degradation guidance by \u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(server): fix camelCase anchor links in TOC by \u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(link-checker): fix root-relative links resolution by \u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update syntax markdown, absolute paths and links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6569\"\u003efastify/fastify#6569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify content-type parser/schema mismatch is outside threat model by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6537\"\u003efastify/fastify#6537\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix incorrect code examples in Reply and Request reference by \u003ca href=\"https://github.com/mahmoodhamdi\"\u003e\u003ccode\u003e@​mahmoodhamdi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6582\"\u003efastify/fastify#6582\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: replace redirected npm.im http-errors link by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6588\"\u003efastify/fastify#6588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: Allow port to be null in request type definition by \u003ca href=\"https://github.com/TristanBarlow\"\u003e\u003ccode\u003e@​TristanBarlow\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6589\"\u003efastify/fastify#6589\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6593\"\u003efastify/fastify#6593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(lock-threads): use shared lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6592\"\u003efastify/fastify#6592\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3983cce8124714242099e8756a7a9a80a0ba0aea\"\u003e\u003ccode\u003e3983cce\u003c/code\u003e\u003c/a\u003e Bumped v5.8.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3ce3ae6752dbed672759856081af9cb1e2733105\"\u003e\u003ccode\u003e3ce3ae6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/b06a196b694c0c7aed53976cd77456f1ad7d4c9f\"\u003e\u003ccode\u003eb06a196\u003c/code\u003e\u003c/a\u003e docs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6610\"\u003e#6610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/909c5d5329536b0acc004da7649b3da8af9273b2\"\u003e\u003ccode\u003e909c5d5\u003c/code\u003e\u003c/a\u003e chore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6630\"\u003e#6630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/4db21a36ddb588acaebf5a4472ccb3b0d5fc9db0\"\u003e\u003ccode\u003e4db21a3\u003c/code\u003e\u003c/a\u003e chore: Bump borp from 0.21.0 to 1.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6633\"\u003e#6633\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/0f4e544c8acd7c42df347936e613a73cecc4f3fe\"\u003e\u003ccode\u003e0f4e544\u003c/code\u003e\u003c/a\u003e chore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6632\"\u003e#6632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/33a2fcd39de584713495bf4b3bd864137746f224\"\u003e\u003ccode\u003e33a2fcd\u003c/code\u003e\u003c/a\u003e chore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6629\"\u003e#6629\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/fd35d829a8cd496a3c1170c0c1c021130e3ca0e8\"\u003e\u003ccode\u003efd35d82\u003c/code\u003e\u003c/a\u003e ci: reduce cron schedules from daily/weekly to monthly (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6623\"\u003e#6623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/8dee9be05ebf683cd212aeff1d294f6ea1ec405c\"\u003e\u003ccode\u003e8dee9be\u003c/code\u003e\u003c/a\u003e fix: restore trustProxy function for number and string types, add null check ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/d457aeda8611777389c7e4713a288eb7ddb9a389\"\u003e\u003ccode\u003ed457aed\u003c/code\u003e\u003c/a\u003e chore: upgrade to typescript v6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6605\"\u003e#6605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify/compare/v5.7.3...v5.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `i18next-http-backend` from 2.5.2 to 3.0.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/i18next/i18next-http-backend/blob/master/CHANGELOG.md\"\u003ei18next-http-backend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e3.0.5\u003c/h3\u003e\n\u003cp\u003eSecurity release — all issues found via an internal audit. See published advisory \u003ca href=\"https://github.com/i18next/i18next-http-backend/security/advisories/GHSA-q89c-q3h5-w34g\"\u003eGHSA-q89c-q3h5-w34g\u003c/a\u003e.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity: refuse to build request URLs when \u003ccode\u003elng\u003c/code\u003e or \u003ccode\u003ens\u003c/code\u003e values contain path-traversal, URL-structure (\u003ccode\u003e?\u003c/code\u003e, \u003ccode\u003e#\u003c/code\u003e, \u003ccode\u003e%\u003c/code\u003e, \u003ccode\u003e@\u003c/code\u003e, whitespace), path separators, control characters, prototype keys, or exceed 128 chars. Prevents path traversal / SSRF / URL injection via attacker-controlled language-code values. \u003ccode\u003eisSafeUrlSegment\u003c/code\u003e is permissive for legitimate i18next language codes (any BCP-47-like shape, underscores, hyphens, dots, \u003ccode\u003e+\u003c/code\u003e-joined multi-language requests) (\u003ca href=\"https://github.com/i18next/i18next-http-backend/security/advisories/GHSA-q89c-q3h5-w34g\"\u003eGHSA-q89c-q3h5-w34g\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esecurity: per-instance \u003ccode\u003eomitFetchOptions\u003c/code\u003e — the fetch-options-stripping fallback is now scoped to a single backend instance via \u003ccode\u003eoptions._omitFetchOptions\u003c/code\u003e instead of a module-level boolean. One instance hitting a \u0026quot;not implemented\u0026quot; fetch error no longer permanently strips \u003ccode\u003erequestOptions\u003c/code\u003e (including \u003ccode\u003ecredentials\u003c/code\u003e, \u003ccode\u003emode\u003c/code\u003e, \u003ccode\u003ecache\u003c/code\u003e) from every other backend instance in the same process\u003c/li\u003e\n\u003cli\u003esecurity: strip CR/LF/NUL and other C0/C1 control characters from \u003ccode\u003elng\u003c/code\u003e/\u003ccode\u003ens\u003c/code\u003e / URL values before they appear in error-callback strings (CWE-117 log forging)\u003c/li\u003e\n\u003cli\u003esecurity: redact \u003ccode\u003euser:password\u003c/code\u003e credentials from URLs before including them in error-callback strings — prevents leaking basic-auth credentials embedded in \u003ccode\u003eloadPath\u003c/code\u003e / \u003ccode\u003eaddPath\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003esecurity: iterate own enumerable keys only (\u003ccode\u003eObject.keys\u003c/code\u003e + prototype-key guard) in \u003ccode\u003eaddQueryString\u003c/code\u003e and in the \u003ccode\u003ecustomHeaders\u003c/code\u003e loop in XHR mode — prevents prototype-pollution amplification into the URL and request headers\u003c/li\u003e\n\u003cli\u003echore: ignore \u003ccode\u003e.env*\u003c/code\u003e and \u003ccode\u003e*.pem\u003c/code\u003e/\u003ccode\u003e*.key\u003c/code\u003e files in \u003ccode\u003e.gitignore\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse own interpolation function for loadPath and addPath instead of relying on i18next's interpolator \u003ca href=\"https://redirect.github.com/i18next/i18next/issues/2420\"\u003ei18next#2420\u003c/a\u003e — this means only \u003ccode\u003e{{lng}}\u003c/code\u003e and \u003ccode\u003e{{ns}}\u003c/code\u003e placeholders are supported; custom interpolation prefix/suffix from i18next config no longer applies to backend paths\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize fetchApi selector\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etry to get rid of top-level await\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix for Deno 2 and removal of unnecessary .cjs file\u003c/li\u003e\n\u003cli\u003efor esm build environments not supporting top-level await, you should import the \u003ccode\u003ei18next-http-backend/cjs\u003c/code\u003e export or stay at v2.6.2 or v2.7.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize fetchApi selector [backported]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esame as 2.6.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeprecated, same as v3.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove network error detection across browsers \u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/pull/152\"\u003e152\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize \u0026quot;Failed to fetch\u0026quot; retry case \u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/issues/147\"\u003e147\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.0\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/5757fa3283bff31bd75e75598c3bcb44179bd892\"\u003e\u003ccode\u003e5757fa3\u003c/code\u003e\u003c/a\u003e 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4cee84f229c637b9c182366d3156f726d407a621\"\u003e\u003ccode\u003e4cee84f\u003c/code\u003e\u003c/a\u003e security: hardening for 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4cbc48741128d9b1f6cceb43edabfbec84c92615\"\u003e\u003ccode\u003e4cbc487\u003c/code\u003e\u003c/a\u003e Bump next from 16.2.1 to 16.2.3 in /example/next (\u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/issues/180\"\u003e#180\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/0d7dcbb09989d358b3af9a67658469ae8ed361dc\"\u003e\u003ccode\u003e0d7dcbb\u003c/code\u003e\u003c/a\u003e make last change more clear\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/c740e013ab5ff4ea3a71f9e0842a302bdf4147ae\"\u003e\u003ccode\u003ec740e01\u003c/code\u003e\u003c/a\u003e year\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/e1dc72b3fb016932959d2bf796d94985baca7050\"\u003e\u003ccode\u003ee1dc72b\u003c/code\u003e\u003c/a\u003e changelog fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4dbb4851ff53b0058d8f0a254779b45c839e6c24\"\u003e\u003ccode\u003e4dbb485\u003c/code\u003e\u003c/a\u003e 3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/5f33a0c2d72f8f9c1e0add30b9b75a0c2edeb7b6\"\u003e\u003ccode\u003e5f33a0c\u003c/code\u003e\u003c/a\u003e use own interpolation function for loadPath and addPath instead of relying on...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/681c09d12ebfafef09351b784d2e7b250328879f\"\u003e\u003ccode\u003e681c09d\u003c/code\u003e\u003c/a\u003e update ci actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/e63ff163717ba02c589e27fa81cc881add892fbd\"\u003e\u003ccode\u003ee63ff16\u003c/code\u003e\u003c/a\u003e adjust deno test\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/i18next/i18next-http-backend/compare/v2.5.2...v3.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fastify/static` from 8.1.0 to 9.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6410 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\u003c/a\u003e.\nThis fixes CVE CVE-2026-6414 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/570\"\u003efastify/fastify-static#570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/552\"\u003efastify/fastify-static#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move ignoreTrailingSlash under routerOptions by \u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/543\"\u003efastify/fastify-static#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump pino and borp dependencies, delete stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update syntax typescript by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/558\"\u003efastify/fastify-static#558\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/560\"\u003efastify/fastify-static#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: sendFile ignoring option overrides in some cases by \u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade c8 to v11.0.0 and improvements test by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/564\"\u003efastify/fastify-static#564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/566\"\u003efastify/fastify-static#566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump content-disposition from 0.5.4 to 1.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/547\"\u003efastify/fastify-static#547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate glob@13 by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/550\"\u003efastify/fastify-static#550\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: use cross-platform compatible info emoji by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/522\"\u003efastify/fastify-static#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix typo by \u003ca href=\"https://github.com/9w\"\u003e\u003ccode\u003e@​9w\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/523\"\u003efastify/fastify-static#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): update date ranges; standardise style by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/525\"\u003efastify/fastify-static#525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove reference to simple-get by \u003ca href=\"https://github.com/ilteoood\"\u003e\u003ccode\u003e@​ilteoood\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/528\"\u003efastify/fastify-static#528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 22.15.34 to 24.0.8 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/527\"\u003efastify/fastify-static#527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(types): add missing anchors by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/529\"\u003efastify/fastify-static#529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(readme): correct compatibility table by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/531\"\u003efastify/fastify-static#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: remove usage of deprecated request.routeConfig by \u003ca href=\"https://github.com/inyourtime\"\u003e\u003ccode\u003e@​inyourtime\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/530\"\u003efastify/fastify-static#530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump tsd from 0.32.0 to 0.33.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/532\"\u003efastify/fastify-static#532\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/48b136f5d8da0efea328f49f6202ab3edabf608b\"\u003e\u003ccode\u003e48b136f\u003c/code\u003e\u003c/a\u003e Bumped v9.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/cc7b7f7e00a5f028599ba17392b831afd0c651aa\"\u003e\u003ccode\u003ecc7b7f7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/9921faa7ffe4931f4bbd2d1a8b6d90e720081856\"\u003e\u003ccode\u003e9921faa\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/4183d2d8dd52b11c27f7adc22abb8d2531ad4a02\"\u003e\u003ccode\u003e4183d2d\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/a3a8cd6c7a5b0937d7ad939564991c284f09754a\"\u003e\u003ccode\u003ea3a8cd6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/8423c80016917b40a3e42c38fd55070a89d1b9b8\"\u003e\u003ccode\u003e8423c80\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/475dce148995ac754a8cb344bad63c8cbd6517d2\"\u003e\u003ccode\u003e475dce1\u003c/code\u003e\u003c/a\u003e chore: upgrade c8 to v11.0.0 and improvements test (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/3ff0f39b94da96f42a88ed57c554abc8381806c3\"\u003e\u003ccode\u003e3ff0f39\u003c/code\u003e\u003c/a\u003e fix: sendFile ignoring option overrides in some cases (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/559\"\u003e#559\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/663baa7da61ff69115995baf59efba6396d814a8\"\u003e\u003ccode\u003e663baa7\u003c/code\u003e\u003c/a\u003e chore(license): standardise license notice (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/560\"\u003e#560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/51bb66e88667850ff5e8f4e9a27ebbf8c5b7bbad\"\u003e\u003ccode\u003e51bb66e\u003c/code\u003e\u003c/a\u003e chore: update syntax typescript (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.1.0...v9.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://gi...\n\n_Description has been truncated_","html_url":"https://github.com/szabiiii/activepieces/pull/21","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/szabiiii%2Factivepieces/issues/21","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/21/packages"},{"uuid":"4404067037","node_id":"PR_kwDORSKvL87ZaSBO","number":18,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 20 directories with 6 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-08T05:43:13.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-08T05:42:46.000Z","updated_at":"2026-05-08T05:43:15.000Z","time_to_close":27,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":6,"packages":[{"name":"@fastify/http-proxy","old_version":"11.3.0","new_version":"11.4.4","repository_url":"https://github.com/fastify/fastify-http-proxy"},{"name":"axios","old_version":"1.13.5","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"fast-xml-parser","old_version":"5.3.7","new_version":"5.7.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"i18next-http-backend","old_version":"2.5.2","new_version":"3.0.5","repository_url":"https://github.com/i18next/i18next-http-backend"},{"name":"@fastify/static","old_version":"8.1.0","new_version":"9.1.1","repository_url":"https://github.com/fastify/fastify-static"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.3.1","repository_url":"https://github.com/patrickjuchli/basic-ftp"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/http-proxy](https://github.com/fastify/fastify-http-proxy) | `11.3.0` | `11.4.4` |\n| [axios](https://github.com/axios/axios) | `1.13.5` | `1.15.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.3.7` | `5.7.0` |\n| [i18next-http-backend](https://github.com/i18next/i18next-http-backend) | `2.5.2` | `3.0.5` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.1.0` | `9.1.1` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.3.1` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/cli directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/common directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/campaign-monitor directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/crisp directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/docusign directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/github directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/help-scout directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/http-oauth2 directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/kizeo-forms directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/pastebin directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/rss directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/salesforce directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/vtex directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/youtube directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/graphql directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/http directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/sftp directory: [basic-ftp](https://github.com/patrickjuchli/basic-ftp).\nBumps the npm_and_yarn group with 3 updates in the /packages/server/api directory: [@fastify/http-proxy](https://github.com/fastify/fastify-http-proxy), [axios](https://github.com/axios/axios) and [@fastify/static](https://github.com/fastify/fastify-static).\nBumps the npm_and_yarn group with 2 updates in the /packages/web directory: [axios](https://github.com/axios/axios) and [i18next-http-backend](https://github.com/i18next/i18next-http-backend).\n\nUpdates `@fastify/http-proxy` from 11.3.0 to 11.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-http-proxy/releases\"\u003e@​fastify/http-proxy's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev11.4.4\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33805 \u003ca href=\"https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37\"\u003ehttps://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: remove fast-proxy dependency by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/453\"\u003efastify/fastify-http-proxy#453\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/454\"\u003efastify/fastify-http-proxy#454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump pino-test from 1.1.0 to 2.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/456\"\u003efastify/fastify-http-proxy#456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 5.9.3 to 6.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/455\"\u003efastify/fastify-http-proxy#455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/457\"\u003efastify/fastify-http-proxy#457\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/459\"\u003efastify/fastify-http-proxy#459\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.3...v11.4.4\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.3...v11.4.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Only replace the prefix at the beginning of the URL. by \u003ca href=\"https://github.com/ShogunPanda\"\u003e\u003ccode\u003e@​ShogunPanda\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/452\"\u003efastify/fastify-http-proxy#452\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.2...v11.4.3\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.2...v11.4.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/443\"\u003efastify/fastify-http-proxy#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade borp to v1.0.0 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/445\"\u003efastify/fastify-http-proxy#445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/446\"\u003efastify/fastify-http-proxy#446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/448\"\u003efastify/fastify-http-proxy#448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: removed stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/449\"\u003efastify/fastify-http-proxy#449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(qs): preserve fromParameters query params by \u003ca href=\"https://github.com/rozzilla\"\u003e\u003ccode\u003e@​rozzilla\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/451\"\u003efastify/fastify-http-proxy#451\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/445\"\u003efastify/fastify-http-proxy#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.1...v11.4.2\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.1...v11.4.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add types and updated docs for 'preRewrite'. by \u003ca href=\"https://github.com/mn4367\"\u003e\u003ccode\u003e@​mn4367\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/442\"\u003efastify/fastify-http-proxy#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mn4367\"\u003e\u003ccode\u003e@​mn4367\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/442\"\u003efastify/fastify-http-proxy#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.0...v11.4.1\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.0...v11.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 22.15.34 to 24.0.8 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/424\"\u003efastify/fastify-http-proxy#424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 5.8.3 to 5.9.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/426\"\u003efastify/fastify-http-proxy#426\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/15df3dc5eca55e2e61dba1745f422690b4a55257\"\u003e\u003ccode\u003e15df3dc\u003c/code\u003e\u003c/a\u003e Bumped v11.4.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/87ded36a2a67b3530a4c04f836ba4f26b26b12ae\"\u003e\u003ccode\u003e87ded36\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/459\"\u003e#459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/4011c5d6a3da2b33e8fea5234f09cbd447dfa8f0\"\u003e\u003ccode\u003e4011c5d\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/457\"\u003e#457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/7d287c244a6ec8b222bad4e8fff289c26d0b1606\"\u003e\u003ccode\u003e7d287c2\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump typescript from 5.9.3 to 6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/455\"\u003e#455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/801beea98c3a61b168c64deef4ce694fdafd8804\"\u003e\u003ccode\u003e801beea\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump pino-test from 1.1.0 to 2.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/456\"\u003e#456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/b05568e6b7db701c95171c3a0194516cbb0fea13\"\u003e\u003ccode\u003eb05568e\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/454\"\u003e#454\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/1d675fd2add0e523ea1a97c6f8506ce769366cdc\"\u003e\u003ccode\u003e1d675fd\u003c/code\u003e\u003c/a\u003e chore: remove fast-proxy dependency (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/453\"\u003e#453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/16e2044b7c4b59e6069712510da3a3f4f6bab636\"\u003e\u003ccode\u003e16e2044\u003c/code\u003e\u003c/a\u003e Bumped v11.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/be4a26865b1a588fb016523b35db4baeb16cfe0a\"\u003e\u003ccode\u003ebe4a268\u003c/code\u003e\u003c/a\u003e fix: Only replace the prefix at the beginning of the URL. (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/452\"\u003e#452\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/f5719401e8693716be0001c9e8f777675b965cc5\"\u003e\u003ccode\u003ef571940\u003c/code\u003e\u003c/a\u003e v11.4.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.3.0...v11.4.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.5 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10702\"\u003e#10702\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10726\"\u003e#10726\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter:\u003c/strong\u003e Handles socket-only request errors without leaking keep-alive listeners. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10576\"\u003e#10576\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProgress Events:\u003c/strong\u003e Clamps \u003ccode\u003eloaded\u003c/code\u003e to \u003ccode\u003etotal\u003c/code\u003e for computable upload/download progress events. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7458\"\u003e#7458\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Aligns \u003ccode\u003erunWhen\u003c/code\u003e type with the runtime behaviour in \u003ccode\u003eInterceptorManager\u003c/code\u003e and makes response header keys case-insensitive. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7529\"\u003e#7529\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10677\"\u003e#10677\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ebuildFullPath\u003c/code\u003e:\u003c/strong\u003e Uses strict equality in the base/relative URL check. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7252\"\u003e#7252\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eAxiosURLSearchParams\u003c/code\u003e Regex:\u003c/strong\u003e Improves the regex used for param serialisation to avoid edge-case mismatches. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10736\"\u003e#10736\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResilient Value Parsing:\u003c/strong\u003e Parses out header/config values instead of throwing on malformed input. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10687\"\u003e#10687\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003ev1.15.1 - April 19, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/582934382e4e0e0bcb679c628071a4203e93cf57\"\u003e\u003ccode\u003e5829343\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10789\"\u003e#10789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4709a48fa2717ba97f43f5432d48ca4e26c2d326\"\u003e\u003ccode\u003e4709a48\u003c/code\u003e\u003c/a\u003e fix: added fix for memory leak in sockets (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/be3336014e01f9a4fc1f8aef15303cf7daaf58db\"\u003e\u003ccode\u003ebe33360\u003c/code\u003e\u003c/a\u003e chore: update changelog (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa\"\u003e\u003ccode\u003e4791514\u003c/code\u003e\u003c/a\u003e fix: more header pollutions (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6feafcff6c2dbafe206161c5d09e38e1d36af66f\"\u003e\u003ccode\u003e6feafcf\u003c/code\u003e\u003c/a\u003e fix: socket issue (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/302e2739c602f00e323d4f3f5c79500647633a73\"\u003e\u003ccode\u003e302e273\u003c/code\u003e\u003c/a\u003e docs: update docs, add a couple actions etc (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ac42446be51300fe214ba3c6e40cc95f34fd6871\"\u003e\u003ccode\u003eac42446\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/908f2206b6bfeff67236784abce85935698ac1d9\"\u003e\u003ccode\u003e908f220\u003c/code\u003e\u003c/a\u003e docs: update threatmodel (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10765\"\u003e#10765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f93f8155250c2e066205521eda05ae22983a1f6d\"\u003e\u003ccode\u003ef93f815\u003c/code\u003e\u003c/a\u003e docs: added docs around potential decompressions bomb (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10763\"\u003e#10763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1728aa1b15b8857f970611fd8983c06b423fc486\"\u003e\u003ccode\u003e1728aa1\u003c/code\u003e\u003c/a\u003e fix: short-circuits on any truthy non-boolean in withXSRFToken (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.13.5...v1.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 5.3.7 to 5.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003euse \u003ccode\u003e@​nodable/entities\u003c/code\u003e to replace entities\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo API change\u003c/li\u003e\n\u003cli\u003eNo change in performance for basic usage\u003c/li\u003e\n\u003cli\u003eNo typing change\u003c/li\u003e\n\u003cli\u003eNo config change\u003c/li\u003e\n\u003cli\u003enew dependency\u003c/li\u003e\n\u003cli\u003ebreaking: error messages for entities might have been changed.\u003c/li\u003e\n\u003cli\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.12...v5.6.0\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.12...v5.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eperformance improvment, increase entity expansion default limit\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eincrease default entity explansion limit as many projects demand for that\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre\u003e\u003ccode\u003emaxEntitySize: 10000,\r\nmaxExpansionDepth: 10000,\r\nmaxTotalExpansions: Infinity,\r\nmaxExpandedLength: 100000,\r\nmaxEntityCount: 1000,\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cul\u003e\n\u003cli\u003eperformance improvement\n\u003cul\u003e\n\u003cli\u003ereduce calls to toString\u003c/li\u003e\n\u003cli\u003eearly return when entities are not present\u003c/li\u003e\n\u003cli\u003eprepare rawAttrsForMatcher only if user sets \u003ccode\u003ejPath: false\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.9...v5.5.10\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.9...v5.5.10\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003efix typins and matcher instance in callbacks\u003c/h2\u003e\n\u003cp\u003ecombine typings file to avoid configuration changes\npass readonly instance of matcher to the call backs to avoid accidental push/pop call\u003c/p\u003e\n\u003ch2\u003efix bugs of entity parsing and value parsing\u003c/h2\u003e\n\u003cp\u003efix: entity expansion limits\nupdate strnum package to 2.2.0\u003c/p\u003e\n\u003ch2\u003efix entity expansion and incorrect replacement and performance\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003esupport onDangerousProperty\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eupdate dependecies to fix typings\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eintegrate path-expression-matcher\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esupport path-expression-matcher\u003c/li\u003e\n\u003cli\u003efix: stopNode should not be parsed\u003c/li\u003e\n\u003cli\u003eperformance improvement for stopNode checking\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eSeparate Builder\u003c/h2\u003e\n\u003cp\u003eXML Builder was the part of \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder\"\u003efast-xml-parser\u003c/a\u003e for years. But considering that any bug in builder may false-alarm the users who are only using parser and vice-versa, we have decided to split it into a separate package.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003efast-xml-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003eNote: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003cp\u003eNote: Due to some last quick changes on v4, detail of v4.5.3 \u0026amp; v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.3 / 2006-05-05\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: alwaysCreateTextNode should create text node when attributes are present for self closing node\u003c/li\u003e\n\u003cli\u003efix stop node expression when ns prefix is removed (found by \u003ca href=\"https://github.com/iruizsalinas\"\u003eiruizsalinas\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate XML Builder to 1.1.7\u003c/li\u003e\n\u003cli\u003emark addEntity deprecated\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.2 / 2026-04-25\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eallow numerical external entity for backward compatibility\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/705\"\u003e#705\u003c/a\u003e: attributesGroupName working with preserveOrder\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/817\"\u003e#817\u003c/a\u003e: stackoverflow when tag expression is very long\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.1 / 2026-04-20\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix typo in CJS typing file\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.0 / 2026-04-17\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse \u003ccode\u003e@nodable/entities\u003c/code\u003e v2.1.0\n\u003cul\u003e\n\u003cli\u003ebreaking changes\n\u003cul\u003e\n\u003cli\u003esingle entity scan. You're not allowed to user entity value to form another entity name.\u003c/li\u003e\n\u003cli\u003eyou cant add numeric external entity\u003c/li\u003e\n\u003cli\u003eentity error message when expantion limit is crossed might change\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003etypings are updated for new options related to process entity\u003c/li\u003e\n\u003cli\u003eplease follow documentation of \u003ccode\u003e@nodable/entities\u003c/code\u003e for more detail.\u003c/li\u003e\n\u003cli\u003eperformance\n\u003cul\u003e\n\u003cli\u003eif processEntities is false, then there should not be impact on performance.\u003c/li\u003e\n\u003cli\u003eif processEntities is true, but you dont pass entity decoder separately then performance may degrade by approx 8-10%\u003c/li\u003e\n\u003cli\u003eif processEntities is true, and you pass entity decoder separately\n\u003cul\u003e\n\u003cli\u003eif no entity then performance should be same as before\u003c/li\u003e\n\u003cli\u003eif there are entities then performance should be increased from past versions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eignoreAttributes is not required to be set to set xml version for NCR entity value\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eupdate 'fast-xml-builder' to sanitize malicious CDATA and comment's content\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.6.0 / 2026-04-15\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: entity replacement for numeric entities\u003c/li\u003e\n\u003cli\u003euse \u003ccode\u003e@​nodable/entities\u003c/code\u003e to replace entities\n\u003cul\u003e\n\u003cli\u003ethis may change some error messages related to entities expansion limit or inavlid use\u003c/li\u003e\n\u003cli\u003epost check would be exposed in future version\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.12 / 2026-04-13\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePerformance Improvement: update path-expression-matcher\n\u003cul\u003e\n\u003cli\u003euse proxy pattern than Proxy class\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.11 / 2026-04-08\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePerformance Improvement\n\u003cul\u003e\n\u003cli\u003eintegrate ExpressionSet for stopNodes\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f529642d760ef53bb9115ad4798af5dc77ac22c4\"\u003e\u003ccode\u003ef529642\u003c/code\u003e\u003c/a\u003e update to release v5.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/52a8583465d6a67ad19e86fe34714879a981c18e\"\u003e\u003ccode\u003e52a8583\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;improve performance of attributes reading\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/8d187f9abaf42ebdd85623a9ae942b08e8ae5d0c\"\u003e\u003ccode\u003e8d187f9\u003c/code\u003e\u003c/a\u003e update builder\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/e174168a72a65a8fccad2c42bde329d2167edf27\"\u003e\u003ccode\u003ee174168\u003c/code\u003e\u003c/a\u003e improve performance of attributes reading\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/79a8dde50cebaeeda75cc1ad5b97c328da106316\"\u003e\u003ccode\u003e79a8dde\u003c/code\u003e\u003c/a\u003e update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f5cd5a595f313ed7b0820cabfa82ebdaa08651f7\"\u003e\u003ccode\u003ef5cd5a5\u003c/code\u003e\u003c/a\u003e set xml version to decoder even if attributes are ignored\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f44b9236f4bee07bba75f0549fe86c981b1aeeef\"\u003e\u003ccode\u003ef44b923\u003c/code\u003e\u003c/a\u003e remove unwanted tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/869ec8b3588304a3a6aa9f22e38445e06d4547c8\"\u003e\u003ccode\u003e869ec8b\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003e@​nodable/entities\u003c/code\u003e v2.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/7cb49e51cd060caecf296fbf718a98d8c044c8c5\"\u003e\u003ccode\u003e7cb49e5\u003c/code\u003e\u003c/a\u003e update release detail\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/1b14fa7e2a957ea4eae7bbf144534737a19d4527\"\u003e\u003ccode\u003e1b14fa7\u003c/code\u003e\u003c/a\u003e include currency entities in default list\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.7...v5.7.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `i18next-http-backend` from 2.5.2 to 3.0.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/i18next/i18next-http-backend/blob/master/CHANGELOG.md\"\u003ei18next-http-backend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e3.0.5\u003c/h3\u003e\n\u003cp\u003eSecurity release — all issues found via an internal audit. See published advisory \u003ca href=\"https://github.com/i18next/i18next-http-backend/security/advisories/GHSA-q89c-q3h5-w34g\"\u003eGHSA-q89c-q3h5-w34g\u003c/a\u003e.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity: refuse to build request URLs when \u003ccode\u003elng\u003c/code\u003e or \u003ccode\u003ens\u003c/code\u003e values contain path-traversal, URL-structure (\u003ccode\u003e?\u003c/code\u003e, \u003ccode\u003e#\u003c/code\u003e, \u003ccode\u003e%\u003c/code\u003e, \u003ccode\u003e@\u003c/code\u003e, whitespace), path separators, control characters, prototype keys, or exceed 128 chars. Prevents path traversal / SSRF / URL injection via attacker-controlled language-code values. \u003ccode\u003eisSafeUrlSegment\u003c/code\u003e is permissive for legitimate i18next language codes (any BCP-47-like shape, underscores, hyphens, dots, \u003ccode\u003e+\u003c/code\u003e-joined multi-language requests) (\u003ca href=\"https://github.com/i18next/i18next-http-backend/security/advisories/GHSA-q89c-q3h5-w34g\"\u003eGHSA-q89c-q3h5-w34g\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esecurity: per-instance \u003ccode\u003eomitFetchOptions\u003c/code\u003e — the fetch-options-stripping fallback is now scoped to a single backend instance via \u003ccode\u003eoptions._omitFetchOptions\u003c/code\u003e instead of a module-level boolean. One instance hitting a \u0026quot;not implemented\u0026quot; fetch error no longer permanently strips \u003ccode\u003erequestOptions\u003c/code\u003e (including \u003ccode\u003ecredentials\u003c/code\u003e, \u003ccode\u003emode\u003c/code\u003e, \u003ccode\u003ecache\u003c/code\u003e) from every other backend instance in the same process\u003c/li\u003e\n\u003cli\u003esecurity: strip CR/LF/NUL and other C0/C1 control characters from \u003ccode\u003elng\u003c/code\u003e/\u003ccode\u003ens\u003c/code\u003e / URL values before they appear in error-callback strings (CWE-117 log forging)\u003c/li\u003e\n\u003cli\u003esecurity: redact \u003ccode\u003euser:password\u003c/code\u003e credentials from URLs before including them in error-callback strings — prevents leaking basic-auth credentials embedded in \u003ccode\u003eloadPath\u003c/code\u003e / \u003ccode\u003eaddPath\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003esecurity: iterate own enumerable keys only (\u003ccode\u003eObject.keys\u003c/code\u003e + prototype-key guard) in \u003ccode\u003eaddQueryString\u003c/code\u003e and in the \u003ccode\u003ecustomHeaders\u003c/code\u003e loop in XHR mode — prevents prototype-pollution amplification into the URL and request headers\u003c/li\u003e\n\u003cli\u003echore: ignore \u003ccode\u003e.env*\u003c/code\u003e and \u003ccode\u003e*.pem\u003c/code\u003e/\u003ccode\u003e*.key\u003c/code\u003e files in \u003ccode\u003e.gitignore\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse own interpolation function for loadPath and addPath instead of relying on i18next's interpolator \u003ca href=\"https://redirect.github.com/i18next/i18next/issues/2420\"\u003ei18next#2420\u003c/a\u003e — this means only \u003ccode\u003e{{lng}}\u003c/code\u003e and \u003ccode\u003e{{ns}}\u003c/code\u003e placeholders are supported; custom interpolation prefix/suffix from i18next config no longer applies to backend paths\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize fetchApi selector\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etry to get rid of top-level await\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix for Deno 2 and removal of unnecessary .cjs file\u003c/li\u003e\n\u003cli\u003efor esm build environments not supporting top-level await, you should import the \u003ccode\u003ei18next-http-backend/cjs\u003c/code\u003e export or stay at v2.6.2 or v2.7.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize fetchApi selector [backported]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esame as 2.6.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeprecated, same as v3.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove network error detection across browsers \u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/pull/152\"\u003e152\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize \u0026quot;Failed to fetch\u0026quot; retry case \u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/issues/147\"\u003e147\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.0\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/5757fa3283bff31bd75e75598c3bcb44179bd892\"\u003e\u003ccode\u003e5757fa3\u003c/code\u003e\u003c/a\u003e 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4cee84f229c637b9c182366d3156f726d407a621\"\u003e\u003ccode\u003e4cee84f\u003c/code\u003e\u003c/a\u003e security: hardening for 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4cbc48741128d9b1f6cceb43edabfbec84c92615\"\u003e\u003ccode\u003e4cbc487\u003c/code\u003e\u003c/a\u003e Bump next from 16.2.1 to 16.2.3 in /example/next (\u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/issues/180\"\u003e#180\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/0d7dcbb09989d358b3af9a67658469ae8ed361dc\"\u003e\u003ccode\u003e0d7dcbb\u003c/code\u003e\u003c/a\u003e make last change more clear\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/c740e013ab5ff4ea3a71f9e0842a302bdf4147ae\"\u003e\u003ccode\u003ec740e01\u003c/code\u003e\u003c/a\u003e year\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/e1dc72b3fb016932959d2bf796d94985baca7050\"\u003e\u003ccode\u003ee1dc72b\u003c/code\u003e\u003c/a\u003e changelog fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4dbb4851ff53b0058d8f0a254779b45c839e6c24\"\u003e\u003ccode\u003e4dbb485\u003c/code\u003e\u003c/a\u003e 3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/5f33a0c2d72f8f9c1e0add30b9b75a0c2edeb7b6\"\u003e\u003ccode\u003e5f33a0c\u003c/code\u003e\u003c/a\u003e use own interpolation function for loadPath and addPath instead of relying on...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/681c09d12ebfafef09351b784d2e7b250328879f\"\u003e\u003ccode\u003e681c09d\u003c/code\u003e\u003c/a\u003e update ci actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/e63ff163717ba02c589e27fa81cc881add892fbd\"\u003e\u003ccode\u003ee63ff16\u003c/code\u003e\u003c/a\u003e adjust deno test\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/i18next/i18next-http-backend/compare/v2.5.2...v3.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fastify/static` from 8.1.0 to 9.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6410 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\u003c/a\u003e.\nThis fixes CVE CVE-2026-6414 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/570\"\u003efastify/fastify-static#570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/552\"\u003efastify/fastify-static#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move ignoreTrailingSlash under routerOptions by \u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/543\"\u003efastify/fastify-static#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump pino and borp dependencies, delete stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update syntax typescript by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/558\"\u003efastify/fastify-static#558\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/560\"\u003efastify/fastify-static#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: sendFile ignoring option overrides in some cases by \u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade c8 to v11.0.0 and improvements test by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/564\"\u003efastify/fastify-static#564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/566\"\u003efastify/fastify-static#566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump content-disposition from 0.5.4 to 1.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/547\"\u003efastify/fastify-static#547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate glob@13 by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/550\"\u003efastify/fastify-static#550\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: use cross-platform compatible info emoji by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/522\"\u003efastify/fastify-static#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix typo by \u003ca href=\"https://github.com/9w\"\u003e\u003ccode\u003e@​9w\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/523\"\u003efastify/fastify-static#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): update date ranges; standardise style by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/525\"\u003efastify/fastify-static#525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove reference to simple-get by \u003ca href=\"https://github.com/ilteoood\"\u003e\u003ccode\u003e@​ilteoood\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/528\"\u003efastify/fastify-static#528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 22.15.34 to 24.0.8 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/527\"\u003efastify/fastify-static#527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(types): add missing anchors by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/529\"\u003efastify/fastify-static#529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(readme): correct compatibility table by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/531\"\u003efastify/fastify-static#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: remove usage of deprecated request.routeConfig by \u003ca href=\"https://github.com/inyourtime\"\u003e\u003ccode\u003e@​inyourtime\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/530\"\u003efastify/fastify-static#530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump tsd from 0.32.0 to 0.33.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/532\"\u003efastify/fastify-static#532\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/48b136f5d8da0efea328f49f6202ab3edabf608b\"\u003e\u003ccode\u003e48b136f\u003c/code\u003e\u003c/a\u003e Bumped v9.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/cc7b7f7e00a5f028599ba17392b831afd0c651aa\"\u003e\u003ccode\u003ecc7b7f7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/9921faa7ffe4931f4bbd2d1a8b6d90e720081856\"\u003e\u003ccode\u003e9921faa\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/4183d2d8dd52b11c27f7adc22abb8d2531ad4a02\"\u003e\u003ccode\u003e4183d2d\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/a3a8cd6c7a5b0937d7ad939564991c284f09754a\"\u003e\u003ccode\u003ea3a8cd6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/8423c80016917b40a3e42c38fd55070a89d1b9b8\"\u003e\u003ccode\u003e8423c80\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/475dce148995ac754a8cb344bad63c8cbd6517d2\"\u003e\u003ccode\u003e475dce1\u003c/code\u003e\u003c/a\u003e chore: upgrade c8 to v11.0.0 and improvements test (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/3ff0f39b94da96f42a88ed57c554abc8381806c3\"\u003e\u003ccode\u003e3ff0f39\u003c/code\u003e\u003c/a\u003e fix: sendFile ignoring option overrides in some cases (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/559\"\u003e#559\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/663baa7da61ff69115995baf59efba6396d814a8\"\u003e\u003ccode\u003e663baa7\u003c/code\u003e\u003c/a\u003e chore(license): standardise license notice (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/560\"\u003e#560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/51bb66e88667850ff5e8f4e9a27ebbf8c5b7bbad\"\u003e\u003ccode\u003e51bb66e\u003c/code\u003e\u003c/a\u003e chore: update syntax typescript (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.1.0...v9.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/980371bb6057d78d479b5cfc18683392abd2c45f\"\u003e\u003ccode\u003e980371b\u003c/code\u003e\u003c/a\u003e Guard against unbounded control response\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/50827c73ca6c1d786c97276e47be8a33d0f2277d\"\u003e\u003ccode\u003e50827c7\u003c/code\u003e\u003c/a\u003e Adjust changelog to match release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/c9378a8ff73b96e89f17525266d648ce495286a6\"\u003e\u003ccode\u003ec9378a8\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/22abe4356782f499d97418f0a7a2c3bb02db72b7\"\u003e\u003ccode\u003e22abe43\u003c/code\u003e\u003c/a\u003e Update Github Actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0feaaec3d4394bb3470edd006df933d2b6e64689\"\u003e\u003ccode\u003e0feaaec\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/6629d7d7abe9169543a8ff60a6dc32e6fe7cf91c\"\u003e\u003ccode\u003e6629d7d\u003c/code\u003e\u003c/a\u003e Improve error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9c3bf4f893470cd2418b54862eb9b609efc3d335\"\u003e\u003ccode\u003e9c3bf4f\u003c/code\u003e\u003c/a\u003e Set higher default value for max size of directory listing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/acd3942c81ac27caf998b0ed13f3ce85c0fc6320\"\u003e\u003ccode\u003eacd3942\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/130442932b1ef27a550c915f231c07eae01e665a\"\u003e\u003ccode\u003e1304429\u003c/code\u003e\u003c/a\u003e Offer maxListingBytes as an option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5cb5367e86d8a2991224fb2b82e4933d27c07904\"\u003e\u003ccode\u003e5cb5367\u003c/code\u003e\u003c/a\u003e Add bounded StringWriter\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.5 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.c...\n\n_Description has been truncated_","html_url":"https://github.com/szabiiii/activepieces/pull/18","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/szabiiii%2Factivepieces/issues/18","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/18/packages"},{"uuid":"4400369754","node_id":"PR_kwDOPrXVTc7ZObaB","number":95,"state":"closed","title":"Bump the npm_and_yarn group across 12 directories with 16 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-07T16:35:54.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-07T16:33:42.000Z","updated_at":"2026-05-07T16:38:36.000Z","time_to_close":132,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":16,"packages":[{"name":"axios","old_version":"1.8.3","new_version":"1.16.0","repository_url":"https://github.com/axios/axios"},{"name":"axios","old_version":"1.11.0","new_version":"1.16.0","repository_url":"https://github.com/axios/axios"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.3.1","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"fastify","old_version":"5.4.0","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"},{"name":"i18next-http-backend","old_version":"2.5.2","new_version":"3.0.5","repository_url":"https://github.com/i18next/i18next-http-backend"},{"name":"simple-git","old_version":"3.21.0","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"postcss","old_version":"8.4.38","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"vite","old_version":"6.3.5","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"fast-xml-parser","old_version":"4.4.1","new_version":"5.7.2","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"@fastify/static","old_version":"8.2.0","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"},{"name":"@supabase/auth-js","old_version":"2.69.1","new_version":"2.105.3","repository_url":"https://github.com/supabase/supabase-js"},{"name":"@xmldom/xmldom","old_version":"0.8.10","new_version":"0.8.13","repository_url":"https://github.com/xmldom/xmldom"},{"name":"protobufjs","old_version":"7.5.3","new_version":"7.5.6","repository_url":"https://github.com/protobufjs/protobuf.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 12 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `1.8.3` | `1.16.0` |\n| [axios](https://github.com/axios/axios) | `1.11.0` | `1.16.0` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.3.1` |\n| [fastify](https://github.com/fastify/fastify) | `5.4.0` | `5.8.5` |\n| [i18next-http-backend](https://github.com/i18next/i18next-http-backend) | `2.5.2` | `3.0.5` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.21.0` | `3.36.0` |\n| [postcss](https://github.com/postcss/postcss) | `8.4.38` | `8.5.10` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.3.5` | `6.4.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.4.1` | `5.7.2` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.2.0` | `9.1.3` |\n| [@supabase/auth-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/auth-js) | `2.69.1` | `2.105.3` |\n| [@xmldom/xmldom](https://github.com/xmldom/xmldom) | `0.8.10` | `0.8.13` |\n| [protobufjs](https://github.com/protobufjs/protobuf.js) | `7.5.3` | `7.5.6` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/amazon-ses directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/amazon-sns directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/amazon-sqs directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/clarifai directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 2 updates in the /packages/pieces/community/contentful directory: [axios](https://github.com/axios/axios) and [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/image-helper directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects).\nBumps the npm_and_yarn group with 3 updates in the /packages/pieces/community/mailchain directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects), [lodash](https://github.com/lodash/lodash) and [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/pdf directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects).\nBumps the npm_and_yarn group with 2 updates in the /packages/pieces/community/scrapeless directory: [basic-ftp](https://github.com/patrickjuchli/basic-ftp) and [ip-address](https://github.com/beaugunderson/ip-address).\nBumps the npm_and_yarn group with 2 updates in the /packages/server/shared directory: [axios](https://github.com/axios/axios) and [fastify](https://github.com/fastify/fastify).\nBumps the npm_and_yarn group with 2 updates in the /packages/server/worker directory: [axios](https://github.com/axios/axios) and [fastify](https://github.com/fastify/fastify).\n\nUpdates `axios` from 1.8.3 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/df53d7dd99b202fb194217abd127ae6a630e70dc\"\u003e\u003ccode\u003edf53d7d\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9d92bcd32639d1eea5b89f03ae45f248d3bb058e\"\u003e\u003ccode\u003e9d92bcd\u003c/code\u003e\u003c/a\u003e fix: gadgets and smaller issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5107ee69aee527b19eabaf80000ca65752135435\"\u003e\u003ccode\u003e5107ee6\u003c/code\u003e\u003c/a\u003e fix: prevent undefined error codes in settle (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e57349992f230b6b13e80613eb84302560aa5ba8\"\u003e\u003ccode\u003ee573499\u003c/code\u003e\u003c/a\u003e fix(fetch): defer global access in fetch adapter (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ad68e1a484b50086af427f767bbd7d6e3aab7ac3\"\u003e\u003ccode\u003ead68e1a\u003c/code\u003e\u003c/a\u003e fix(http): honor timeout during connect without redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2a51828213128691d2e37502b5eb2cf4965a737d\"\u003e\u003ccode\u003e2a51828\u003c/code\u003e\u003c/a\u003e fix(http): decode URL basic auth credentials (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0e8b6bbb542131bae9940618d84d5286255d4db1\"\u003e\u003ccode\u003e0e8b6bb\u003c/code\u003e\u003c/a\u003e fix(http): preserve user-supplied Host header when forwarding through a proxy...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/79f39e1d041dca87173226d0255f90eaf252564b\"\u003e\u003ccode\u003e79f39e1\u003c/code\u003e\u003c/a\u003e docs: document paramsSerializer.encode for strict RFC 3986 query encoding (\u003ca href=\"https://redirect.github.com/axios/axios/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0fe3a5fc14829535e1d517c662d448e86c33438e\"\u003e\u003ccode\u003e0fe3a5f\u003c/code\u003e\u003c/a\u003e [Docs/Types] Update \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions for ES2023 and add ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/cd6737fd84bdb7caf2a319d3579573a49f9d238d\"\u003e\u003ccode\u003ecd6737f\u003c/code\u003e\u003c/a\u003e chore: matches the sibling responseStream.on(aborted) handler and added tests...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.8.3...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.11.0 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/df53d7dd99b202fb194217abd127ae6a630e70dc\"\u003e\u003ccode\u003edf53d7d\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9d92bcd32639d1eea5b89f03ae45f248d3bb058e\"\u003e\u003ccode\u003e9d92bcd\u003c/code\u003e\u003c/a\u003e fix: gadgets and smaller issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5107ee69aee527b19eabaf80000ca65752135435\"\u003e\u003ccode\u003e5107ee6\u003c/code\u003e\u003c/a\u003e fix: prevent undefined error codes in settle (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e57349992f230b6b13e80613eb84302560aa5ba8\"\u003e\u003ccode\u003ee573499\u003c/code\u003e\u003c/a\u003e fix(fetch): defer global access in fetch adapter (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ad68e1a484b50086af427f767bbd7d6e3aab7ac3\"\u003e\u003ccode\u003ead68e1a\u003c/code\u003e\u003c/a\u003e fix(http): honor timeout during connect without redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2a51828213128691d2e37502b5eb2cf4965a737d\"\u003e\u003ccode\u003e2a51828\u003c/code\u003e\u003c/a\u003e fix(http): decode URL basic auth credentials (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0e8b6bbb542131bae9940618d84d5286255d4db1\"\u003e\u003ccode\u003e0e8b6bb\u003c/code\u003e\u003c/a\u003e fix(http): preserve user-supplied Host header when forwarding through a proxy...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/79f39e1d041dca87173226d0255f90eaf252564b\"\u003e\u003ccode\u003e79f39e1\u003c/code\u003e\u003c/a\u003e docs: document paramsSerializer.encode for strict RFC 3986 query encoding (\u003ca href=\"https://redirect.github.com/axios/axios/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0fe3a5fc14829535e1d517c662d448e86c33438e\"\u003e\u003ccode\u003e0fe3a5f\u003c/code\u003e\u003c/a\u003e [Docs/Types] Update \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions for ES2023 and add ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/cd6737fd84bdb7caf2a319d3579573a49f9d238d\"\u003e\u003ccode\u003ecd6737f\u003c/code\u003e\u003c/a\u003e chore: matches the sibling responseStream.on(aborted) handler and added tests...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.8.3...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/980371bb6057d78d479b5cfc18683392abd2c45f\"\u003e\u003ccode\u003e980371b\u003c/code\u003e\u003c/a\u003e Guard against unbounded control response\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/50827c73ca6c1d786c97276e47be8a33d0f2277d\"\u003e\u003ccode\u003e50827c7\u003c/code\u003e\u003c/a\u003e Adjust changelog to match release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/c9378a8ff73b96e89f17525266d648ce495286a6\"\u003e\u003ccode\u003ec9378a8\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/22abe4356782f499d97418f0a7a2c3bb02db72b7\"\u003e\u003ccode\u003e22abe43\u003c/code\u003e\u003c/a\u003e Update Github Actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0feaaec3d4394bb3470edd006df933d2b6e64689\"\u003e\u003ccode\u003e0feaaec\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/6629d7d7abe9169543a8ff60a6dc32e6fe7cf91c\"\u003e\u003ccode\u003e6629d7d\u003c/code\u003e\u003c/a\u003e Improve error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9c3bf4f893470cd2418b54862eb9b609efc3d335\"\u003e\u003ccode\u003e9c3bf4f\u003c/code\u003e\u003c/a\u003e Set higher default value for max size of directory listing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/acd3942c81ac27caf998b0ed13f3ce85c0fc6320\"\u003e\u003ccode\u003eacd3942\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/130442932b1ef27a550c915f231c07eae01e665a\"\u003e\u003ccode\u003e1304429\u003c/code\u003e\u003c/a\u003e Offer maxListingBytes as an option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5cb5367e86d8a2991224fb2b82e4933d27c07904\"\u003e\u003ccode\u003e5cb5367\u003c/code\u003e\u003c/a\u003e Add bounded StringWriter\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.4.0 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastif...\n\n_Description has been truncated_\n\n---\n\n🔄 This PR is an automated dependency update that bumps 16 npm packages across 12 directories, including major updates to axios (1.8.3→1.16.0), fastify (5.4.0→5.8.5), and various AWS SDK packages, addressing security vulnerabilities and bringing performance improvements.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Core Dependencies**: Major version bumps for axios (1.8.3→1.16.0) and fastify (5.4.0→5.8.5) with significant security and feature improvements\n- **AWS SDK Updates**: Unified AWS SDK packages to version 3.1044.0 across S3, SES, SNS, and SQS services\n- **Security Patches**: Updates to basic-ftp (5.0.5→5.3.1), follow-redirects (1.15.9→1.16.0), and other packages addressing known vulnerabilities\n- **Development Tools**: Updates to vite (6.3.5→6.4.2), postcss (8.4.38→8.5.10), and other build tools\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 16 Vulnerable Packages]\n    B --\u003e C[Update Root Dependencies]\n    B --\u003e D[Update Package-Specific Dependencies]\n    C --\u003e E[axios 1.16.0 - Security Fixes]\n    C --\u003e F[fastify 5.8.5 - CVE Patches]\n    C --\u003e G[AWS SDK 3.1044.0 - Consistency]\n    D --\u003e H[Community Packages]\n    H --\u003e I[Lock File Updates]\n    E --\u003e J[Enhanced Security Posture]\n    F --\u003e J\n    G --\u003e J\n```\n\n### Impact\n- **Security Enhancement**: Addresses multiple CVEs including fetch adapter vulnerabilities in axios and trust proxy issues in fastify\n- **API Improvements**: Axios now supports QUERY HTTP method and improved error handling with ECONNREFUSED constants\n- **Consistency**: AWS SDK packages are now aligned to the same version (3.1044.0) reducing potential compatibility issues\n- **Performance**: Updated packages include performance optimizations and bug fixes for better reliability\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/activepieces/pull/95","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Factivepieces/issues/95","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/95/packages"},{"uuid":"4398603828","node_id":"PR_kwDORFRk1s7ZImP4","number":68,"state":"closed","title":"Build(deps): Bump the minor-and-patch group across 1 directory with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-09T01:16:12.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-07T12:03:54.000Z","updated_at":"2026-05-09T01:16:14.000Z","time_to_close":133938,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Build(deps): Bump","group_name":"minor-and-patch","update_count":19,"packages":[{"name":"@fastify/static","old_version":"9.1.1","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"},{"name":"axios","old_version":"1.15.0","new_version":"1.16.0","repository_url":"https://github.com/axios/axios"},{"name":"zod","old_version":"4.3.6","new_version":"4.4.3","repository_url":"https://github.com/colinhacks/zod"},{"name":"esbuild","old_version":"0.27.7","new_version":"0.28.0","repository_url":"https://github.com/evanw/esbuild"},{"name":"vitest","old_version":"4.1.4","new_version":"4.1.5","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"lucide-react","old_version":"1.8.0","new_version":"1.14.0","repository_url":"https://github.com/lucide-icons/lucide"},{"name":"react","old_version":"19.2.5","new_version":"19.2.6","repository_url":"https://github.com/facebook/react"},{"name":"react-dom","old_version":"19.2.5","new_version":"19.2.6","repository_url":"https://github.com/facebook/react"},{"name":"react-hook-form","old_version":"7.72.1","new_version":"7.75.0","repository_url":"https://github.com/react-hook-form/react-hook-form"},{"name":"react-router","old_version":"7.14.1","new_version":"7.15.0","repository_url":"https://github.com/remix-run/react-router"},{"name":"zustand","old_version":"5.0.12","new_version":"5.0.13","repository_url":"https://github.com/pmndrs/zustand"},{"name":"@tailwindcss/vite","old_version":"4.2.2","new_version":"4.2.4","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"jsdom","old_version":"29.0.2","new_version":"29.1.1","repository_url":"https://github.com/jsdom/jsdom"},{"name":"msw","old_version":"2.13.4","new_version":"2.14.3","repository_url":"https://github.com/mswjs/msw"},{"name":"postcss","old_version":"8.5.10","new_version":"8.5.14","repository_url":"https://github.com/postcss/postcss"},{"name":"vite","old_version":"8.0.8","new_version":"8.0.11","repository_url":"https://github.com/vitejs/vite"},{"name":"vitepress-plugin-llms","old_version":"1.12.1","new_version":"1.12.2","repository_url":"https://github.com/okineadev/vitepress-plugin-llms"},{"name":"vue","old_version":"3.5.32","new_version":"3.5.34","repository_url":"https://github.com/vuejs/core"}],"path":null,"ecosystem":"npm"},"body":"Bumps the minor-and-patch group with 18 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `9.1.1` | `9.1.3` |\n| [axios](https://github.com/axios/axios) | `1.15.0` | `1.16.0` |\n| [zod](https://github.com/colinhacks/zod) | `4.3.6` | `4.4.3` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.27.7` | `0.28.0` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.4` | `4.1.5` |\n| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.8.0` | `1.14.0` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.5` | `19.2.6` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.5` | `19.2.6` |\n| [react-hook-form](https://github.com/react-hook-form/react-hook-form) | `7.72.1` | `7.75.0` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `7.14.1` | `7.15.0` |\n| [zustand](https://github.com/pmndrs/zustand) | `5.0.12` | `5.0.13` |\n| [@tailwindcss/vite](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-vite) | `4.2.2` | `4.2.4` |\n| [jsdom](https://github.com/jsdom/jsdom) | `29.0.2` | `29.1.1` |\n| [msw](https://github.com/mswjs/msw) | `2.13.4` | `2.14.3` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.10` | `8.5.14` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.0.8` | `8.0.11` |\n| [vitepress-plugin-llms](https://github.com/okineadev/vitepress-plugin-llms) | `1.12.1` | `1.12.2` |\n| [vue](https://github.com/vuejs/core) | `3.5.32` | `3.5.34` |\n\n\nUpdates `@fastify/static` from 9.1.1 to 9.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: support wildcard prefixes with route params by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/576\"\u003efastify/fastify-static#576\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: resolve wildcard paths in encapsulated contexts by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/574\"\u003efastify/fastify-static#574\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/880c1a6c9118c7ff7c74a5727e5697237183d5cf\"\u003e\u003ccode\u003e880c1a6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/7f92da5bf2366ccd2e0082e77d5222a7cb47d152\"\u003e\u003ccode\u003e7f92da5\u003c/code\u003e\u003c/a\u003e fix: support wildcard prefixes with route params (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/b0a66d5270a1ee1535e0c786d9beac2c7c7619c6\"\u003e\u003ccode\u003eb0a66d5\u003c/code\u003e\u003c/a\u003e Bumped v9.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/32af86372ab45d3799408d5b56fc7f7d3003e5de\"\u003e\u003ccode\u003e32af863\u003c/code\u003e\u003c/a\u003e fix: resolve wildcard paths in encapsulated contexts (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.15.0 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/df53d7dd99b202fb194217abd127ae6a630e70dc\"\u003e\u003ccode\u003edf53d7d\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9d92bcd32639d1eea5b89f03ae45f248d3bb058e\"\u003e\u003ccode\u003e9d92bcd\u003c/code\u003e\u003c/a\u003e fix: gadgets and smaller issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5107ee69aee527b19eabaf80000ca65752135435\"\u003e\u003ccode\u003e5107ee6\u003c/code\u003e\u003c/a\u003e fix: prevent undefined error codes in settle (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e57349992f230b6b13e80613eb84302560aa5ba8\"\u003e\u003ccode\u003ee573499\u003c/code\u003e\u003c/a\u003e fix(fetch): defer global access in fetch adapter (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ad68e1a484b50086af427f767bbd7d6e3aab7ac3\"\u003e\u003ccode\u003ead68e1a\u003c/code\u003e\u003c/a\u003e fix(http): honor timeout during connect without redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2a51828213128691d2e37502b5eb2cf4965a737d\"\u003e\u003ccode\u003e2a51828\u003c/code\u003e\u003c/a\u003e fix(http): decode URL basic auth credentials (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0e8b6bbb542131bae9940618d84d5286255d4db1\"\u003e\u003ccode\u003e0e8b6bb\u003c/code\u003e\u003c/a\u003e fix(http): preserve user-supplied Host header when forwarding through a proxy...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/79f39e1d041dca87173226d0255f90eaf252564b\"\u003e\u003ccode\u003e79f39e1\u003c/code\u003e\u003c/a\u003e docs: document paramsSerializer.encode for strict RFC 3986 query encoding (\u003ca href=\"https://redirect.github.com/axios/axios/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0fe3a5fc14829535e1d517c662d448e86c33438e\"\u003e\u003ccode\u003e0fe3a5f\u003c/code\u003e\u003c/a\u003e [Docs/Types] Update \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions for ES2023 and add ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/cd6737fd84bdb7caf2a319d3579573a49f9d238d\"\u003e\u003ccode\u003ecd6737f\u003c/code\u003e\u003c/a\u003e chore: matches the sibling responseStream.on(aborted) handler and added tests...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.15.0...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zod` from 4.3.6 to 4.4.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/colinhacks/zod/releases\"\u003ezod's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.4.3\u003c/h2\u003e\n\u003ch2\u003eCommits:\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e4c2fa95ce3f3390fbc522324e406b4e9e89b88f9 docs: use Zernio primary wordmark for gold sponsor logo\u003c/li\u003e\n\u003cli\u003e2aeec83eb135e3a83756e973ef44845fc5a455d2 docs: prune lapsed gold sponsors and rebalance logo sizing\u003c/li\u003e\n\u003cli\u003e7391be88ac1ee5cd02057f5ccc012a1f5df4efd0 docs: prune lapsed silver/bronze sponsors and add active ones\u003c/li\u003e\n\u003cli\u003e2c703322a21b4e2b12f33f49ea8430c451a68b4f docs: normalize bronze sponsor logos to github avatar pattern\u003c/li\u003e\n\u003cli\u003e9195250cab0e7950efe39c3926d6c203b4b0a170 docs: remove Mintlify from bronze sponsors (churned)\u003c/li\u003e\n\u003cli\u003eb8dffe9e62f17e6571e6249d05cc5102b54d94e4 docs: remove Numeric and Speakeasy (2+ missed monthly cycles)\u003c/li\u003e\n\u003cli\u003e1cab69383fcdeae2a366d5e2a2fc4d8fc765d168 fix(v4): restore catch handling for absent object keys (\u003ca href=\"https://redirect.github.com/colinhacks/zod/issues/5937\"\u003e#5937\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/colinhacks/zod/issues/5939\"\u003e#5939\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ec2be4f819064eed62c7c350a2d399b5faecd15f8 fix(v4): generalize optin/fallback to transform; restore preprocess on absent keys (\u003ca href=\"https://redirect.github.com/colinhacks/zod/issues/5941\"\u003e#5941\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ef3c9ec03ba7a28ae72d25cc295f38674bee0f559 4.4.3\u003c/li\u003e\n\u003cli\u003e1fb56a5c18c27102dbc92260a4007c7732a0ccca docs: document release procedure in AGENTS.md\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.4.2\u003c/h2\u003e\n\u003ch2\u003eCommits:\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e0c62df0ea19fd05abdf90473e9eef7eea530fab2 Clean up docs navigation and stale labels (\u003ca href=\"https://redirect.github.com/colinhacks/zod/issues/5901\"\u003e#5901\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e20cc794895cc8604fe0c87d83a5d1c3f89fad0ac chore: add security policy and refresh tooling deps\u003c/li\u003e\n\u003cli\u003e6fbe07b0177efdd1bf1c0b05160e70d7a0702337 fix(docs): heading anchor links now include the hash so it doesnt scoll all the way up, follows navbar logic (\u003ca href=\"https://redirect.github.com/colinhacks/zod/issues/5791\"\u003e#5791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e4bbed1b1c73eca4ce9e59b1189ed236aa6c8b5bd Tighten discriminated union option typing\u003c/li\u003e\n\u003cli\u003ebbac3e567e7fccfaaf7cdc97f1ce30c295e2c908 Update PR guidance for agents\u003c/li\u003e\n\u003cli\u003ecf0dc942a32805c292fff59ade20a7ace980735a Merge remote-tracking branch 'origin/main' into fix-discriminated-union-key-constraint\u003c/li\u003e\n\u003cli\u003e292c894a5fd2aa42e527900b83d8d7a3009a709c docs: add Zernio gold sponsor\u003c/li\u003e\n\u003cli\u003e1fc9f311c28dcf80d0bb5a36b177086cbc3d8eca docs: document codec inversion\u003c/li\u003e\n\u003cli\u003e1373c85da9aeff704a9762d27bc58699618aefb7 docs: remove AI disclosure guidance\u003c/li\u003e\n\u003cli\u003ee20d02b473c08e3a4e557bc610b1b5fac079b649 chore: ignore triage notes\u003c/li\u003e\n\u003cli\u003ee58ea4d91b1dfe8194b73508203213cbc7e9c936 docs: test Zod Mini tab code heights\u003c/li\u003e\n\u003cli\u003e905761a5d127e8d5dd2ebb3bc88c75cb0b8149ff docs: document preprocess input type narrowing\u003c/li\u003e\n\u003cli\u003ebf64bac850d4dee2b7dde7e64909d5d796d32043 chore: tighten test guidance in AGENTS.md\u003c/li\u003e\n\u003cli\u003e8ec4e73f4c4693b6361ad591be40fb41eb8a9f95 chore: update play.ts scratch\u003c/li\u003e\n\u003cli\u003e02c2baf7d0d615872fa4528a8020603b71211702 Make z.preprocess defer optionality to inner schema (\u003ca href=\"https://redirect.github.com/colinhacks/zod/issues/5929\"\u003e#5929\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e88015df8e25c44fb5385eb3ef28935119cd5edea fix(docs): drop deprecated \u003ccode\u003ebaseUrl\u003c/code\u003e from tsconfig\u003c/li\u003e\n\u003cli\u003ec59d4474e3b4cad1b323462186cf607178ce8267 4.4.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.4.1\u003c/h2\u003e\n\u003ch2\u003eCommits:\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e481f7be4238c83ed58183f921b2646f340a91c6a ci: gate release publishing on full test workflow\u003c/li\u003e\n\u003cli\u003e95ccab423aec720b2523c3a64cdc7e3204537cc7 test(v3): restore optional undefined expectations\u003c/li\u003e\n\u003cli\u003ecede2c63739a5823d6aa5093d291e9a111da943d fix(v4): reject tuple holes before required defaults (\u003ca href=\"https://redirect.github.com/colinhacks/zod/issues/5900\"\u003e#5900\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eedd0bf0f5ada4a8dc581c259407d7bbad0a71ea7 release: 4.4.1\u003c/li\u003e\n\u003cli\u003e180d83d1dbe6a59260710cc8637a3dea2281ee56 docs: remove Jazz featured sponsor\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.4.0\u003c/h2\u003e\n\u003ch2\u003e4.4.0\u003c/h2\u003e\n\u003cp\u003eThis is a minor release with a wide set of correctness and soundness fixes. Some fixes intentionally make Zod stricter, so code that depended on previously accepted invalid or ambiguous inputs may need small updates.\u003c/p\u003e\n\u003ch2\u003ePotentially breaking bug fixes\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/colinhacks/zod/commit/1fb56a5c18c27102dbc92260a4007c7732a0ccca\"\u003e\u003ccode\u003e1fb56a5\u003c/code\u003e\u003c/a\u003e docs: document release procedure in AGENTS.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/colinhacks/zod/commit/f3c9ec03ba7a28ae72d25cc295f38674bee0f559\"\u003e\u003ccode\u003ef3c9ec0\u003c/code\u003e\u003c/a\u003e 4.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/colinhacks/zod/commit/c2be4f819064eed62c7c350a2d399b5faecd15f8\"\u003e\u003ccode\u003ec2be4f8\u003c/code\u003e\u003c/a\u003e fix(v4): generalize optin/fallback to transform; restore preprocess on absent...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/colinhacks/zod/commit/1cab69383fcdeae2a366d5e2a2fc4d8fc765d168\"\u003e\u003ccode\u003e1cab693\u003c/code\u003e\u003c/a\u003e fix(v4): restore catch handling for absent object keys (\u003ca href=\"https://redirect.github.com/colinhacks/zod/issues/5937\"\u003e#5937\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/colinhacks/zod/issues/5939\"\u003e#5939\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/colinhacks/zod/commit/b8dffe9e62f17e6571e6249d05cc5102b54d94e4\"\u003e\u003ccode\u003eb8dffe9\u003c/code\u003e\u003c/a\u003e docs: remove Numeric and Speakeasy (2+ missed monthly cycles)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/colinhacks/zod/commit/9195250cab0e7950efe39c3926d6c203b4b0a170\"\u003e\u003ccode\u003e9195250\u003c/code\u003e\u003c/a\u003e docs: remove Mintlify from bronze sponsors (churned)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/colinhacks/zod/commit/2c703322a21b4e2b12f33f49ea8430c451a68b4f\"\u003e\u003ccode\u003e2c70332\u003c/code\u003e\u003c/a\u003e docs: normalize bronze sponsor logos to github avatar pattern\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/colinhacks/zod/commit/7391be88ac1ee5cd02057f5ccc012a1f5df4efd0\"\u003e\u003ccode\u003e7391be8\u003c/code\u003e\u003c/a\u003e docs: prune lapsed silver/bronze sponsors and add active ones\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/colinhacks/zod/commit/2aeec83eb135e3a83756e973ef44845fc5a455d2\"\u003e\u003ccode\u003e2aeec83\u003c/code\u003e\u003c/a\u003e docs: prune lapsed gold sponsors and rebalance logo sizing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/colinhacks/zod/commit/4c2fa95ce3f3390fbc522324e406b4e9e89b88f9\"\u003e\u003ccode\u003e4c2fa95\u003c/code\u003e\u003c/a\u003e docs: use Zernio primary wordmark for gold sponsor logo\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/colinhacks/zod/compare/v4.3.6...v4.4.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for zod since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.27.7 to 0.28.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd support for \u003ccode\u003ewith { type: 'text' }\u003c/code\u003e imports (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4435\"\u003e#4435\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe \u003ca href=\"https://github.com/tc39/proposal-import-text\"\u003eimport text\u003c/a\u003e proposal has reached stage 3 in the TC39 process, which means that it's recommended for implementation. It has also already been implemented by \u003ca href=\"https://docs.deno.com/examples/importing_text/\"\u003eDeno\u003c/a\u003e and \u003ca href=\"https://bun.com/docs/guides/runtime/import-html\"\u003eBun\u003c/a\u003e. So with this release, esbuild also adds support for it. This behaves exactly the same as esbuild's existing \u003ca href=\"https://esbuild.github.io/content-types/#text\"\u003e\u003ccode\u003etext\u003c/code\u003e loader\u003c/a\u003e. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport string from './example.txt' with { type: 'text' }\nconsole.log(string)\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to fallback download path (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4343\"\u003e#4343\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eInstalling esbuild via npm is somewhat complicated with several different edge cases (see \u003ca href=\"https://esbuild.github.io/getting-started/#additional-npm-flags\"\u003eesbuild's documentation\u003c/a\u003e for details). If the regular installation of esbuild's platform-specific package fails, esbuild's install script attempts to download the platform-specific package itself (first with the \u003ccode\u003enpm\u003c/code\u003e command, and then with a HTTP request to \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e as a last resort).\u003c/p\u003e\n\u003cp\u003eThis last resort path previously didn't have any integrity checks. With this release, esbuild will now verify that the hash of the downloaded binary matches the expected hash for the current release. This means the hashes for all of esbuild's platform-specific binary packages will now be embedded in the top-level \u003ccode\u003eesbuild\u003c/code\u003e package. Hopefully this should work without any problems. But just in case, this change is being done as a breaking change release.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate the Go compiler from 1.25.7 to 1.26.1\u003c/p\u003e\n\u003cp\u003eThis upgrade should not affect anything. However, there have been some significant internal changes to the Go compiler, so esbuild could potentially behave differently in certain edge cases:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIt now uses the \u003ca href=\"https://go.dev/doc/go1.26#new-garbage-collector\"\u003enew garbage collector\u003c/a\u003e that comes with Go 1.26.\u003c/li\u003e\n\u003cli\u003eThe Go compiler is now more aggressive with allocating memory on the stack.\u003c/li\u003e\n\u003cli\u003eThe executable format that the Go linker uses has undergone several changes.\u003c/li\u003e\n\u003cli\u003eThe WebAssembly build now unconditionally makes use of the sign extension and non-trapping floating-point to integer conversion instructions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eYou can read the \u003ca href=\"https://go.dev/doc/go1.26\"\u003eGo 1.26 release notes\u003c/a\u003e for more information.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.28.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd support for \u003ccode\u003ewith { type: 'text' }\u003c/code\u003e imports (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4435\"\u003e#4435\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe \u003ca href=\"https://github.com/tc39/proposal-import-text\"\u003eimport text\u003c/a\u003e proposal has reached stage 3 in the TC39 process, which means that it's recommended for implementation. It has also already been implemented by \u003ca href=\"https://docs.deno.com/examples/importing_text/\"\u003eDeno\u003c/a\u003e and \u003ca href=\"https://bun.com/docs/guides/runtime/import-html\"\u003eBun\u003c/a\u003e. So with this release, esbuild also adds support for it. This behaves exactly the same as esbuild's existing \u003ca href=\"https://esbuild.github.io/content-types/#text\"\u003e\u003ccode\u003etext\u003c/code\u003e loader\u003c/a\u003e. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport string from './example.txt' with { type: 'text' }\nconsole.log(string)\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to fallback download path (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4343\"\u003e#4343\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eInstalling esbuild via npm is somewhat complicated with several different edge cases (see \u003ca href=\"https://esbuild.github.io/getting-started/#additional-npm-flags\"\u003eesbuild's documentation\u003c/a\u003e for details). If the regular installation of esbuild's platform-specific package fails, esbuild's install script attempts to download the platform-specific package itself (first with the \u003ccode\u003enpm\u003c/code\u003e command, and then with a HTTP request to \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e as a last resort).\u003c/p\u003e\n\u003cp\u003eThis last resort path previously didn't have any integrity checks. With this release, esbuild will now verify that the hash of the downloaded binary matches the expected hash for the current release. This means the hashes for all of esbuild's platform-specific binary packages will now be embedded in the top-level \u003ccode\u003eesbuild\u003c/code\u003e package. Hopefully this should work without any problems. But just in case, this change is being done as a breaking change release.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate the Go compiler from 1.25.7 to 1.26.1\u003c/p\u003e\n\u003cp\u003eThis upgrade should not affect anything. However, there have been some significant internal changes to the Go compiler, so esbuild could potentially behave differently in certain edge cases:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIt now uses the \u003ca href=\"https://go.dev/doc/go1.26#new-garbage-collector\"\u003enew garbage collector\u003c/a\u003e that comes with Go 1.26.\u003c/li\u003e\n\u003cli\u003eThe Go compiler is now more aggressive with allocating memory on the stack.\u003c/li\u003e\n\u003cli\u003eThe executable format that the Go linker uses has undergone several changes.\u003c/li\u003e\n\u003cli\u003eThe WebAssembly build now unconditionally makes use of the sign extension and non-trapping floating-point to integer conversion instructions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eYou can read the \u003ca href=\"https://go.dev/doc/go1.26\"\u003eGo 1.26 release notes\u003c/a\u003e for more information.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/6a794dff68e6a43539f6da671e3080efdf11ca70\"\u003e\u003ccode\u003e6a794df\u003c/code\u003e\u003c/a\u003e publish 0.28.0 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/64ee0ea63b2ff303caafc9610c388dc72c882c23\"\u003e\u003ccode\u003e64ee0ea\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4435\"\u003e#4435\u003c/a\u003e: support \u003ccode\u003ewith { type: text }\u003c/code\u003e imports\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/ef65aeeaacdb71eade186f888975b1de89574314\"\u003e\u003ccode\u003eef65aee\u003c/code\u003e\u003c/a\u003e fix sort order in \u003ccode\u003esnapshots_packagejson.txt\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1a26a8ecbc39aaf1379c524a0274a08fbcbed655\"\u003e\u003ccode\u003e1a26a8e\u003c/code\u003e\u003c/a\u003e try to fix \u003ccode\u003etest-old-ts\u003c/code\u003e, also shuffle CI tasks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/556ce6c1fc00d7c0917fbfada01ed8e5251bc510\"\u003e\u003ccode\u003e556ce6c\u003c/code\u003e\u003c/a\u003e use \u003ccode\u003e''\u003c/code\u003e instead of \u003ccode\u003enull\u003c/code\u003e to omit build hashes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/8e675a81a473ea69a46a69792f1386bb110dd877\"\u003e\u003ccode\u003e8e675a8\u003c/code\u003e\u003c/a\u003e ci: allow missing binary hashes for tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/7067763b904fe8a522fa840a4a48c5fbd4c395e0\"\u003e\u003ccode\u003e7067763\u003c/code\u003e\u003c/a\u003e Reapply \u0026quot;update go 1.25.7 =\u0026gt; 1.26.1\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/39473a952ab3b450d0578b698a8b8d2a02332e0d\"\u003e\u003ccode\u003e39473a9\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4343\"\u003e#4343\u003c/a\u003e: integrity check for binary download\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.27.7...v0.28.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 4.1.4 to 4.1.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Experimental Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Istanbul to support \u003ccode\u003einstrumenter\u003c/code\u003e option  -  by \u003ca href=\"https://github.com/BartWaardenburg\"\u003e\u003ccode\u003e@​BartWaardenburg\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10119\"\u003evitest-dev/vitest#10119\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/0e0ff41c7\"\u003e\u003c!-- raw HTML omitted --\u003e(0e0ff)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e--project negation excludes browser instances  -  by \u003ca href=\"https://github.com/felamaslen\"\u003e\u003ccode\u003e@​felamaslen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10131\"\u003evitest-dev/vitest#10131\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9423dc084\"\u003e\u003c!-- raw HTML omitted --\u003e(9423d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProject color label on html reporter  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10142\"\u003evitest-dev/vitest#10142\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/596f73986\"\u003e\u003c!-- raw HTML omitted --\u003e(596f7)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003evi.defineHelper\u003c/code\u003e called as object method  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10163\"\u003evitest-dev/vitest#10163\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/122c25b5b\"\u003e\u003c!-- raw HTML omitted --\u003e(122c2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlias \u003ccode\u003eagent\u003c/code\u003e reporter to \u003ccode\u003eminimal\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10157\"\u003evitest-dev/vitest#10157\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/663b99fe3\"\u003e\u003c!-- raw HTML omitted --\u003e(663b9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions  -  by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003esheremet-va\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedad\"\u003e\u003c!-- raw HTML omitted --\u003e(9787d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions \u0026quot;  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd\"\u003e\u003c!-- raw HTML omitted --\u003e(7dc6d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-collect\u003c/strong\u003e: Recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery  -  by \u003ca href=\"https://github.com/Yejneshwar\"\u003e\u003ccode\u003e@​Yejneshwar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10129\"\u003evitest-dev/vitest#10129\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab2\"\u003e\u003c!-- raw HTML omitted --\u003e(32546)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Descriptive error message when reports directory is removed during test run  -  by \u003ca href=\"https://github.com/DaveT1991\"\u003e\u003ccode\u003e@​DaveT1991\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10117\"\u003evitest-dev/vitest#10117\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1413382e1\"\u003e\u003c!-- raw HTML omitted --\u003e(14133)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esnapshot\u003c/strong\u003e: Increase default snapshot max output length  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10150\"\u003evitest-dev/vitest#10150\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/21e66ff63\"\u003e\u003c!-- raw HTML omitted --\u003e(21e66)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eui\u003c/strong\u003e: Fix jsx/tsx syntax highlight  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10152\"\u003evitest-dev/vitest#10152\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/f1b1f6c7b\"\u003e\u003c!-- raw HTML omitted --\u003e(f1b1f)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eweb-worker\u003c/strong\u003e: Support MessagePort objects referenced inside postMessage data  -  by \u003ca href=\"https://github.com/whitphx\"\u003e\u003ccode\u003e@​whitphx\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eClaude Opus 4.6 (1M context)\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9927\"\u003evitest-dev/vitest#9927\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10124\"\u003evitest-dev/vitest#10124\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7ad7d39af\"\u003e\u003c!-- raw HTML omitted --\u003e(7ad7d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Make test-specification options writable  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10154\"\u003evitest-dev/vitest#10154\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/6abd557b7\"\u003e\u003c!-- raw HTML omitted --\u003e(6abd5)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.4...v4.1.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e399846850fedf10b8228cbe46a419628998acd9\"\u003e\u003ccode\u003ee399846\u003c/code\u003e\u003c/a\u003e chore: release v4.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd9dda0fe6fee2fb6451d0611a9ecb6e7\"\u003e\u003ccode\u003e7dc6d54\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;fix: respect diff config options in soft assertions (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696\"\u003e#8696\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedade9896a6d3eeed7739177d6c583a68a7\"\u003e\u003ccode\u003e9787ded\u003c/code\u003e\u003c/a\u003e fix: respect diff config options in soft assertions (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696\"\u003e#8696\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab292c45c3ef27aa21ec7da380c307052c\"\u003e\u003ccode\u003e325463a\u003c/code\u003e\u003c/a\u003e fix(ast-collect): recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/0e0ff41c7e86d6e2bf581f074dc216805d10d371\"\u003e\u003ccode\u003e0e0ff41\u003c/code\u003e\u003c/a\u003e feat(coverage): istanbul to support \u003ccode\u003einstrumenter\u003c/code\u003e option (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10119\"\u003e#10119\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/663b99fe3e6a60fc8a7ccd2d9941d1cbe929b606\"\u003e\u003ccode\u003e663b99f\u003c/code\u003e\u003c/a\u003e fix: alias \u003ccode\u003eagent\u003c/code\u003e reporter to \u003ccode\u003eminimal\u003c/code\u003e (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10157\"\u003e#10157\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/122c25b5b157ffd31b376561b16ab983aa23e7bc\"\u003e\u003ccode\u003e122c25b\u003c/code\u003e\u003c/a\u003e fix: fix \u003ccode\u003evi.defineHelper\u003c/code\u003e called as object method (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10163\"\u003e#10163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/6abd557b7219156893dd13a1dbe86501d5542d2e\"\u003e\u003ccode\u003e6abd557\u003c/code\u003e\u003c/a\u003e feat(api): make test-specification options writable (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10154\"\u003e#10154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/596f73986abe2161a9a06f0ca03df68e82690b21\"\u003e\u003ccode\u003e596f739\u003c/code\u003e\u003c/a\u003e fix: project color label on html reporter (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10142\"\u003e#10142\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/9423dc0841e97b6dcac8a73cdb8e656b3d6ba909\"\u003e\u003ccode\u003e9423dc0\u003c/code\u003e\u003c/a\u003e fix: --project negation excludes browser instances (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10131\"\u003e#10131\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v4.1.5/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lucide-react` from 1.8.0 to 1.14.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lucide-icons/lucide/releases\"\u003elucide-react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 1.14.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003erepeat-off\u003c/code\u003e icon by \u003ca href=\"https://github.com/jguddas\"\u003e\u003ccode\u003e@​jguddas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/3102\"\u003elucide-icons/lucide#3102\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lucide-icons/lucide/compare/1.13.0...1.14.0\"\u003ehttps://github.com/lucide-icons/lucide/compare/1.13.0...1.14.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.13.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(docs): sync URL params with UI state on categories page by \u003ca href=\"https://github.com/taimar\"\u003e\u003ccode\u003e@​taimar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4111\"\u003elucide-icons/lucide#4111\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): add \u003ccode\u003ewaves-vertical\u003c/code\u003e icon by \u003ca href=\"https://github.com/jamiemlaw\"\u003e\u003ccode\u003e@​jamiemlaw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/3867\"\u003elucide-icons/lucide#3867\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lucide-icons/lucide/compare/1.12.0...1.13.0\"\u003ehttps://github.com/lucide-icons/lucide/compare/1.12.0...1.13.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.12.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(icon): add folder-bookmark icon by \u003ca href=\"https://github.com/swastik7805\"\u003e\u003ccode\u003e@​swastik7805\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4262\"\u003elucide-icons/lucide#4262\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(readme): Update readme files by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4320\"\u003elucide-icons/lucide#4320\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003eastroid\u003c/code\u003e icon by \u003ca href=\"https://github.com/whoisBugsbunny\"\u003e\u003ccode\u003e@​whoisBugsbunny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4217\"\u003elucide-icons/lucide#4217\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lucide-icons/lucide/compare/1.10.0...1.12.0\"\u003ehttps://github.com/lucide-icons/lucide/compare/1.10.0...1.12.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.11.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: add missing period to TypeScript Support description by \u003ca href=\"https://github.com/jglu\"\u003e\u003ccode\u003e@​jglu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4309\"\u003elucide-icons/lucide#4309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(\u003ccode\u003e@​lucide/svelte\u003c/code\u003e): proper doc comments for svelte components by \u003ca href=\"https://github.com/blt-r\"\u003e\u003ccode\u003e@​blt-r\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4267\"\u003elucide-icons/lucide#4267\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump svgo from 3.3.2 to 3.3.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4119\"\u003elucide-icons/lucide#4119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump astro from 6.0.8 to 6.1.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4310\"\u003elucide-icons/lucide#4310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): add power and quick tags to zap and zap-off by \u003ca href=\"https://github.com/swastik7805\"\u003e\u003ccode\u003e@​swastik7805\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4268\"\u003elucide-icons/lucide#4268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(build-font): added comprehensive unit tests on build-font tool by \u003ca href=\"https://github.com/karsa-mistmere\"\u003e\u003ccode\u003e@​karsa-mistmere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4315\"\u003elucide-icons/lucide#4315\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(docs): blur background of framework-select by \u003ca href=\"https://github.com/Spleefies\"\u003e\u003ccode\u003e@​Spleefies\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4238\"\u003elucide-icons/lucide#4238\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icon): add heart-x icon  by \u003ca href=\"https://github.com/swastik7805\"\u003e\u003ccode\u003e@​swastik7805\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4264\"\u003elucide-icons/lucide#4264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(icons): optimised \u003ccode\u003erotate-3d\u003c/code\u003e icon by \u003ca href=\"https://github.com/jamiemlaw\"\u003e\u003ccode\u003e@​jamiemlaw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4299\"\u003elucide-icons/lucide#4299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003elayers-minus\u003c/code\u003e icon by \u003ca href=\"https://github.com/Spleefies\"\u003e\u003ccode\u003e@​Spleefies\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4005\"\u003elucide-icons/lucide#4005\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003ebell-check\u003c/code\u003e icon by \u003ca href=\"https://github.com/pettelau\"\u003e\u003ccode\u003e@​pettelau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4152\"\u003elucide-icons/lucide#4152\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jglu\"\u003e\u003ccode\u003e@​jglu\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4309\"\u003elucide-icons/lucide#4309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pettelau\"\u003e\u003ccode\u003e@​pettelau\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4152\"\u003elucide-icons/lucide#4152\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lucide-icons/lucide/compare/1.9.0...1.11.0\"\u003ehttps://github.com/lucide-icons/lucide/compare/1.9.0...1.11.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.10.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: add missing period to TypeScript Support description by \u003ca href=\"https://github.com/jglu\"\u003e\u003ccode\u003e@​jglu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4309\"\u003elucide-icons/lucide#4309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(\u003ccode\u003e@​lucide/svelte\u003c/code\u003e): proper doc comments for svelte components by \u003ca href=\"https://github.com/blt-r\"\u003e\u003ccode\u003e@​blt-r\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4267\"\u003elucide-icons/lucide#4267\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump svgo from 3.3.2 to 3.3.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4119\"\u003elucide-icons/lucide#4119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump astro from 6.0.8 to 6.1.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4310\"\u003elucide-icons/lucide#4310\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lucide-icons/lucide/commit/50d8af5a1012e188f3d71ac8f1fc0fba1aab5357\"\u003e\u003ccode\u003e50d8af5\u003c/code\u003e\u003c/a\u003e docs(readme): Update readme files (\u003ca href=\"https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react/issues/4320\"\u003e#4320\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lucide-icons/lucide/commit/653e44b83293567ff24dcb90ca1094a9cf0a042a\"\u003e\u003ccode\u003e653e44b\u003c/code\u003e\u003c/a\u003e feat(packages): use .mjs for ESM bundles (\u003ca href=\"https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react/issues/4285\"\u003e#4285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/lucide-icons/lucide/commits/1.14.0/packages/lucide-react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react` from 19.2.5 to 19.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/releases\"\u003ereact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.6 (May 6th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eType hardening and performance improvements\n(\u003ca href=\"https://redirect.github.com/facebook/react/pull/36425\"\u003e#36425\u003c/a\u003e by \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/eaf3e95ca92be7a23d3c9cc8ffd6f199a40be401\"\u003e\u003ccode\u003eeaf3e95\u003c/code\u003e\u003c/a\u003e Version 19.2.6\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/facebook/react/commits/v19.2.6/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-dom` from 19.2.5 to 19.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/releases\"\u003ereact-dom's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.6 (May 6th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eType hardening and performance improvements\n(\u003ca href=\"https://redirect.github.com/facebook/react/pull/36425\"\u003e#36425\u003c/a\u003e by \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/eaf3e95ca92be7a23d3c9cc8ffd6f199a40be401\"\u003e\u003ccode\u003eeaf3e95\u003c/code\u003e\u003c/a\u003e Version 19.2.6\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/facebook/react/commits/v19.2.6/packages/react-dom\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-hook-form` from 7.72.1 to 7.75.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/react-hook-form/react-hook-form/releases\"\u003ereact-hook-form's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 7.75.0\u003c/h2\u003e\n\u003cp\u003e🦧 feat: improve get dirty fields prune empty fields (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13363\"\u003e#13363\u003c/a\u003e)\u003c/p\u003e\n\u003cpre lang=\"diff\"\u003e\u003ccode\u003e+ dirtyFields: { test: [{ data: false }] }\r\n- dirtyFields: {} // removed the empty node with false value\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e🎹 typescript 6.0 (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13330\"\u003e#13330\u003c/a\u003e)\n🌡️ chore: minor improvement on setValue \u0026amp; reset (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13366\"\u003e#13366\u003c/a\u003e)\n🐞 fix \u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13403\"\u003e#13403\u003c/a\u003e: include setValues in FormProvider context value (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13404\"\u003e#13404\u003c/a\u003e)\n🐞 fix: recompute isDirty after re-registering a previously unregistered field (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13399\"\u003e#13399\u003c/a\u003e)\n🐞 fix: preserve watch updates on field array unmount fixes \u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13375\"\u003e#13375\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13385\"\u003e#13385\u003c/a\u003e)\n🐞 fix: prevent useWatch re-render when unrelated field validation is … (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13398\"\u003e#13398\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ethanks to \u003ca href=\"https://github.com/dfedoryshchev\"\u003e\u003ccode\u003e@​dfedoryshchev\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/cyky\"\u003e\u003ccode\u003e@​cyky\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/gkarabelos\"\u003e\u003ccode\u003e@​gkarabelos\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 7.74.0\u003c/h2\u003e\n\u003cp\u003e🪇 feat: setValues (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13201\"\u003e#13201\u003c/a\u003e)\u003c/p\u003e\n\u003cpre lang=\"tsx\"\u003e\u003ccode\u003esetValues((data) =\u0026gt; {\r\n  return {\r\n    ...data,\r\n    name: 'test'\r\n  }\r\n})\r\n\u003cp\u003esetValues(formValues);\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e🐞 fix: preserve previous field value when useController name changes (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13395\"\u003e#13395\u003c/a\u003e)\n🐞 fix: handle null parent when unregistering nested field (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13396\"\u003e#13396\u003c/a\u003e)\n🐞 fix: treat NaN as empty when valueAsNumber is true in validateField (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13388\"\u003e#13388\u003c/a\u003e)\n🪢 fix build to exclude test files (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13387\"\u003e#13387\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ethanks to \u003ca href=\"https://github.com/Yihao-G\"\u003e\u003ccode\u003e@​Yihao-G\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://githu...\n\n_Description has been truncated_","html_url":"https://github.com/t3rr11/Requesto/pull/68","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/t3rr11%2FRequesto/issues/68","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/68/packages"},{"uuid":"4395476989","node_id":"PR_kwDOPrXVTc7Y-crU","number":94,"state":"open","title":"Bump the npm_and_yarn group across 12 directories with 18 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-07T01:21:52.000Z","updated_at":"2026-05-07T01:29:07.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":18,"packages":[{"name":"axios","old_version":"1.8.3","new_version":"1.16.0","repository_url":"https://github.com/axios/axios"},{"name":"axios","old_version":"1.11.0","new_version":"1.16.0","repository_url":"https://github.com/axios/axios"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.3.1","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"fastify","old_version":"5.4.0","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"},{"name":"i18next-http-backend","old_version":"2.5.2","new_version":"3.0.5","repository_url":"https://github.com/i18next/i18next-http-backend"},{"name":"nodemailer","old_version":"6.9.9","new_version":"8.0.7","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"simple-git","old_version":"3.21.0","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"postcss","old_version":"8.4.38","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"vite","old_version":"6.3.5","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"fast-xml-parser","old_version":"4.4.1","new_version":"5.7.2","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"@fastify/static","old_version":"8.2.0","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"},{"name":"@supabase/auth-js","old_version":"2.69.1","new_version":"2.105.3","repository_url":"https://github.com/supabase/supabase-js"},{"name":"@xmldom/xmldom","old_version":"0.8.10","new_version":"0.8.13","repository_url":"https://github.com/xmldom/xmldom"},{"name":"protobufjs","old_version":"7.5.3","new_version":"7.5.6","repository_url":"https://github.com/protobufjs/protobuf.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `1.8.3` | `1.16.0` |\n| [axios](https://github.com/axios/axios) | `1.11.0` | `1.16.0` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.3.1` |\n| [fastify](https://github.com/fastify/fastify) | `5.4.0` | `5.8.5` |\n| [i18next-http-backend](https://github.com/i18next/i18next-http-backend) | `2.5.2` | `3.0.5` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `6.9.9` | `8.0.7` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.21.0` | `3.36.0` |\n| [postcss](https://github.com/postcss/postcss) | `8.4.38` | `8.5.10` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.3.5` | `6.4.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.4.1` | `5.7.2` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.2.0` | `9.1.3` |\n| [@supabase/auth-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/auth-js) | `2.69.1` | `2.105.3` |\n| [@xmldom/xmldom](https://github.com/xmldom/xmldom) | `0.8.10` | `0.8.13` |\n| [protobufjs](https://github.com/protobufjs/protobuf.js) | `7.5.3` | `7.5.6` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/amazon-ses directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/amazon-sns directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/amazon-sqs directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/clarifai directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 2 updates in the /packages/pieces/community/contentful directory: [axios](https://github.com/axios/axios) and [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/image-helper directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects).\nBumps the npm_and_yarn group with 3 updates in the /packages/pieces/community/mailchain directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects), [lodash](https://github.com/lodash/lodash) and [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/pdf directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects).\nBumps the npm_and_yarn group with 3 updates in the /packages/pieces/community/scrapeless directory: [basic-ftp](https://github.com/patrickjuchli/basic-ftp), [picomatch](https://github.com/micromatch/picomatch) and [ip-address](https://github.com/beaugunderson/ip-address).\nBumps the npm_and_yarn group with 2 updates in the /packages/server/shared directory: [axios](https://github.com/axios/axios) and [fastify](https://github.com/fastify/fastify).\nBumps the npm_and_yarn group with 2 updates in the /packages/server/worker directory: [axios](https://github.com/axios/axios) and [fastify](https://github.com/fastify/fastify).\n\nUpdates `axios` from 1.8.3 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/df53d7dd99b202fb194217abd127ae6a630e70dc\"\u003e\u003ccode\u003edf53d7d\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9d92bcd32639d1eea5b89f03ae45f248d3bb058e\"\u003e\u003ccode\u003e9d92bcd\u003c/code\u003e\u003c/a\u003e fix: gadgets and smaller issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5107ee69aee527b19eabaf80000ca65752135435\"\u003e\u003ccode\u003e5107ee6\u003c/code\u003e\u003c/a\u003e fix: prevent undefined error codes in settle (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e57349992f230b6b13e80613eb84302560aa5ba8\"\u003e\u003ccode\u003ee573499\u003c/code\u003e\u003c/a\u003e fix(fetch): defer global access in fetch adapter (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ad68e1a484b50086af427f767bbd7d6e3aab7ac3\"\u003e\u003ccode\u003ead68e1a\u003c/code\u003e\u003c/a\u003e fix(http): honor timeout during connect without redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2a51828213128691d2e37502b5eb2cf4965a737d\"\u003e\u003ccode\u003e2a51828\u003c/code\u003e\u003c/a\u003e fix(http): decode URL basic auth credentials (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0e8b6bbb542131bae9940618d84d5286255d4db1\"\u003e\u003ccode\u003e0e8b6bb\u003c/code\u003e\u003c/a\u003e fix(http): preserve user-supplied Host header when forwarding through a proxy...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/79f39e1d041dca87173226d0255f90eaf252564b\"\u003e\u003ccode\u003e79f39e1\u003c/code\u003e\u003c/a\u003e docs: document paramsSerializer.encode for strict RFC 3986 query encoding (\u003ca href=\"https://redirect.github.com/axios/axios/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0fe3a5fc14829535e1d517c662d448e86c33438e\"\u003e\u003ccode\u003e0fe3a5f\u003c/code\u003e\u003c/a\u003e [Docs/Types] Update \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions for ES2023 and add ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/cd6737fd84bdb7caf2a319d3579573a49f9d238d\"\u003e\u003ccode\u003ecd6737f\u003c/code\u003e\u003c/a\u003e chore: matches the sibling responseStream.on(aborted) handler and added tests...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.8.3...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.11.0 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/df53d7dd99b202fb194217abd127ae6a630e70dc\"\u003e\u003ccode\u003edf53d7d\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9d92bcd32639d1eea5b89f03ae45f248d3bb058e\"\u003e\u003ccode\u003e9d92bcd\u003c/code\u003e\u003c/a\u003e fix: gadgets and smaller issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5107ee69aee527b19eabaf80000ca65752135435\"\u003e\u003ccode\u003e5107ee6\u003c/code\u003e\u003c/a\u003e fix: prevent undefined error codes in settle (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e57349992f230b6b13e80613eb84302560aa5ba8\"\u003e\u003ccode\u003ee573499\u003c/code\u003e\u003c/a\u003e fix(fetch): defer global access in fetch adapter (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ad68e1a484b50086af427f767bbd7d6e3aab7ac3\"\u003e\u003ccode\u003ead68e1a\u003c/code\u003e\u003c/a\u003e fix(http): honor timeout during connect without redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2a51828213128691d2e37502b5eb2cf4965a737d\"\u003e\u003ccode\u003e2a51828\u003c/code\u003e\u003c/a\u003e fix(http): decode URL basic auth credentials (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0e8b6bbb542131bae9940618d84d5286255d4db1\"\u003e\u003ccode\u003e0e8b6bb\u003c/code\u003e\u003c/a\u003e fix(http): preserve user-supplied Host header when forwarding through a proxy...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/79f39e1d041dca87173226d0255f90eaf252564b\"\u003e\u003ccode\u003e79f39e1\u003c/code\u003e\u003c/a\u003e docs: document paramsSerializer.encode for strict RFC 3986 query encoding (\u003ca href=\"https://redirect.github.com/axios/axios/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0fe3a5fc14829535e1d517c662d448e86c33438e\"\u003e\u003ccode\u003e0fe3a5f\u003c/code\u003e\u003c/a\u003e [Docs/Types] Update \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions for ES2023 and add ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/cd6737fd84bdb7caf2a319d3579573a49f9d238d\"\u003e\u003ccode\u003ecd6737f\u003c/code\u003e\u003c/a\u003e chore: matches the sibling responseStream.on(aborted) handler and added tests...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.8.3...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/980371bb6057d78d479b5cfc18683392abd2c45f\"\u003e\u003ccode\u003e980371b\u003c/code\u003e\u003c/a\u003e Guard against unbounded control response\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/50827c73ca6c1d786c97276e47be8a33d0f2277d\"\u003e\u003ccode\u003e50827c7\u003c/code\u003e\u003c/a\u003e Adjust changelog to match release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/c9378a8ff73b96e89f17525266d648ce495286a6\"\u003e\u003ccode\u003ec9378a8\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/22abe4356782f499d97418f0a7a2c3bb02db72b7\"\u003e\u003ccode\u003e22abe43\u003c/code\u003e\u003c/a\u003e Update Github Actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0feaaec3d4394bb3470edd006df933d2b6e64689\"\u003e\u003ccode\u003e0feaaec\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/6629d7d7abe9169543a8ff60a6dc32e6fe7cf91c\"\u003e\u003ccode\u003e6629d7d\u003c/code\u003e\u003c/a\u003e Improve error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9c3bf4f893470cd2418b54862eb9b609efc3d335\"\u003e\u003ccode\u003e9c3bf4f\u003c/code\u003e\u003c/a\u003e Set higher default value for max size of directory listing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/acd3942c81ac27caf998b0ed13f3ce85c0fc6320\"\u003e\u003ccode\u003eacd3942\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/130442932b1ef27a550c915f231c07eae01e665a\"\u003e\u003ccode\u003e1304429\u003c/code\u003e\u003c/a\u003e Offer maxListingBytes as an option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5cb5367e86d8a2991224fb2b82e4933d27c07904\"\u003e\u003ccode\u003e5cb5367\u003c/code\u003e\u003c/a\u003e Add bounded StringWriter\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.4.0 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"ht...\n\n_Description has been truncated_\n\n---\n\n🔄 This PR is an automated dependency update that bumps 18 npm packages across 12 directories, including major updates to axios (1.8.3→1.16.0), fastify (5.4.0→5.8.5), and nodemailer (6.9.9→8.0.7), along with security fixes and performance improvements across the dependency tree.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Core Dependencies**: Major version updates to axios (1.8.3→1.16.0), fastify (5.4.0→5.8.5), and nodemailer (6.9.9→8.0.7)\n- **AWS SDK Updates**: Unified AWS SDK packages to version 3.1044.0 across S3, SES, SNS, and SQS services\n- **Security Patches**: Updates include fixes for basic-ftp (5.0.5→5.3.1) addressing multiple CVEs and fastify security patches\n- **Development Tools**: Build tool updates including vite (6.3.5→6.4.2) and postcss (8.4.38→8.5.10)\n- **Community Packages**: Lock file updates across multiple community piece packages with dependency version bumps\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 18 Outdated Packages]\n    B --\u003e C[Core Dependencies]\n    B --\u003e D[AWS SDK Packages]\n    B --\u003e E[Community Pieces]\n    B --\u003e F[Dev Dependencies]\n    \n    C --\u003e C1[axios 1.8.3→1.16.0]\n    C --\u003e C2[fastify 5.4.0→5.8.5]\n    C --\u003e C3[nodemailer 6.9.9→8.0.7]\n    \n    D --\u003e D1[Unify to 3.1044.0]\n    D --\u003e D2[S3, SES, SNS, SQS]\n    \n    E --\u003e E1[Lock File Updates]\n    E --\u003e E2[Transitive Dependencies]\n    \n    F --\u003e F1[vite 6.3.5→6.4.2]\n    F --\u003e F2[postcss 8.4.38→8.5.10]\n```\n\n### Impact\n- **Security Enhancement**: Addresses multiple CVEs in basic-ftp and includes security patches in fastify and axios\n- **Performance Improvements**: Axios 1.16.0 includes HTTP adapter optimizations, fetch adapter improvements, and better error handling\n- **API Consistency**: AWS SDK version unification ensures consistent behavior across all AWS service integrations\n- **Developer Experience**: Updated build tools (vite, postcss) provide better development performance and modern features\n- **Maintenance**: Automated dependency management reduces technical debt and keeps the project current with upstream fixes\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/activepieces/pull/94","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Factivepieces/issues/94","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/94/packages"},{"uuid":"4395017637","node_id":"PR_kwDOPzvG_M7Y8_qp","number":91,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 13 directories with 17 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-06T23:08:23.000Z","updated_at":"2026-05-06T23:11:08.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":17,"packages":[{"name":"axios","old_version":"1.8.3","new_version":"1.16.0","repository_url":"https://github.com/axios/axios"},{"name":"axios","old_version":"1.11.0","new_version":"1.16.0","repository_url":"https://github.com/axios/axios"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.3.1","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"fastify","old_version":"5.4.0","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"},{"name":"i18next-http-backend","old_version":"2.5.2","new_version":"3.0.5","repository_url":"https://github.com/i18next/i18next-http-backend"},{"name":"nodemailer","old_version":"6.9.9","new_version":"8.0.7","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"simple-git","old_version":"3.21.0","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"postcss","old_version":"8.4.38","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"vite","old_version":"6.3.6","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"fast-xml-parser","old_version":"4.4.1","new_version":"5.7.2","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"@fastify/static","old_version":"8.2.0","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"},{"name":"@supabase/auth-js","old_version":"2.69.1","new_version":"2.105.3","repository_url":"https://github.com/supabase/supabase-js"},{"name":"@xmldom/xmldom","old_version":"0.8.10","new_version":"0.8.13","repository_url":"https://github.com/xmldom/xmldom"},{"name":"protobufjs","old_version":"7.5.3","new_version":"7.5.6","repository_url":"https://github.com/protobufjs/protobuf.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `1.8.3` | `1.16.0` |\n| [axios](https://github.com/axios/axios) | `1.11.0` | `1.16.0` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.3.1` |\n| [fastify](https://github.com/fastify/fastify) | `5.4.0` | `5.8.5` |\n| [i18next-http-backend](https://github.com/i18next/i18next-http-backend) | `2.5.2` | `3.0.5` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `6.9.9` | `8.0.7` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.21.0` | `3.36.0` |\n| [postcss](https://github.com/postcss/postcss) | `8.4.38` | `8.5.10` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.3.6` | `6.4.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.4.1` | `5.7.2` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.2.0` | `9.1.3` |\n| [@supabase/auth-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/auth-js) | `2.69.1` | `2.105.3` |\n| [@xmldom/xmldom](https://github.com/xmldom/xmldom) | `0.8.10` | `0.8.13` |\n| [protobufjs](https://github.com/protobufjs/protobuf.js) | `7.5.3` | `7.5.6` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/amazon-ses directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/amazon-sns directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/amazon-sqs directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/clarifai directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 2 updates in the /packages/pieces/community/contentful directory: [axios](https://github.com/axios/axios) and [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/image-helper directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/jira-cloud directory: [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 3 updates in the /packages/pieces/community/mailchain directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects), [lodash](https://github.com/lodash/lodash) and [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/pdf directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects).\nBumps the npm_and_yarn group with 2 updates in the /packages/pieces/community/scrapeless directory: [basic-ftp](https://github.com/patrickjuchli/basic-ftp) and [ip-address](https://github.com/beaugunderson/ip-address).\nBumps the npm_and_yarn group with 2 updates in the /packages/server/shared directory: [axios](https://github.com/axios/axios) and [fastify](https://github.com/fastify/fastify).\nBumps the npm_and_yarn group with 2 updates in the /packages/server/worker directory: [axios](https://github.com/axios/axios) and [fastify](https://github.com/fastify/fastify).\n\nUpdates `axios` from 1.8.3 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/df53d7dd99b202fb194217abd127ae6a630e70dc\"\u003e\u003ccode\u003edf53d7d\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9d92bcd32639d1eea5b89f03ae45f248d3bb058e\"\u003e\u003ccode\u003e9d92bcd\u003c/code\u003e\u003c/a\u003e fix: gadgets and smaller issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5107ee69aee527b19eabaf80000ca65752135435\"\u003e\u003ccode\u003e5107ee6\u003c/code\u003e\u003c/a\u003e fix: prevent undefined error codes in settle (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e57349992f230b6b13e80613eb84302560aa5ba8\"\u003e\u003ccode\u003ee573499\u003c/code\u003e\u003c/a\u003e fix(fetch): defer global access in fetch adapter (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ad68e1a484b50086af427f767bbd7d6e3aab7ac3\"\u003e\u003ccode\u003ead68e1a\u003c/code\u003e\u003c/a\u003e fix(http): honor timeout during connect without redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2a51828213128691d2e37502b5eb2cf4965a737d\"\u003e\u003ccode\u003e2a51828\u003c/code\u003e\u003c/a\u003e fix(http): decode URL basic auth credentials (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0e8b6bbb542131bae9940618d84d5286255d4db1\"\u003e\u003ccode\u003e0e8b6bb\u003c/code\u003e\u003c/a\u003e fix(http): preserve user-supplied Host header when forwarding through a proxy...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/79f39e1d041dca87173226d0255f90eaf252564b\"\u003e\u003ccode\u003e79f39e1\u003c/code\u003e\u003c/a\u003e docs: document paramsSerializer.encode for strict RFC 3986 query encoding (\u003ca href=\"https://redirect.github.com/axios/axios/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0fe3a5fc14829535e1d517c662d448e86c33438e\"\u003e\u003ccode\u003e0fe3a5f\u003c/code\u003e\u003c/a\u003e [Docs/Types] Update \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions for ES2023 and add ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/cd6737fd84bdb7caf2a319d3579573a49f9d238d\"\u003e\u003ccode\u003ecd6737f\u003c/code\u003e\u003c/a\u003e chore: matches the sibling responseStream.on(aborted) handler and added tests...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.8.3...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.11.0 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/df53d7dd99b202fb194217abd127ae6a630e70dc\"\u003e\u003ccode\u003edf53d7d\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9d92bcd32639d1eea5b89f03ae45f248d3bb058e\"\u003e\u003ccode\u003e9d92bcd\u003c/code\u003e\u003c/a\u003e fix: gadgets and smaller issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5107ee69aee527b19eabaf80000ca65752135435\"\u003e\u003ccode\u003e5107ee6\u003c/code\u003e\u003c/a\u003e fix: prevent undefined error codes in settle (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e57349992f230b6b13e80613eb84302560aa5ba8\"\u003e\u003ccode\u003ee573499\u003c/code\u003e\u003c/a\u003e fix(fetch): defer global access in fetch adapter (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ad68e1a484b50086af427f767bbd7d6e3aab7ac3\"\u003e\u003ccode\u003ead68e1a\u003c/code\u003e\u003c/a\u003e fix(http): honor timeout during connect without redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2a51828213128691d2e37502b5eb2cf4965a737d\"\u003e\u003ccode\u003e2a51828\u003c/code\u003e\u003c/a\u003e fix(http): decode URL basic auth credentials (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0e8b6bbb542131bae9940618d84d5286255d4db1\"\u003e\u003ccode\u003e0e8b6bb\u003c/code\u003e\u003c/a\u003e fix(http): preserve user-supplied Host header when forwarding through a proxy...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/79f39e1d041dca87173226d0255f90eaf252564b\"\u003e\u003ccode\u003e79f39e1\u003c/code\u003e\u003c/a\u003e docs: document paramsSerializer.encode for strict RFC 3986 query encoding (\u003ca href=\"https://redirect.github.com/axios/axios/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0fe3a5fc14829535e1d517c662d448e86c33438e\"\u003e\u003ccode\u003e0fe3a5f\u003c/code\u003e\u003c/a\u003e [Docs/Types] Update \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions for ES2023 and add ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/cd6737fd84bdb7caf2a319d3579573a49f9d238d\"\u003e\u003ccode\u003ecd6737f\u003c/code\u003e\u003c/a\u003e chore: matches the sibling responseStream.on(aborted) handler and added tests...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.8.3...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/980371bb6057d78d479b5cfc18683392abd2c45f\"\u003e\u003ccode\u003e980371b\u003c/code\u003e\u003c/a\u003e Guard against unbounded control response\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/50827c73ca6c1d786c97276e47be8a33d0f2277d\"\u003e\u003ccode\u003e50827c7\u003c/code\u003e\u003c/a\u003e Adjust changelog to match release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/c9378a8ff73b96e89f17525266d648ce495286a6\"\u003e\u003ccode\u003ec9378a8\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/22abe4356782f499d97418f0a7a2c3bb02db72b7\"\u003e\u003ccode\u003e22abe43\u003c/code\u003e\u003c/a\u003e Update Github Actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0feaaec3d4394bb3470edd006df933d2b6e64689\"\u003e\u003ccode\u003e0feaaec\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/6629d7d7abe9169543a8ff60a6dc32e6fe7cf91c\"\u003e\u003ccode\u003e6629d7d\u003c/code\u003e\u003c/a\u003e Improve error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9c3bf4f893470cd2418b54862eb9b609efc3d335\"\u003e\u003ccode\u003e9c3bf4f\u003c/code\u003e\u003c/a\u003e Set higher default value for max size of directory listing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/acd3942c81ac27caf998b0ed13f3ce85c0fc6320\"\u003e\u003ccode\u003eacd3942\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/130442932b1ef27a550c915f231c07eae01e665a\"\u003e\u003ccode\u003e1304429\u003c/code\u003e\u003c/a\u003e Offer maxListingBytes as an option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5cb5367e86d8a2991224fb2b82e4933d27c07904\"\u003e\u003ccode\u003e5cb5367\u003c/code\u003e\u003c/a\u003e Add bounded StringWriter\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.4.0 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull...\n\n_Description has been truncated_","html_url":"https://github.com/UniversalStandards/activepieces/pull/91","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/UniversalStandards%2Factivepieces/issues/91","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/91/packages"}],"issue_packages":[{"old_version":"9.1.1","new_version":"9.1.3","update_type":"patch","path":null,"pr_created_at":"2026-06-15T15:27:40.000Z","version_change":"9.1.1 → 9.1.3","issue":{"uuid":"4666489095","node_id":"PR_kwDORLmYbs7mm42w","number":308,"state":"open","title":"chore(deps): bump the minor-and-patch group across 1 directory with 11 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T15:27:40.000Z","updated_at":"2026-06-15T15:29:36.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"minor-and-patch","update_count":11,"packages":[{"name":"@fastify/static","old_version":"9.1.1","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"},{"name":"@asyncapi/cli","old_version":"6.0.0","new_version":"6.0.2","repository_url":"https://github.com/asyncapi/cli"},{"name":"@playwright/test","old_version":"1.59.1","new_version":"1.61.0","repository_url":"https://github.com/microsoft/playwright"},{"name":"@types/node","old_version":"25.6.0","new_version":"25.9.3","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"@types/vscode","old_version":"1.116.0","new_version":"1.120.0","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"esbuild","old_version":"0.28.0","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"},{"name":"eslint","old_version":"10.2.0","new_version":"10.5.0","repository_url":"https://github.com/eslint/eslint"},{"name":"knip","old_version":"6.4.1","new_version":"6.16.1","repository_url":"https://github.com/webpro-nl/knip"},{"name":"prettier","old_version":"3.8.3","new_version":"3.8.4","repository_url":"https://github.com/prettier/prettier"},{"name":"tsx","old_version":"4.21.0","new_version":"4.22.4","repository_url":"https://github.com/privatenumber/tsx"},{"name":"typescript-eslint","old_version":"8.58.2","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"}],"path":null,"ecosystem":"npm"},"body":"Bumps the minor-and-patch group with 11 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `9.1.1` | `9.1.3` |\n| [@asyncapi/cli](https://github.com/asyncapi/cli) | `6.0.0` | `6.0.2` |\n| [@playwright/test](https://github.com/microsoft/playwright) | `1.59.1` | `1.61.0` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.6.0` | `25.9.3` |\n| [@types/vscode](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/vscode) | `1.116.0` | `1.120.0` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.28.0` | `0.28.1` |\n| [eslint](https://github.com/eslint/eslint) | `10.2.0` | `10.5.0` |\n| [knip](https://github.com/webpro-nl/knip/tree/HEAD/packages/knip) | `6.4.1` | `6.16.1` |\n| [prettier](https://github.com/prettier/prettier) | `3.8.3` | `3.8.4` |\n| [tsx](https://github.com/privatenumber/tsx) | `4.21.0` | `4.22.4` |\n| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.58.2` | `8.61.0` |\n\n\nUpdates `@fastify/static` from 9.1.1 to 9.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: support wildcard prefixes with route params by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/576\"\u003efastify/fastify-static#576\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: resolve wildcard paths in encapsulated contexts by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/574\"\u003efastify/fastify-static#574\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/880c1a6c9118c7ff7c74a5727e5697237183d5cf\"\u003e\u003ccode\u003e880c1a6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/7f92da5bf2366ccd2e0082e77d5222a7cb47d152\"\u003e\u003ccode\u003e7f92da5\u003c/code\u003e\u003c/a\u003e fix: support wildcard prefixes with route params (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/b0a66d5270a1ee1535e0c786d9beac2c7c7619c6\"\u003e\u003ccode\u003eb0a66d5\u003c/code\u003e\u003c/a\u003e Bumped v9.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/32af86372ab45d3799408d5b56fc7f7d3003e5de\"\u003e\u003ccode\u003e32af863\u003c/code\u003e\u003c/a\u003e fix: resolve wildcard paths in encapsulated contexts (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@asyncapi/cli` from 6.0.0 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/asyncapi/cli/releases\"\u003e@​asyncapi/cli's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec3a77ba: fix: skip request body validation gracefully instead of throwing error for unsupported paths\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ee6e6c95: Fix GitHub URL parsing for branches with slashes and file extension detection for multi-dot filenames\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/asyncapi/cli/blob/master/CHANGELOG.md\"\u003e@​asyncapi/cli's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.0.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec3a77ba: fix: skip request body validation gracefully instead of throwing error for unsupported paths\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ee6e6c95: Fix GitHub URL parsing for branches with slashes and file extension detection for multi-dot filenames\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asyncapi/cli/commit/fb73ff3a429c1bc6a14c1b89f12601288677b9fa\"\u003e\u003ccode\u003efb73ff3\u003c/code\u003e\u003c/a\u003e chore(release): release and bump versions of packages (\u003ca href=\"https://redirect.github.com/asyncapi/cli/issues/2234\"\u003e#2234\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asyncapi/cli/commit/c3a77ba3dbc5ebaa5732a3e50da1ce7f9aed9bcd\"\u003e\u003ccode\u003ec3a77ba\u003c/code\u003e\u003c/a\u003e fix: request body validation is skipped for some paths or HTTP methods (\u003ca href=\"https://redirect.github.com/asyncapi/cli/issues/2205\"\u003e#2205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asyncapi/cli/commit/6cc220f1be6e883d4a1995570d0cb43f7fc60a4f\"\u003e\u003ccode\u003e6cc220f\u003c/code\u003e\u003c/a\u003e chore(release): release and bump versions of packages (\u003ca href=\"https://redirect.github.com/asyncapi/cli/issues/2233\"\u003e#2233\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asyncapi/cli/commit/204343d08e0a3429bf4dc71c27eaa3f83c4bb36e\"\u003e\u003ccode\u003e204343d\u003c/code\u003e\u003c/a\u003e chore(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.6.0 to 1.9.1 in /.github/workflows/scr...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asyncapi/cli/commit/14a66dbf247e703c1864a7a24630a83c98d5afa5\"\u003e\u003ccode\u003e14a66db\u003c/code\u003e\u003c/a\u003e chore(deps): bump path-to-regexp from 8.3.0 to 8.4.2 (\u003ca href=\"https://redirect.github.com/asyncapi/cli/issues/2100\"\u003e#2100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asyncapi/cli/commit/e6e6c95292b677f310daaa8eb903953b6508cbbd\"\u003e\u003ccode\u003ee6e6c95\u003c/code\u003e\u003c/a\u003e fix: cli fails when with slash-based branches  (\u003ca href=\"https://redirect.github.com/asyncapi/cli/issues/2216\"\u003e#2216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asyncapi/cli/commit/52361266e7a31ce292dc036b1487d442f5fbf4c8\"\u003e\u003ccode\u003e5236126\u003c/code\u003e\u003c/a\u003e ci: update of files from global .github repo (\u003ca href=\"https://redirect.github.com/asyncapi/cli/issues/2232\"\u003e#2232\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asyncapi/cli/commit/68ecaca24ea80c044c1e49083ecd76e609f089ce\"\u003e\u003ccode\u003e68ecaca\u003c/code\u003e\u003c/a\u003e ci: update of files from global .github repo (\u003ca href=\"https://redirect.github.com/asyncapi/cli/issues/2231\"\u003e#2231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asyncapi/cli/commit/ca8a24e22cb8c6f508d2ad705f422094bb754af5\"\u003e\u003ccode\u003eca8a24e\u003c/code\u003e\u003c/a\u003e ci: update of files from global .github repo (\u003ca href=\"https://redirect.github.com/asyncapi/cli/issues/2230\"\u003e#2230\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asyncapi/cli/commit/1142aa58f3af9582c45edbbb7faf2e7fdbb7e2b0\"\u003e\u003ccode\u003e1142aa5\u003c/code\u003e\u003c/a\u003e ci: update of files from global .github repo (\u003ca href=\"https://redirect.github.com/asyncapi/cli/issues/2220\"\u003e#2220\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/asyncapi/cli/compare/v6.0.0...v6.0.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@playwright/test` from 1.59.1 to 1.61.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/microsoft/playwright/releases\"\u003e@​playwright/test's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.61.0\u003c/h2\u003e\n\u003ch2\u003e🔑 WebAuthn passkeys\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-credentials\"\u003eCredentials\u003c/a\u003e virtual authenticator, available via \u003ca href=\"https://playwright.dev/docs/api/class-browsercontext#browser-context-credentials\"\u003ebrowserContext.credentials\u003c/a\u003e, lets tests register passkeys and answer \u003ccode\u003enavigator.credentials.create()\u003c/code\u003e / \u003ccode\u003enavigator.credentials.get()\u003c/code\u003e ceremonies in the page — no real hardware key required, works in all browsers:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003econst context = await browser.newContext();\r\n\u003cp\u003e// Seed a passkey your backend provisioned for a test user.\u003cbr /\u003e\nawait context.credentials.create('example.com', {\u003cbr /\u003e\nid: credentialId,\u003cbr /\u003e\nuserHandle,\u003cbr /\u003e\nprivateKey,\u003cbr /\u003e\npublicKey,\u003cbr /\u003e\n});\u003cbr /\u003e\nawait context.credentials.install();\u003c/p\u003e\n\u003cp\u003econst page = await context.newPage();\u003cbr /\u003e\nawait page.goto('\u003ca href=\"https://example.com/login\"\u003ehttps://example.com/login\u003c/a\u003e');\u003cbr /\u003e\n// The page's navigator.credentials.get() is answered with the seeded passkey.\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eYou can also let the app register a passkey once in a setup test, read it back with \u003ca href=\"https://playwright.dev/docs/api/class-credentials#credentials-get\"\u003ecredentials.get()\u003c/a\u003e, and seed it into later tests — see \u003ca href=\"https://playwright.dev/docs/api/class-credentials\"\u003eCredentials\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003e🗃️ Web Storage\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-webstorage\"\u003eWebStorage\u003c/a\u003e API, available via \u003ca href=\"https://playwright.dev/docs/api/class-page#page-local-storage\"\u003epage.localStorage\u003c/a\u003e and \u003ca href=\"https://playwright.dev/docs/api/class-page#page-session-storage\"\u003epage.sessionStorage\u003c/a\u003e, reads and writes the page's storage for the current origin:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait page.localStorage.setItem('token', 'abc');\r\nconst token = await page.localStorage.getItem('token');\r\nconst items = await page.sessionStorage.items();\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eNew APIs\u003c/h2\u003e\n\u003ch3\u003eNetwork\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://playwright.dev/docs/api/class-apiresponse#api-response-security-details\"\u003eapiResponse.securityDetails()\u003c/a\u003e and \u003ca href=\"https://playwright.dev/docs/api/class-apiresponse#api-response-server-addr\"\u003eapiResponse.serverAddr()\u003c/a\u003e mirror the browser-side \u003ca href=\"https://playwright.dev/docs/api/class-response#response-security-details\"\u003eresponse.securityDetails()\u003c/a\u003e and \u003ca href=\"https://playwright.dev/docs/api/class-response#response-server-addr\"\u003eresponse.serverAddr()\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBrowser and Screencast\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNew option \u003ccode\u003eartifactsDir\u003c/code\u003e in \u003ca href=\"https://playwright.dev/docs/api/class-browsertype#browser-type-connect-over-cdp\"\u003ebrowserType.connectOverCDP()\u003c/a\u003e controls where artifacts such as traces and downloads are stored when attached to an existing browser.\u003c/li\u003e\n\u003cli\u003eNew option \u003ccode\u003ecursor\u003c/code\u003e in \u003ca href=\"https://playwright.dev/docs/api/class-screencast#screencast-show-actions\"\u003escreencast.showActions()\u003c/a\u003e controls the cursor decoration rendered for pointer actions.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eonFrame\u003c/code\u003e callback in \u003ca href=\"https://playwright.dev/docs/api/class-screencast#screencast-start\"\u003escreencast.start()\u003c/a\u003e now receives a \u003ccode\u003etimestamp\u003c/code\u003e of when the frame was presented by the browser.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTest runner\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ca href=\"https://playwright.dev/docs/api/class-testoptions#test-options-video\"\u003etestOptions.video\u003c/a\u003e option now supports the same set of modes as \u003ccode\u003etrace\u003c/code\u003e: new \u003ccode\u003e'on-all-retries'\u003c/code\u003e, \u003ccode\u003e'retain-on-first-failure'\u003c/code\u003e and \u003ccode\u003e'retain-on-failure-and-retries'\u003c/code\u003e values. See the \u003ca href=\"https://playwright.dev/docs/test-use-options#video-modes\"\u003evideo modes table\u003c/a\u003e for which runs are recorded and kept in each mode.\u003c/li\u003e\n\u003cli\u003eSupported \u003ccode\u003eexpect.soft.poll(...)\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-fullconfig#full-config-argv\"\u003efullConfig.argv\u003c/a\u003e — a snapshot of \u003ccode\u003eprocess.argv\u003c/code\u003e from the runner process, handy for reading custom arguments passed after the \u003ccode\u003e--\u003c/code\u003e separator.\u003c/li\u003e\n\u003cli\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-fullconfig#full-config-fail-on-flaky-tests\"\u003efullConfig.failOnFlakyTests\u003c/a\u003e mirrors the config option, so reporters can explain why a flaky run failed.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://playwright.dev/docs/api/class-testinfo#test-info-errors\"\u003etestInfo.errors\u003c/a\u003e now lists each sub-error of an \u003ccode\u003eAggregateError\u003c/code\u003e as a separate entry.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/1cc5a90cfa3eaa430b1a991963100f95126caa47\"\u003e\u003ccode\u003e1cc5a90\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/41295\"\u003e#41295\u003c/a\u003e): chore: PLAYWRIGHT_TRACING_NO_WEBSOCKET_FRAMES and PLAYWR...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/a6772bdede34028cbbd417a3b3d778801899e870\"\u003e\u003ccode\u003ea6772bd\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/41280\"\u003e#41280\u003c/a\u003e): Revert \u0026quot;fix(trace-viewer): add keyboard navigation to `N...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/8133dcf97d52818d36022ed37797a616ff6cb934\"\u003e\u003ccode\u003e8133dcf\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/41283\"\u003e#41283\u003c/a\u003e): docs: add Ubuntu 26.04 and Node.js 26.x to system requir...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/812432e070afec9e44d22e95915f975965b7d5b7\"\u003e\u003ccode\u003e812432e\u003c/code\u003e\u003c/a\u003e chore: mark v1.61.0 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/41277\"\u003e#41277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/ac05145c8d9eb1303c8f3bfd4d860b6d1ca261ae\"\u003e\u003ccode\u003eac05145\u003c/code\u003e\u003c/a\u003e fix(fetch): report serverAddr and securityDetails for reused sockets (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/41267\"\u003e#41267\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/056efc9f5c0a870d0944e53a835d6283a77f200f\"\u003e\u003ccode\u003e056efc9\u003c/code\u003e\u003c/a\u003e fix(trace-viewer): add keyboard navigation to \u003ccode\u003eNetworkFilters\u003c/code\u003e component (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/41\"\u003e#41\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/41f7b9a0db0d1ada12ff0d9244393eea8f81b796\"\u003e\u003ccode\u003e41f7b9a\u003c/code\u003e\u003c/a\u003e chore: fixes uncovered by the .NET 1.61 roll (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/41266\"\u003e#41266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/ba507783ae48724a1882f6423d8e8ec208bf366a\"\u003e\u003ccode\u003eba50778\u003c/code\u003e\u003c/a\u003e fix(mcp): assign caps as array for legacy --vision flag (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/41253\"\u003e#41253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/b8ee5ae27fd068e3744852209dfcb5c1a142909f\"\u003e\u003ccode\u003eb8ee5ae\u003c/code\u003e\u003c/a\u003e docs: release notes for v1.61 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/41261\"\u003e#41261\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/49c1f694c9bc06c9d1f6966afe8b6dfd4f388b3e\"\u003e\u003ccode\u003e49c1f69\u003c/code\u003e\u003c/a\u003e fix(trace viewer): load trace from a local file (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/41263\"\u003e#41263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/playwright/compare/v1.59.1...v1.61.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 25.6.0 to 25.9.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/vscode` from 1.116.0 to 1.120.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/vscode\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.28.0 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\n{\n  using x = new Resource()\n  x.activate()\n}\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nnew (foo()`bar`)()\nnew (foo()?.bar)()\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.28.0...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eslint` from 10.2.0 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint/eslint/releases\"\u003eeslint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.5.0\u003c/h2\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/5ca8c5278edea1fd84d3ba83d8ea3f52fb3831ad\"\u003e\u003ccode\u003e5ca8c52\u003c/code\u003e\u003c/a\u003e feat: correct stack tracking in max-nested-callbacks (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20973\"\u003e#20973\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b5657837604fa5e8cf1278074782025cadd34b6c\"\u003e\u003ccode\u003eb565783\u003c/code\u003e\u003c/a\u003e feat: report no-with violations at the with keyword (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20971\"\u003e#20971\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/2ce032fbc72a1a80c024c084a4f382fb6dece684\"\u003e\u003ccode\u003e2ce032f\u003c/code\u003e\u003c/a\u003e feat: report max-lines-per-function violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20966\"\u003e#20966\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/732cb3e09d5b8b809b5f461d118a5d9fdcd6427f\"\u003e\u003ccode\u003e732cb3e\u003c/code\u003e\u003c/a\u003e feat: report max-nested-callbacks violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20967\"\u003e#20967\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f9c138a0ba7d8e37aed39aef4a3ff1cae8c669f7\"\u003e\u003ccode\u003ef9c138a\u003c/code\u003e\u003c/a\u003e feat: report max-depth violations on keywords (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20943\"\u003e#20943\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/bdb496cc0d54b6d0a023aef9abd5f040ccff2101\"\u003e\u003ccode\u003ebdb496c\u003c/code\u003e\u003c/a\u003e feat: correct max-depth handling for else-if chains (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20944\"\u003e#20944\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c29687354a7f96093f57f7d73eecb866ad5e2953\"\u003e\u003ccode\u003ec296873\u003c/code\u003e\u003c/a\u003e feat: update error loc in \u003ccode\u003emax-statements\u003c/code\u003e to function header (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20907\"\u003e#20907\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/8ae1b5b856dc031cd6c701d89a4df7da4772cd56\"\u003e\u003ccode\u003e8ae1b5b\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/ca7eb90127dcad917188bb1342623f02a272e781\"\u003e\u003ccode\u003eca7eb90\u003c/code\u003e\u003c/a\u003e docs: update Node.js prerequisites to include ICU support (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20962\"\u003e#20962\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f99b47a6799be25321552402a49303bb06a43fe4\"\u003e\u003ccode\u003ef99b47a\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/acf03d4eed31d259c7dc62af5b9640629784f7cc\"\u003e\u003ccode\u003eacf03d4\u003c/code\u003e\u003c/a\u003e docs: clarify precedence of parserOptions over languageOptions (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20926\"\u003e#20926\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b18bf58c5ac748415ffffdff2d96980fbd6a57e8\"\u003e\u003ccode\u003eb18bf58\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20959\"\u003e#20959\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c2d1444df77cb42e5a0b89ab70496879d180a54d\"\u003e\u003ccode\u003ec2d1444\u003c/code\u003e\u003c/a\u003e refactor: replace areAllSegmentsUnreachable with !isAnySegmentReachable (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20951\"\u003e#20951\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/243b8c56014bbbe63771185b0731d8dd4d1316e9\"\u003e\u003ccode\u003e243b8c5\u003c/code\u003e\u003c/a\u003e chore: enhance config-rule to support oneOf, anyOf, and nested schemas (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20788\"\u003e#20788\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/217b2a91f46137c5ffd693965e71306c4c15ea6b\"\u003e\u003ccode\u003e217b2a9\u003c/code\u003e\u003c/a\u003e test: add unit tests for ParserService (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20949\"\u003e#20949\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/72003e781d76bd4ee0d98a6601730d0b829070f9\"\u003e\u003ccode\u003e72003e7\u003c/code\u003e\u003c/a\u003e test: add location information to error messages in \u003ccode\u003emax-statements\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20945\"\u003e#20945\u003c/a\u003e) (lumir)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/7797c266977b0bc4971aa79721813d480de72cd1\"\u003e\u003ccode\u003e7797c26\u003c/code\u003e\u003c/a\u003e refactor: deduplicate isAnySegmentReachable across rules (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20890\"\u003e#20890\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/67c46fa6e4f34e88cc6bc82f8a0dcc917c65d257\"\u003e\u003ccode\u003e67c46fa\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20938\"\u003e#20938\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/95d8c7a99f991abd8ab618d0ee2cbd4f58effc29\"\u003e\u003ccode\u003e95d8c7a\u003c/code\u003e\u003c/a\u003e chore: update dependency \u003ccode\u003e@​eslint/json\u003c/code\u003e to v2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20934\"\u003e#20934\u003c/a\u003e) (renovate[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/cf9e496205142cd4971b9f98aed85866d1010b9c\"\u003e\u003ccode\u003ecf9e496\u003c/code\u003e\u003c/a\u003e chore: update \u003ccode\u003e@​arethetypeswrong/cli\u003c/code\u003e to 0.18.3 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20933\"\u003e#20933\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/fb6d3960cacc51fc12383fa5ded2382adbf90c1c\"\u003e\u003ccode\u003efb6d396\u003c/code\u003e\u003c/a\u003e test: run type tests with TypeScript 7 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20868\"\u003e#20868\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.4.1\u003c/h2\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e557467db7496220eebcbe2ac5ea6d38c12bb1ec\"\u003e\u003ccode\u003ee557467\u003c/code\u003e\u003c/a\u003e fix: update \u003ccode\u003e@eslint/plugin-kit\u003c/code\u003e version to 0.7.2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20930\"\u003e#20930\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d4ce898796ca22c3b96aa70d3014cb85f4bac1cd\"\u003e\u003ccode\u003ed4ce898\u003c/code\u003e\u003c/a\u003e fix: propagate failures from delegated commands (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20917\"\u003e#20917\u003c/a\u003e) (Minh Vu)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f4f3507460bc016b5be979c05d2969793f570cbf\"\u003e\u003ccode\u003ef4f3507\u003c/code\u003e\u003c/a\u003e fix: prefer-arrow-callback invalid autofix with newline after \u003ccode\u003easync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20916\"\u003e#20916\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c5bc78b37e08b9054a11f0cc2d81808bb24acb85\"\u003e\u003ccode\u003ec5bc78b\u003c/code\u003e\u003c/a\u003e fix: false positive for reference in \u003ccode\u003efinally\u003c/code\u003e block (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20655\"\u003e#20655\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/27538c01f5df4e9306f6f4ba867b2dd6307fae59\"\u003e\u003ccode\u003e27538c0\u003c/code\u003e\u003c/a\u003e fix: add missing CodePath and CodePathSegment types (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20853\"\u003e#20853\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/61b0add61ffc52665562be7bb96f526690a78b30\"\u003e\u003ccode\u003e61b0add\u003c/code\u003e\u003c/a\u003e docs: remove deprecated rule from related rules of \u003ccode\u003emax-params\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20921\"\u003e#20921\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/305d5b91aeac24d36fde42f75625a8f183d4ce43\"\u003e\u003ccode\u003e305d5b9\u003c/code\u003e\u003c/a\u003e docs: remove deprecated rules from related rules section (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20911\"\u003e#20911\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/49b0202d01918b8061720d586dffd7c68047090c\"\u003e\u003ccode\u003e49b0202\u003c/code\u003e\u003c/a\u003e docs: fix \u003ccode\u003edisplay: none\u003c/code\u003e of ad (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20901\"\u003e#20901\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/9067f9492ec998afc5b4f057a477ecf6ebd45e44\"\u003e\u003ccode\u003e9067f94\u003c/code\u003e\u003c/a\u003e docs: switch build to Node.js 24 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20893\"\u003e#20893\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c91b0417e3420c76807ce1fa2aea76e2de87ab86\"\u003e\u003ccode\u003ec91b041\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e349265cb37f3ebc837e178e48a725bb782bd870\"\u003e\u003ccode\u003ee349265\u003c/code\u003e\u003c/a\u003e docs: clarify semver strings in rule deprecation objects (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20885\"\u003e#20885\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b0e466b6ab47bfc7de43d8de0c315d8ee83aa584\"\u003e\u003ccode\u003eb0e466b\u003c/code\u003e\u003c/a\u003e test: add \u003ccode\u003edata\u003c/code\u003e property to invalid tests cases for rules (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20924\"\u003e#20924\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f78838bc4c86d487e1bcc7cede260c4467721c46\"\u003e\u003ccode\u003ef78838b\u003c/code\u003e\u003c/a\u003e test: add CodePath type coverage (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20904\"\u003e#20904\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1daa4bd734b79a62e317d0394394a6b38cff49f9\"\u003e\u003ccode\u003e1daa4bd\u003c/code\u003e\u003c/a\u003e chore: update \u003ccode\u003eeslint-plugin-eslint-comments\u003c/code\u003e test data to latest commit (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20922\"\u003e#20922\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/002942ce988ea28b78e0a2f3b074081e638b552c\"\u003e\u003ccode\u003e002942c\u003c/code\u003e\u003c/a\u003e ci: declare contents:read on update-readme workflow (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20919\"\u003e#20919\u003c/a\u003e) (Arpit Jain)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/64bca24e7bed35bc3c864fc625cb2d89eca87d5b\"\u003e\u003ccode\u003e64bca24\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20912\"\u003e#20912\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/de3b672a267e32607db04176ce4775664acb3145\"\u003e\u003ccode\u003ede3b672\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/362a5185134290db696d39f97c9da609ded54040\"\u003e\u003ccode\u003e362a518\u003c/code\u003e\u003c/a\u003e Build: changelog update for 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/5ca8c5278edea1fd84d3ba83d8ea3f52fb3831ad\"\u003e\u003ccode\u003e5ca8c52\u003c/code\u003e\u003c/a\u003e feat: correct stack tracking in max-nested-callbacks (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20973\"\u003e#20973\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b5657837604fa5e8cf1278074782025cadd34b6c\"\u003e\u003ccode\u003eb565783\u003c/code\u003e\u003c/a\u003e feat: report no-with violations at the with keyword (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20971\"\u003e#20971\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/2ce032fbc72a1a80c024c084a4f382fb6dece684\"\u003e\u003ccode\u003e2ce032f\u003c/code\u003e\u003c/a\u003e feat: report max-lines-per-function violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20966\"\u003e#20966\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/732cb3e09d5b8b809b5f461d118a5d9fdcd6427f\"\u003e\u003ccode\u003e732cb3e\u003c/code\u003e\u003c/a\u003e feat: report max-nested-callbacks violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20967\"\u003e#20967\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f9c138a0ba7d8e37aed39aef4a3ff1cae8c669f7\"\u003e\u003ccode\u003ef9c138a\u003c/code\u003e\u003c/a\u003e feat: report max-depth violations on keywords (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20943\"\u003e#20943\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/8ae1b5b856dc031cd6c701d89a4df7da4772cd56\"\u003e\u003ccode\u003e8ae1b5b\u003c/code\u003e\u003c/a\u003e docs: Update README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/ca7eb90127dcad917188bb1342623f02a272e781\"\u003e\u003ccode\u003eca7eb90\u003c/code\u003e\u003c/a\u003e docs: update Node.js prerequisites to include ICU support (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20962\"\u003e#20962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b18bf58c5ac748415ffffdff2d96980fbd6a57e8\"\u003e\u003ccode\u003eb18bf58\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20959\"\u003e#20959\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eslint/eslint/compare/v10.2.0...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `knip` from 6.4.1 to 6.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpro-nl/knip/releases\"\u003eknip's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease 6.16.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eResolve SvelteKit ./$types in monorepos (resolve \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1778\"\u003e#1778\u003c/a\u003e) (370ef4cefec6540ee7d58249cc402f479ec76405)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 6.16.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate sponsors data + fix sponsors layout on narrow screen (fadf13aad5ebc36f7bc2fbc7615bfa77681d3660)\u003c/li\u003e\n\u003cli\u003eDetect binaries and entry files in node:child_process calls (fc3598cfac640a2ae53b0113883574bf15bc5d47)\u003c/li\u003e\n\u003cli\u003eIt works™ (2d9ce845121484ef3ff84e4a761cfd98891d6c09)\u003c/li\u003e\n\u003cli\u003eExtend known issues doc w/ workaround (close \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1763\"\u003e#1763\u003c/a\u003e) (fcd444bf4c6b2ddc5d7bb0ebfd6f3991cf5d0be2)\u003c/li\u003e\n\u003cli\u003eSupport ignoreExportsUsedInFile per workspace (close \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1495\"\u003e#1495\u003c/a\u003e) (4b898a971105d865d86d4dc81bc694721bff8793)\u003c/li\u003e\n\u003cli\u003efeat(vscode): add \u003ccode\u003eworkspaceRoot\u003c/code\u003e config option to enable use in a VSCode workspace that does not have package.json at the workspace root (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1667\"\u003e#1667\u003c/a\u003e) (7c1ebef6ab6d1c5a7f2f920d4243241246b53f4b) - thanks \u003ca href=\"https://github.com/anmilleriii\"\u003e\u003ccode\u003e@​anmilleriii\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReplace minimist with node:util.parseArgs (resolve \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1492\"\u003e#1492\u003c/a\u003e) (b360c5ce1acfbb2cbd5f4e92ecca6c9b461ae094)\u003c/li\u003e\n\u003cli\u003ePreserve minimist numeric coercion and --no-x negation (c12153ce0601378354421e454a6b6bbab74ae9fb)\u003c/li\u003e\n\u003cli\u003eSimplify parseArgs adapter (ba15e413be7515620e4224b21483a1a87659dc34)\u003c/li\u003e\n\u003cli\u003eDetect and credit registered custom elements (resolve \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1394\"\u003e#1394\u003c/a\u003e) (62dcda5fa46ccf6bdd94175b725fd38678049319)\u003c/li\u003e\n\u003cli\u003eAdd Lit and FAST plugins to detect \u003ca href=\"https://github.com/customElement\"\u003e\u003ccode\u003e@​customElement\u003c/code\u003e\u003c/a\u003e classes (348d2c9decf09bb61ab47477bc6cc57e4b089ec3)\u003c/li\u003e\n\u003cli\u003eAdd new testimonials (77fd7ed7dffaccfa8bc024105fe81dbe09b70671)\u003c/li\u003e\n\u003cli\u003eScope custom path aliases per workspace (resolve \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1775\"\u003e#1775\u003c/a\u003e) (d908099b52e4fd93b7947bafecbabeddfc7847f3)\u003c/li\u003e\n\u003cli\u003eRestructure tests (ec4c77941d42aef54bed9e4dd1cae8e8784aa147)\u003c/li\u003e\n\u003cli\u003eSimplify boolean check in parseArgs adapter (ba6865de03785eb49b2adf833f7f769eece78d49)\u003c/li\u003e\n\u003cli\u003eScope static custom-element define detection to the FAST plugin (94632cddd15f75eadd204cb480b3df6c1f2a842d)\u003c/li\u003e\n\u003cli\u003eAdd Custom Elements feature docs page (230bd734652f3a269b70da09cd26ac7e80a210cd)\u003c/li\u003e\n\u003cli\u003eUpdate known-issues.md (f1f4c1bceef9a6575d7b31cc1340538ea894f824)\u003c/li\u003e\n\u003cli\u003eFix crash on backtick string literals in plugin config (resolve \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1776\"\u003e#1776\u003c/a\u003e) (f1adc7fbd68fc52a89a4d2a4d6b17d905d051de7)\u003c/li\u003e\n\u003cli\u003eFormat (e4720cab435be48e1a40afa8c548e21bdb74b14e)\u003c/li\u003e\n\u003cli\u003eFix backtick string literals in require() and plugin-name config arrays (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1776\"\u003e#1776\u003c/a\u003e) (d14eb053331daaaeaec89c3c8e04cfeeba7580af)\u003c/li\u003e\n\u003cli\u003eCredit custom elements via aliases, scoped registries, and static blocks (d7cbe12bd904f65b20016bdd2dfd4a5d7c5c1524)\u003c/li\u003e\n\u003cli\u003eImprove Stencil plugin: credit \u003ca href=\"https://github.com/Component\"\u003e\u003ccode\u003e@​Component\u003c/code\u003e\u003c/a\u003e and recognize test files (152d73052f87f29b348abbab90e117cfb97dd69b)\u003c/li\u003e\n\u003cli\u003eAdd Catalyst plugin to credit bare \u003ca href=\"https://github.com/controller\"\u003e\u003ccode\u003e@​controller\u003c/code\u003e\u003c/a\u003e custom elements (8a37f8c25b03cd4e55bd18ba822906be35fcd97b)\u003c/li\u003e\n\u003cli\u003eDocument Stencil, Catalyst, static-block custom el reg. (105fba3a829f1cf4cf871035dbc9c170b0de7bc1)\u003c/li\u003e\n\u003cli\u003eAuto-format md (f4fcf4e1c6a399d761151fc367125416e7741675)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 6.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReport exported type used only in inferred-return function body (resolve \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1765\"\u003e#1765\u003c/a\u003e) (2413408753f7abc7a9dfdba520990afd18c53ee0)\u003c/li\u003e\n\u003cli\u003eWork that EXPORTS.md again (7e13451fab7ad85362fb63a4715ea450690aedef)\u003c/li\u003e\n\u003cli\u003eUpdate npmx ecosystem snapshot (dfc401145a880f156c66eb83ea1622a99540304a)\u003c/li\u003e\n\u003cli\u003eLink \u003ccode\u003edependencies\u003c/code\u003e key with notes (closes \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1764\"\u003e#1764\u003c/a\u003e) (e3e66cea9e946558940bf8705129efea3f23b3ba)\u003c/li\u003e\n\u003cli\u003eResolve tsconfig paths when loading plugin configs (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1762\"\u003e#1762\u003c/a\u003e) (0177c7466559e2ae99b5e1cd1e3a8043ca494edc) - thanks \u003ca href=\"https://github.com/jakeleventhal\"\u003e\u003ccode\u003e@​jakeleventhal\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eAvoid caching failed plugin config loads (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1768\"\u003e#1768\u003c/a\u003e) (5e201cde9b1ba2568ead2ae790ab888c966828ae) - thanks \u003ca href=\"https://github.com/jakeleventhal\"\u003e\u003ccode\u003e@​jakeleventhal\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eResolve extensionless .sass imports in SCSS compiler (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1770\"\u003e#1770\u003c/a\u003e) (30c22835383b2355787cc2a871b22de80ff75544) - thanks \u003ca href=\"https://github.com/sebacardello\"\u003e\u003ccode\u003e@​sebacardello\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003efix(vite): detect inline module script entry points in index.html (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1772\"\u003e#1772\u003c/a\u003e) (51f4eddc9e1b2fed1ba25e81fc596e9fb514ce01) - thanks \u003ca href=\"https://github.com/lucas-spin\"\u003e\u003ccode\u003e@​lucas-spin\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eHarden vite inline module script import detection (b8abcfd2f4f5486aea08a934514bc55de86be030)\u003c/li\u003e\n\u003cli\u003eUse RecordableHistogram for timerified function stats (d575c6905704af1b0b4620edd874fc09bc86ed28)\u003c/li\u003e\n\u003cli\u003eAdd orval plugin (resolves \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1751\"\u003e#1751\u003c/a\u003e) (4c82aa82c2a02fbda27a316389f210d11621f8cb)\u003c/li\u003e\n\u003cli\u003eAdd treatTagHintsAsErrors and --no-tag-hints (resolves \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1767\"\u003e#1767\u003c/a\u003e) (4b6a573e0c1e0daf65c76c32f7336ea71db6bb64)\u003c/li\u003e\n\u003cli\u003eAdd nano-spawn plugin (resolves \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1769\"\u003e#1769\u003c/a\u003e) (b2cad06dfd9958485537c5545c6c497fc8823ac3)\u003c/li\u003e\n\u003cli\u003eSimplify glob cache validation and ignore-list assembly (df1a9603a5ea8ed7bad9588bf13672cedf37c90e)\u003c/li\u003e\n\u003cli\u003eDedupe ignore-pattern collection and dependency fixing (d49b626ad6736d7123d44568ef8c42a3e1d28aa3)\u003c/li\u003e\n\u003cli\u003eSimplify installed-binaries collection in manifest metadata (55143941eebbc8dac12c79b77c1f65a8b61dfbef)\u003c/li\u003e\n\u003cli\u003eFlatten control flow in ConfigurationChief (010d5709b0f9a3adc5ebe6e7169b9f5c4f29abc5)\u003c/li\u003e\n\u003cli\u003eInline trivial installed-binaries and types-included accessors (b5afb9f29e3474eee4bf276c1de83cb0682a5663)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/a3169ec99b4708d7199ed9c38682a7f5f0639b1c\"\u003e\u003ccode\u003ea3169ec\u003c/code\u003e\u003c/a\u003e Release knip@6.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/370ef4cefec6540ee7d58249cc402f479ec76405\"\u003e\u003ccode\u003e370ef4c\u003c/code\u003e\u003c/a\u003e Resolve SvelteKit ./$types in monorepos (resolve \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1778\"\u003e#1778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/e9a5a64f6d551ceef0bb6667e2c2582b94a77c4f\"\u003e\u003ccode\u003ee9a5a64\u003c/code\u003e\u003c/a\u003e Release knip@6.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/8a37f8c25b03cd4e55bd18ba822906be35fcd97b\"\u003e\u003ccode\u003e8a37f8c\u003c/code\u003e\u003c/a\u003e Add Catalyst plugin to credit bare \u003ca href=\"https://github.com/controller\"\u003e\u003ccode\u003e@​controller\u003c/code\u003e\u003c/a\u003e custom elements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/152d73052f87f29b348abbab90e117cfb97dd69b\"\u003e\u003ccode\u003e152d730\u003c/code\u003e\u003c/a\u003e Improve Stencil plugin: credit \u003ca href=\"https://github.com/Component\"\u003e\u003ccode\u003e@​Component\u003c/code\u003e\u003c/a\u003e and recognize test files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/d7cbe12bd904f65b20016bdd2dfd4a5d7c5c1524\"\u003e\u003ccode\u003ed7cbe12\u003c/code\u003e\u003c/a\u003e Credit custom elements via aliases, scoped registries, and static blocks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/d14eb053331daaaeaec89c3c8e04cfeeba7580af\"\u003e\u003ccode\u003ed14eb05\u003c/code\u003e\u003c/a\u003e Fix backtick string literals in require() and plugin-name config arrays (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1776\"\u003e#1776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/f1adc7fbd68fc52a89a4d2a4d6b17d905d051de7\"\u003e\u003ccode\u003ef1adc7f\u003c/code\u003e\u003c/a\u003e Fix crash on backtick string literals in plugin config (resolve \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1776\"\u003e#1776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/94632cddd15f75eadd204cb480b3df6c1f2a842d\"\u003e\u003ccode\u003e94632cd\u003c/code\u003e\u003c/a\u003e Scope static custom-element define detection to the FAST plugin\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/ba6865de03785eb49b2adf833f7f769eece78d49\"\u003e\u003ccode\u003eba6865d\u003c/code\u003e\u003c/a\u003e Simplify boolean check in parseArgs adapter\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/webpro-nl/knip/commits/knip@6.16.1/packages/knip\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `prettier` from 3.8.3 to 3.8.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prettier/prettier/releases\"\u003eprettier's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.8.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMarkdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (\u003ca href=\"https://redirect.github.com/prettier/prettier/pull/17746\"\u003eprettier/prettier#17746\u003c/a\u003e by \u003ca href=\"https://github.com/byplayer\"\u003e\u003ccode\u003e@​byplayer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e🔗 \u003ca href=\"https://github.com/prettier/prettier/blob/3.8.4/CHANGELOG.md#384\"\u003eChangelog\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prettier/prettier/blob/main/CHANGELOG.md\"\u003eprettier's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e3.8.4\u003c/h1\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/prettier/prettier/compare/3.8.3...3.8.4\"\u003ediff\u003c/a\u003e\u003c/p\u003e\n\u003ch4\u003eMarkdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (\u003ca href=\"https://redirect.github.com/prettier/prettier/pull/17746\"\u003e#17746\u003c/a\u003e by \u003ca href=\"https://github.com/byplayer\"\u003e\u003ccode\u003e@​byplayer\u003c/code\u003e\u003c/a\u003e)\u003c/h4\u003e\n\u003cp\u003ePrettier was removing blank lines between list items and their nested sub-lists, converting loose lists into tight lists and changing their semantic meaning.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre lang=\"markdown\"\u003e\u003ccode\u003e\u0026lt;!-- Input --\u0026gt;\n- a\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eb\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ec\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ed\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u0026lt;!-- Prettier 3.8.3 --\u0026gt;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ea\n\u003cul\u003e\n\u003cli\u003eb\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ec\n\u003cul\u003e\n\u003cli\u003ed\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u0026lt;!-- Prettier 3.8.4 --\u0026gt;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ea\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eb\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ec\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ed\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/1c6ba5539141552e0e8e22d401ea620d8fdff468\"\u003e\u003ccode\u003e1c6ba55\u003c/code\u003e\u003c/a\u003e Release 3.8.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/4a673dc9b59ddf7296bbab9822093d2971da84a8\"\u003e\u003ccode\u003e4a673dc\u003c/code\u003e\u003c/a\u003e Fix blank lines between list items and nested sub-lists being removed in Mark...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/074aaedbb052a288e89d15eb0a4214de37a08866\"\u003e\u003ccode\u003e074aaed\u003c/code\u003e\u003c/a\u003e Replace \u003ccode\u003emain\u003c/code\u003e branch in changelog link with tags (\u003ca href=\"https://redirect.github.com/prettier/prettier/issues/19054\"\u003e#19054\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/c22a003ae97917c5043e8685b4fdff0f93e978f9\"\u003e\u003ccode\u003ec22a003\u003c/code\u003e\u003c/a\u003e Bump Prettier dependency to 3.8.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/07bad1f04536e9799927007baf466e67151576f0\"\u003e\u003ccode\u003e07bad1f\u003c/code\u003e\u003c/a\u003e Clean changelog_unreleased\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/prettier/prettier/compare/3.8.3...3.8.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tsx` from 4.21.0 to 4.22.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/privatenumber/tsx/releases\"\u003etsx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.22.3...v4.22.4\"\u003e4.22.4\u003c/a\u003e (2026-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eresolve CommonJS directory requires inside dependencies (\u003ca href=\"https://redirect.github.com/privatenumber/tsx/issues/803\"\u003e#803\u003c/a\u003e) (\u003ca href=\"https://github.com/privatenumber/tsx/commit/1ce846335b7c445a3328c7d27f06424949356d97\"\u003e1ce8463\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eThis release is also available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/tsx/v/4.22.4\"\u003e\u003ccode\u003enpm package (@​latest dist-tag)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.22.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.22.2...v4.22.3\"\u003e4.22.3\u003c/a\u003e (2026-05-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edecode typed loader source (\u003ca href=\"https://github.com/privatenumber/tsx/commit/dce02fc3b8b64a58d24560714902b16f89332f1f\"\u003edce02fc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epreserve entrypoint with TypeScript preload hooks (\u003ca href=\"https://github.com/privatenumber/tsx/commit/68f72f3304d8c3ff7048bde8571af9c163fcefa2\"\u003e68f72f3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eThis release is also available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/tsx/v/4.22.3\"\u003e\u003ccode\u003enpm package (@​latest dist-tag)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.22.1...v4.22.2\"\u003e4.22.2\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epreserve CJS JSON require in ESM hooks (\u003ca href=\"https://github.com/privatenumber/tsx/commit/35b700bd8620696df03827068af29dcd0d091a60\"\u003e35b700b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epreserve named exports from CommonJS TypeScript (\u003ca href=\"https://github.com/privatenumber/tsx/commit/11de737dae1fb9dae28db3716df5b1a7e1a6a089\"\u003e11de737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport module.exports require(esm) interop (\u003ca href=\"https://github.com/privatenumber/tsx/commit/cf8f19918e4e0a0dc5ee5c52d8cc15e5e22d7c49\"\u003ecf8f199\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eThis release is also available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/tsx/v/4.22.2\"\u003e\u003ccode\u003enpm package (@​latest dist-tag)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.22.0...v4.22.1\"\u003e4.22.1\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eresolve tsconfig path aliases containing a colon (\u003ca href=\"https://redirect.github.com/privatenumber/tsx/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/privatenumber/tsx/commit/6979f28810829dc79ec9baf406e162a18b65ab4b\"\u003e6979f28\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eThis release is also available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/tsx/v/4.22.1\"\u003e\u003ccode\u003enpm package (@​latest dist-tag)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/1ce846335b7c445a3328c7d27f06424949356d97\"\u003e\u003ccode\u003e1ce8463\u003c/code\u003e\u003c/a\u003e fix: resolve CommonJS directory requires inside dependencies (\u003ca href=\"https://redirect.github.com/privatenumber/tsx/issues/803\"\u003e#803\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/dce02fc3b8b64a58d24560714902b16f89332f1f\"\u003e\u003ccode\u003edce02fc\u003c/code\u003e\u003c/a\u003e fix: decode typed loader source\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/68f72f3304d8c3ff7048bde8571af9c163fcefa2\"\u003e\u003ccode\u003e68f72f3\u003c/code\u003e\u003c/a\u003e fix: preserve entrypoint with TypeScript preload hooks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/69455cfefbfe71100a3c58d3ce7cea42445d9113\"\u003e\u003ccode\u003e69455cf\u003c/code\u003e\u003c/a\u003e test: cover package exports for ambiguous ESM reexports\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/35b700bd8620696df03827068af29dcd0d091a60\"\u003e\u003ccode\u003e35b700b\u003c/code\u003e\u003c/a\u003e fix: preserve CJS JSON require in ESM hooks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/ef807dba6832260fb4cafd78d81f5469a733966b\"\u003e\u003ccode\u003eef807db\u003c/code\u003e\u003c/a\u003e chore: update testing dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/3917090d4f61863ea6ea16e4a9a3722a112cc3f7\"\u003e\u003ccode\u003e3917090\u003c/code\u003e\u003c/a\u003e test: document compatibility test taxonomy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/de8113ffa8edbcd4e05fa218324c3e8c2a4afdbe\"\u003e\u003ccode\u003ede8113f\u003c/code\u003e\u003c/a\u003e refactor: centralize Node capability facts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/c1f62db45ada60b24ceb3dfdf7f64173d9a15396\"\u003e\u003ccode\u003ec1f62db\u003c/code\u003e\u003c/a\u003e test: consolidate tsconfig path edge coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/4e08174ec10276ac71c9a69eb28426ad702d0c76\"\u003e\u003ccode\u003e4e08174\u003c/code\u003e\u003c/a\u003e test: consolidate loader hook coverage\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.21.0...v4.22.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for tsx since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `typescript-eslint` from 8.58.2 to 8.61.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases\"\u003etypescript-eslint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.61.0\u003c/h2\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e change type of \u003ccode\u003eUnaryExpression.prefix\u003c/code\u003e to always \u003ccode\u003etrue\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12372\"\u003e#12372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e tighten types of \u003ccode\u003eArrowFunction\u003c/code\u003e, \u003ccode\u003eYieldExpression\u003c/code\u003e, \u003ccode\u003eTSTypePredicate\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12373\"\u003e#12373\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erule-schema-to-typescript-types:\u003c/strong\u003e respect ECMAScript line terminators (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12374\"\u003e#12374\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elumir\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003ev8.60.1\u003c/h2\u003e\n\u003ch2\u003e8.60.1 (2026-06-01)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eeslint-plugin:\u003c/strong\u003e respect ECMAScript line terminators in ts-comment rules (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12352\"\u003e#12352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eeslint-plugin:\u003c/strong\u003e [no-shadow] correct rule to match ESLint v10 handling (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12182\"\u003e#12182\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elumir\u003c/li\u003e\n\u003cli\u003eNevette Bailey \u003ca href=\"https://github.com/nevette-bailey\"\u003e\u003ccode\u003e@​nevette-bailey\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.1\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003ev8.60.0\u003c/h2\u003e\n\u003ch2\u003e8.60.0 (2026-05-25)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erule-tester:\u003c/strong\u003e added updates of RuleTester from upstream (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12291\"\u003e#12291\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eplayground TS version selector is not working (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12326\"\u003e#12326\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/issues/12325\"\u003e#12325\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md\"\u003etypescript-eslint's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.60.1 (2026-06-01)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.1\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.60.0 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.59.4 (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript-eslint:\u003c/strong\u003e export Compatible* types from typescript-eslint to resolve pnpm TS error (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12340\"\u003e#12340\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.4\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.59.3 (2026-05-11)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.3\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.59.2 (2026-05-04)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/16a5b247affc32af21b695cf96dfd75d7ded50a3\"\u003e\u003ccode\u003e16a5b24\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.61.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/4f84a697aedc436559c3ae09b5b357d98b448d68\"\u003e\u003ccode\u003e4f84a69\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.60.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/1849b530c254fb4f89d7270160f3a998e4acd964\"\u003e\u003ccode\u003e1849b53\u003c/code\u003e\u003c/a\u003e chore: typecheck using tsgo (\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/12139\"\u003e#12139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/f891c29de5f3e23f3d8c59cc599d3196e54e9b58\"\u003e\u003ccode\u003ef891c29\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.60.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/ca6ca1431b6d18235297a7e29feb5d98f012dff2\"\u003e\u003ccode\u003eca6ca14\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/4b927c607755b2648d5854b9e928c1dbb2b8e088\"\u003e\u003ccode\u003e4b927c6\u003c/code\u003e\u003c/a\u003e fix(typescript-eslint): export Compatible* types from typescript-eslint to re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/48e13c0261e3cb1bf4f4dfaa462cdb3a56ef7383\"\u003e\u003ccode\u003e48e13c0\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/44f9625336841a8ee3eb01a9e02e49b1d7b12648\"\u003e\u003ccode\u003e44f9625\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4.1.5 (\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/12307\"\u003e#12307\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/2ec35f1760aade4df4c631d76d78c7ed5e136333\"\u003e\u003ccode\u003e2ec35f1\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/52457932e5507b5ca01e720a541f3f8d01e09b9d\"\u003e\u003ccode\u003e5245793\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commits/v8.61.0/packages/typescript-eslint\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase thi...\n\n_Description has been truncated_","html_url":"https://github.com/pixel-agents-hq/pixel-agents/pull/308","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/pixel-agents-hq%2Fpixel-agents/issues/308","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/308/packages"}},{"old_version":"8.1.0","new_version":"9.1.1","update_type":"major","path":null,"pr_created_at":"2026-06-09T17:11:58.000Z","version_change":"8.1.0 → 9.1.1","issue":{"uuid":"4624033564","node_id":"PR_kwDORpA4s87keuYc","number":6,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 14 directories with 17 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-14T02:16:27.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-09T17:11:58.000Z","updated_at":"2026-06-14T02:16:29.000Z","time_to_close":378269,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":17,"packages":[{"name":"@fastify/http-proxy","old_version":"11.3.0","new_version":"11.4.4","repository_url":"https://github.com/fastify/fastify-http-proxy"},{"name":"@opentelemetry/sdk-node","old_version":"0.206.0","new_version":"0.217.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"fastify","old_version":"5.7.3","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"},{"name":"i18next-http-backend","old_version":"2.5.2","new_version":"3.0.5","repository_url":"https://github.com/i18next/i18next-http-backend"},{"name":"nodemailer","old_version":"7.0.11","new_version":"8.0.5","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"rollup","old_version":"4.22.5","new_version":"4.59.0","repository_url":"https://github.com/rollup/rollup"},{"name":"samlify","old_version":"2.10.0","new_version":"2.13.0","repository_url":"https://github.com/tngan/samlify"},{"name":"simple-git","old_version":"3.21.0","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"yaml","old_version":"2.4.1","new_version":"2.8.3","repository_url":"https://github.com/eemeli/yaml"},{"name":"vite","old_version":"6.4.1","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"webpack","old_version":"5.101.3","new_version":"5.104.1","repository_url":"https://github.com/webpack/webpack"},{"name":"@fastify/static","old_version":"8.1.0","new_version":"9.1.1","repository_url":"https://github.com/fastify/fastify-static"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.3.1","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"ajv","old_version":"8.12.0","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"mailparser","old_version":"3.7.5","new_version":"3.9.3","repository_url":"https://github.com/nodemailer/mailparser"},{"name":"lodash","old_version":"4.17.23","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"fast-xml-parser","old_version":"5.3.7","new_version":"5.7.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 17 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/http-proxy](https://github.com/fastify/fastify-http-proxy) | `11.3.0` | `11.4.4` |\n| [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js) | `0.206.0` | `0.217.0` |\n| [fastify](https://github.com/fastify/fastify) | `5.7.3` | `5.8.5` |\n| [i18next-http-backend](https://github.com/i18next/i18next-http-backend) | `2.5.2` | `3.0.5` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `7.0.11` | `8.0.5` |\n| [rollup](https://github.com/rollup/rollup) | `4.22.5` | `4.59.0` |\n| [samlify](https://github.com/tngan/samlify) | `2.10.0` | `2.13.0` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.21.0` | `3.36.0` |\n| [yaml](https://github.com/eemeli/yaml) | `2.4.1` | `2.8.3` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.4.1` | `6.4.2` |\n| [webpack](https://github.com/webpack/webpack) | `5.101.3` | `5.104.1` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.1.0` | `9.1.1` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.3.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.12.0` | `8.18.0` |\n| [mailparser](https://github.com/nodemailer/mailparser) | `3.7.5` | `3.9.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.3.7` | `5.7.0` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/ai directory: [ajv](https://github.com/ajv-validator/ajv).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/claude directory: [ajv](https://github.com/ajv-validator/ajv).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/firecrawl directory: [ajv](https://github.com/ajv-validator/ajv).\nBumps the npm_and_yarn group with 2 updates in the /packages/pieces/community/gmail directory: [nodemailer](https://github.com/nodemailer/nodemailer) and [mailparser](https://github.com/nodemailer/mailparser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/google-sheets directory: [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/imap directory: [mailparser](https://github.com/nodemailer/mailparser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/salesforce directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/zoho-mail directory: [mailparser](https://github.com/nodemailer/mailparser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/sftp directory: [basic-ftp](https://github.com/patrickjuchli/basic-ftp).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/smtp directory: [nodemailer](https://github.com/nodemailer/nodemailer).\nBumps the npm_and_yarn group with 7 updates in the /packages/server/api directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/http-proxy](https://github.com/fastify/fastify-http-proxy) | `11.3.0` | `11.4.4` |\n| [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js) | `0.206.0` | `0.217.0` |\n| [fastify](https://github.com/fastify/fastify) | `5.7.3` | `5.8.5` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `7.0.11` | `8.0.5` |\n| [samlify](https://github.com/tngan/samlify) | `2.10.0` | `2.13.0` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.21.0` | `3.36.0` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.1.0` | `9.1.1` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/server/worker directory: [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js).\nBumps the npm_and_yarn group with 1 update in the /packages/web directory: [i18next-http-backend](https://github.com/i18next/i18next-http-backend).\n\nUpdates `@fastify/http-proxy` from 11.3.0 to 11.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-http-proxy/releases\"\u003e@​fastify/http-proxy's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev11.4.4\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33805 \u003ca href=\"https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37\"\u003ehttps://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: remove fast-proxy dependency by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/453\"\u003efastify/fastify-http-proxy#453\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/454\"\u003efastify/fastify-http-proxy#454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump pino-test from 1.1.0 to 2.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/456\"\u003efastify/fastify-http-proxy#456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 5.9.3 to 6.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/455\"\u003efastify/fastify-http-proxy#455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/457\"\u003efastify/fastify-http-proxy#457\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/459\"\u003efastify/fastify-http-proxy#459\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.3...v11.4.4\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.3...v11.4.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Only replace the prefix at the beginning of the URL. by \u003ca href=\"https://github.com/ShogunPanda\"\u003e\u003ccode\u003e@​ShogunPanda\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/452\"\u003efastify/fastify-http-proxy#452\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.2...v11.4.3\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.2...v11.4.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/443\"\u003efastify/fastify-http-proxy#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade borp to v1.0.0 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/445\"\u003efastify/fastify-http-proxy#445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/446\"\u003efastify/fastify-http-proxy#446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/448\"\u003efastify/fastify-http-proxy#448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: removed stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/449\"\u003efastify/fastify-http-proxy#449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(qs): preserve fromParameters query params by \u003ca href=\"https://github.com/rozzilla\"\u003e\u003ccode\u003e@​rozzilla\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/451\"\u003efastify/fastify-http-proxy#451\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/445\"\u003efastify/fastify-http-proxy#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.1...v11.4.2\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.1...v11.4.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add types and updated docs for 'preRewrite'. by \u003ca href=\"https://github.com/mn4367\"\u003e\u003ccode\u003e@​mn4367\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/442\"\u003efastify/fastify-http-proxy#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mn4367\"\u003e\u003ccode\u003e@​mn4367\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/442\"\u003efastify/fastify-http-proxy#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.0...v11.4.1\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.0...v11.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 22.15.34 to 24.0.8 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/424\"\u003efastify/fastify-http-proxy#424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 5.8.3 to 5.9.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/426\"\u003efastify/fastify-http-proxy#426\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/15df3dc5eca55e2e61dba1745f422690b4a55257\"\u003e\u003ccode\u003e15df3dc\u003c/code\u003e\u003c/a\u003e Bumped v11.4.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/87ded36a2a67b3530a4c04f836ba4f26b26b12ae\"\u003e\u003ccode\u003e87ded36\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/459\"\u003e#459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/4011c5d6a3da2b33e8fea5234f09cbd447dfa8f0\"\u003e\u003ccode\u003e4011c5d\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/457\"\u003e#457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/7d287c244a6ec8b222bad4e8fff289c26d0b1606\"\u003e\u003ccode\u003e7d287c2\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump typescript from 5.9.3 to 6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/455\"\u003e#455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/801beea98c3a61b168c64deef4ce694fdafd8804\"\u003e\u003ccode\u003e801beea\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump pino-test from 1.1.0 to 2.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/456\"\u003e#456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/b05568e6b7db701c95171c3a0194516cbb0fea13\"\u003e\u003ccode\u003eb05568e\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/454\"\u003e#454\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/1d675fd2add0e523ea1a97c6f8506ce769366cdc\"\u003e\u003ccode\u003e1d675fd\u003c/code\u003e\u003c/a\u003e chore: remove fast-proxy dependency (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/453\"\u003e#453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/16e2044b7c4b59e6069712510da3a3f4f6bab636\"\u003e\u003ccode\u003e16e2044\u003c/code\u003e\u003c/a\u003e Bumped v11.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/be4a26865b1a588fb016523b35db4baeb16cfe0a\"\u003e\u003ccode\u003ebe4a268\u003c/code\u003e\u003c/a\u003e fix: Only replace the prefix at the beginning of the URL. (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/452\"\u003e#452\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/f5719401e8693716be0001c9e8f777675b965cc5\"\u003e\u003ccode\u003ef571940\u003c/code\u003e\u003c/a\u003e v11.4.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.3.0...v11.4.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@opentelemetry/sdk-node` from 0.206.0 to 0.217.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/releases\"\u003e@​opentelemetry/sdk-node's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eexperimental/v0.217.0\u003c/h2\u003e\n\u003ch2\u003e0.217.0\u003c/h2\u003e\n\u003ch3\u003e:rocket: Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(otlp-transformer): replace protobufjs trace serialization with custom implementation \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6625\"\u003e#6625\u003c/a\u003e \u003ca href=\"https://github.com/pichlermarc\"\u003e\u003ccode\u003e@​pichlermarc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(configuration): auto-generate TypeScript types from OTel declarative config JSON schema (stable v1.0.0) using \u003ccode\u003ejson-schema-to-typescript\u003c/code\u003e and \u003ccode\u003eajv\u003c/code\u003e \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6533\"\u003e#6533\u003c/a\u003e \u003ca href=\"https://github.com/MikeGoldsmith\"\u003e\u003ccode\u003e@​MikeGoldsmith\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(configuration, sdk-node): \u003ccode\u003estartNodeSDK()\u003c/code\u003e code path now uses \u003ccode\u003elog_level\u003c/code\u003e configuration to setup a DiagConsoleLogger \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6668\"\u003e#6668\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eNote that allowed values for \u003ccode\u003elog_level\u003c/code\u003e in a configuration YAML file are \u003cem\u003enot\u003c/em\u003e the same set as for \u003ccode\u003eOTEL_LOG_LEVEL\u003c/code\u003e. Use \u003ccode\u003elog_level: trace\u003c/code\u003e to see \u003cem\u003eall\u003c/em\u003e logs (equivalent of \u003ccode\u003eOTEL_LOG_LEVEL=ALL\u003c/code\u003e). Use \u003ccode\u003elog_level: fatal\u003c/code\u003e to effectively disable the SDK's internal diagnostic logger (equivalent of \u003ccode\u003eOTEL_LOG_LEVEL=NONE\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eIf \u003ccode\u003elog_level\u003c/code\u003e is not specified, a diagnostic console logger at \u0026quot;info\u0026quot; level will be setup.\u003c/li\u003e\n\u003cli\u003eAn invalid YAML config file will now result in a noop OTel SDK.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e:bug: Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix(configuration): do not validate \u003ccode\u003eOTEL_CONFIG_FILE\u003c/code\u003e value before using it for file config \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6643\"\u003e#6643\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): improve how 'additionalProperties' in JSON schema is translated to TS types \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6650\"\u003e#6650\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): remove stripMinItems and preprocessNullArrays from validation/parsing \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6657\"\u003e#6657\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): improve handling of enums in generated types \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6659\"\u003e#6659\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): improve the technique for removing '| null' on types the JSON Schema \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6662\"\u003e#6662\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(sampler-jaeger-remote): add missing axios dep \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6656\"\u003e#6656\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(exporter-prometheus): handle malformed URLs in Prometheus exporter request handler \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6674\"\u003e#6674\u003c/a\u003e \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eexperimental/v0.216.0\u003c/h2\u003e\n\u003ch2\u003e0.216.0\u003c/h2\u003e\n\u003ch3\u003e:rocket: Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(sdk-node): wire attribute_keys from declarative configuration to ViewOptions.attributesProcessors \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6427\"\u003e#6427\u003c/a\u003e \u003ca href=\"https://github.com/ravitheja4531-cell\"\u003e\u003ccode\u003e@​ravitheja4531-cell\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(sdk-node): set TracerProvider in startNodeSDK() \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6607\"\u003e#6607\u003c/a\u003e \u003ca href=\"https://github.com/maryliag\"\u003e\u003ccode\u003e@​maryliag\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e:bug: Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix(instrumentation-xml-http-request): avoid unwrapping \u003ccode\u003eXMLHttpRequest\u003c/code\u003e API when disabling \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6611\"\u003e#6611\u003c/a\u003e \u003ca href=\"https://github.com/david-luna\"\u003e\u003ccode\u003e@​david-luna\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(instrumentation-fetch): tolerate non-writable \u003ccode\u003eglobalThis.fetch\u003c/code\u003e and fix premature \u003ccode\u003e_isEnabled\u003c/code\u003e / \u003ccode\u003e_isFetchPatched\u003c/code\u003e flips in \u003ccode\u003eenable()\u003c/code\u003e \u003ca href=\"https://github.com/brunorodmoreira\"\u003e\u003ccode\u003e@​brunorodmoreira\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(instrumentation-xhr): resolve relative URLs before matching \u003ccode\u003eignoreUrls\u003c/code\u003e \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6551\"\u003e#6551\u003c/a\u003e \u003ca href=\"https://github.com/Maximiliano-Zeballos\"\u003e\u003ccode\u003e@​Maximiliano-Zeballos\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(sdk-node): fix setting of ViewOption#name from ConfigurationModel \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6620\"\u003e#6620\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(web-common): add limit for timeout \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6601\"\u003e#6601\u003c/a\u003e \u003ca href=\"https://github.com/maryliag\"\u003e\u003ccode\u003e@​maryliag\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(otlp-transformer): pin protobufjs@8.0.1 as protobufjs@8.0.3 is broken for browser use \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6646\"\u003e#6646\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e:house: Internal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etest(otlp-transformer): add metrics transform benchmark \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6628\"\u003e#6628\u003c/a\u003e \u003ca href=\"https://github.com/pichlermarc\"\u003e\u003ccode\u003e@​pichlermarc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(opentelemetry-exporter-prometheus): do not call enforcePrometheusNamingConvention() multiple times per metric \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6636\"\u003e#6636\u003c/a\u003e \u003ca href=\"https://github.com/cjihrig\"\u003e\u003ccode\u003e@​cjihrig\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eexperimental/v0.215.0\u003c/h2\u003e\n\u003ch2\u003e0.215.0\u003c/h2\u003e\n\u003ch3\u003e:boom: Breaking Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/74cde1b674508ccc0ed2601ac43a80ff2d35114c\"\u003e\u003ccode\u003e74cde1b\u003c/code\u003e\u003c/a\u003e chore: prepare next release (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6675\"\u003e#6675\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/e8f439adcbec23261d26fcc205f4d2a6d74f16c7\"\u003e\u003ccode\u003ee8f439a\u003c/code\u003e\u003c/a\u003e fix: handle malformed URLs in Prometheus exporter request handler (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6674\"\u003e#6674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/ab3a2e280e589a43d705278be5e8c8308b1b4081\"\u003e\u003ccode\u003eab3a2e2\u003c/code\u003e\u003c/a\u003e feat(sdk-node, configuration): diag log handling updates for startNodeSDK(), ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/d5b7d1e5c6cd3c9547137d0cc6a5185b7b5a8155\"\u003e\u003ccode\u003ed5b7d1e\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency axios to v1.15.2 [security] (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6670\"\u003e#6670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/c16361877b77828d324733a4c8bed6d2ed10c884\"\u003e\u003ccode\u003ec163618\u003c/code\u003e\u003c/a\u003e chore(deps): update github/codeql-action digest to e46ed2c (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6661\"\u003e#6661\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/ec2bfbe0b2afb9d29725140b2d0350e47e23250d\"\u003e\u003ccode\u003eec2bfbe\u003c/code\u003e\u003c/a\u003e chore(configuration): move config generation scripts into the configuration p...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/acc9ecd99591c054e9f3b9d9e36cbd4333bb1411\"\u003e\u003ccode\u003eacc9ecd\u003c/code\u003e\u003c/a\u003e chore(configuration): cosmetic changes to generated types.ts (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6663\"\u003e#6663\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/8f008ece4ee20ad7ef55f673c208010ddb59f751\"\u003e\u003ccode\u003e8f008ec\u003c/code\u003e\u003c/a\u003e chore: Move inactive members to emeritus (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6649\"\u003e#6649\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/435431e4705fd1fb45eec009a3f831b91e6673cd\"\u003e\u003ccode\u003e435431e\u003c/code\u003e\u003c/a\u003e fix(configuration): improve the technique for removing '| null' on types due ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/42220244e99c5ace5c2ac7365d232d3b9d1038b2\"\u003e\u003ccode\u003e4222024\u003c/code\u003e\u003c/a\u003e fix(configuration): improve handling of enums in generated types (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6659\"\u003e#6659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/compare/experimental/v0.206.0...experimental/v0.217.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.7.3 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.3\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-3635 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(readme): add \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e to plugin team by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6565\"\u003efastify/fastify#6565\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated Plugins-Guide.md; Changed \u0026quot;fastify\u0026quot; to \u0026quot;instance\u0026quot; during plugin registration to showcase that it's added as a child by \u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: use fastify.test in test case by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6568\"\u003efastify/fastify#6568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use fastify.example in documentation by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6567\"\u003efastify/fastify#6567\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add common performance degradation guidance by \u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(server): fix camelCase anchor links in TOC by \u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(link-checker): fix root-relative links resolution by \u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update syntax markdown, absolute paths and links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6569\"\u003efastify/fastify#6569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify content-type parser/schema mismatch is outside threat model by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6537\"\u003efastify/fastify#6537\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix incorrect code examples in Reply and Request reference by \u003ca href=\"https://github.com/mahmoodhamdi\"\u003e\u003ccode\u003e@​mahmoodhamdi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6582\"\u003efastify/fastify#6582\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: replace redirected npm.im http-errors link by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6588\"\u003efastify/fastify#6588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: Allow port to be null in request type definition by \u003ca href=\"https://github.com/TristanBarlow\"\u003e\u003ccode\u003e@​TristanBarlow\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6589\"\u003efastify/fastify#6589\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6593\"\u003efastify/fastify#6593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(lock-threads): use shared lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6592\"\u003efastify/fastify#6592\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3983cce8124714242099e8756a7a9a80a0ba0aea\"\u003e\u003ccode\u003e3983cce\u003c/code\u003e\u003c/a\u003e Bumped v5.8.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3ce3ae6752dbed672759856081af9cb1e2733105\"\u003e\u003ccode\u003e3ce3ae6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/b06a196b694c0c7aed53976cd77456f1ad7d4c9f\"\u003e\u003ccode\u003eb06a196\u003c/code\u003e\u003c/a\u003e docs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6610\"\u003e#6610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/909c5d5329536b0acc004da7649b3da8af9273b2\"\u003e\u003ccode\u003e909c5d5\u003c/code\u003e\u003c/a\u003e chore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6630\"\u003e#6630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/4db21a36ddb588acaebf5a4472ccb3b0d5fc9db0\"\u003e\u003ccode\u003e4db21a3\u003c/code\u003e\u003c/a\u003e chore: Bump borp from 0.21.0 to 1.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6633\"\u003e#6633\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/0f4e544c8acd7c42df347936e613a73cecc4f3fe\"\u003e\u003ccode\u003e0f4e544\u003c/code\u003e\u003c/a\u003e chore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6632\"\u003e#6632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/33a2fcd39de584713495bf4b3bd864137746f224\"\u003e\u003ccode\u003e33a2fcd\u003c/code\u003e\u003c/a\u003e chore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6629\"\u003e#6629\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/fd35d829a8cd496a3c1170c0c1c021130e3ca0e8\"\u003e\u003ccode\u003efd35d82\u003c/code\u003e\u003c/a\u003e ci: reduce cron schedules from daily/weekly to monthly (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6623\"\u003e#6623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/8dee9be05ebf683cd212aeff1d294f6ea1ec405c\"\u003e\u003ccode\u003e8dee9be\u003c/code\u003e\u003c/a\u003e fix: restore trustProxy function for number and string types, add null check ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/d457aeda8611777389c7e4713a288eb7ddb9a389\"\u003e\u003ccode\u003ed457aed\u003c/code\u003e\u003c/a\u003e chore: upgrade to typescript v6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6605\"\u003e#6605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify/compare/v5.7.3...v5.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `i18next-http-backend` from 2.5.2 to 3.0.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/i18next/i18next-http-backend/blob/master/CHANGELOG.md\"\u003ei18next-http-backend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e3.0.5\u003c/h3\u003e\n\u003cp\u003eSecurity release — all issues found via an internal audit. See published advisory \u003ca href=\"https://github.com/i18next/i18next-http-backend/security/advisories/GHSA-q89c-q3h5-w34g\"\u003eGHSA-q89c-q3h5-w34g\u003c/a\u003e.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity: refuse to build request URLs when \u003ccode\u003elng\u003c/code\u003e or \u003ccode\u003ens\u003c/code\u003e values contain path-traversal, URL-structure (\u003ccode\u003e?\u003c/code\u003e, \u003ccode\u003e#\u003c/code\u003e, \u003ccode\u003e%\u003c/code\u003e, \u003ccode\u003e@\u003c/code\u003e, whitespace), path separators, control characters, prototype keys, or exceed 128 chars. Prevents path traversal / SSRF / URL injection via attacker-controlled language-code values. \u003ccode\u003eisSafeUrlSegment\u003c/code\u003e is permissive for legitimate i18next language codes (any BCP-47-like shape, underscores, hyphens, dots, \u003ccode\u003e+\u003c/code\u003e-joined multi-language requests) (\u003ca href=\"https://github.com/i18next/i18next-http-backend/security/advisories/GHSA-q89c-q3h5-w34g\"\u003eGHSA-q89c-q3h5-w34g\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esecurity: per-instance \u003ccode\u003eomitFetchOptions\u003c/code\u003e — the fetch-options-stripping fallback is now scoped to a single backend instance via \u003ccode\u003eoptions._omitFetchOptions\u003c/code\u003e instead of a module-level boolean. One instance hitting a \u0026quot;not implemented\u0026quot; fetch error no longer permanently strips \u003ccode\u003erequestOptions\u003c/code\u003e (including \u003ccode\u003ecredentials\u003c/code\u003e, \u003ccode\u003emode\u003c/code\u003e, \u003ccode\u003ecache\u003c/code\u003e) from every other backend instance in the same process\u003c/li\u003e\n\u003cli\u003esecurity: strip CR/LF/NUL and other C0/C1 control characters from \u003ccode\u003elng\u003c/code\u003e/\u003ccode\u003ens\u003c/code\u003e / URL values before they appear in error-callback strings (CWE-117 log forging)\u003c/li\u003e\n\u003cli\u003esecurity: redact \u003ccode\u003euser:password\u003c/code\u003e credentials from URLs before including them in error-callback strings — prevents leaking basic-auth credentials embedded in \u003ccode\u003eloadPath\u003c/code\u003e / \u003ccode\u003eaddPath\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003esecurity: iterate own enumerable keys only (\u003ccode\u003eObject.keys\u003c/code\u003e + prototype-key guard) in \u003ccode\u003eaddQueryString\u003c/code\u003e and in the \u003ccode\u003ecustomHeaders\u003c/code\u003e loop in XHR mode — prevents prototype-pollution amplification into the URL and request headers\u003c/li\u003e\n\u003cli\u003echore: ignore \u003ccode\u003e.env*\u003c/code\u003e and \u003ccode\u003e*.pem\u003c/code\u003e/\u003ccode\u003e*.key\u003c/code\u003e files in \u003ccode\u003e.gitignore\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse own interpolation function for loadPath and addPath instead of relying on i18next's interpolator \u003ca href=\"https://redirect.github.com/i18next/i18next/issues/2420\"\u003ei18next#2420\u003c/a\u003e — this means only \u003ccode\u003e{{lng}}\u003c/code\u003e and \u003ccode\u003e{{ns}}\u003c/code\u003e placeholders are supported; custom interpolation prefix/suffix from i18next config no longer applies to backend paths\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize fetchApi selector\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etry to get rid of top-level await\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix for Deno 2 and removal of unnecessary .cjs file\u003c/li\u003e\n\u003cli\u003efor esm build environments not supporting top-level await, you should import the \u003ccode\u003ei18next-http-backend/cjs\u003c/code\u003e export or stay at v2.6.2 or v2.7.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize fetchApi selector [backported]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esame as 2.6.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeprecated, same as v3.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove network error detection across browsers \u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/pull/152\"\u003e152\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize \u0026quot;Failed to fetch\u0026quot; retry case \u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/issues/147\"\u003e147\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.0\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/5757fa3283bff31bd75e75598c3bcb44179bd892\"\u003e\u003ccode\u003e5757fa3\u003c/code\u003e\u003c/a\u003e 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4cee84f229c637b9c182366d3156f726d407a621\"\u003e\u003ccode\u003e4cee84f\u003c/code\u003e\u003c/a\u003e security: hardening for 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4cbc48741128d9b1f6cceb43edabfbec84c92615\"\u003e\u003ccode\u003e4cbc487\u003c/code\u003e\u003c/a\u003e Bump next from 16.2.1 to 16.2.3 in /example/next (\u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/issues/180\"\u003e#180\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/0d7dcbb09989d358b3af9a67658469ae8ed361dc\"\u003e\u003ccode\u003e0d7dcbb\u003c/code\u003e\u003c/a\u003e make last change more clear\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/c740e013ab5ff4ea3a71f9e0842a302bdf4147ae\"\u003e\u003ccode\u003ec740e01\u003c/code\u003e\u003c/a\u003e year\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/e1dc72b3fb016932959d2bf796d94985baca7050\"\u003e\u003ccode\u003ee1dc72b\u003c/code\u003e\u003c/a\u003e changelog fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4dbb4851ff53b0058d8f0a254779b45c839e6c24\"\u003e\u003ccode\u003e4dbb485\u003c/code\u003e\u003c/a\u003e 3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/5f33a0c2d72f8f9c1e0add30b9b75a0c2edeb7b6\"\u003e\u003ccode\u003e5f33a0c\u003c/code\u003e\u003c/a\u003e use own interpolation function for loadPath and addPath instead of relying on...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/681c09d12ebfafef09351b784d2e7b250328879f\"\u003e\u003ccode\u003e681c09d\u003c/code\u003e\u003c/a\u003e update ci actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/e63ff163717ba02c589e27fa81cc881add892fbd\"\u003e\u003ccode\u003ee63ff16\u003c/code\u003e\u003c/a\u003e adjust deno test\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/i18next/i18next-http-backend/compare/v2.5.2...v3.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nodemailer` from 7.0.11 to 8.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/releases\"\u003enodemailer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.4...v8.0.5\"\u003e8.0.5\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edecode SMTP server responses as UTF-8 at line boundary (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e95876b1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esanitize CRLF in transport name option to prevent SMTP command injection (GHSA-vvjj-xcjg-gr5g) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e0a43876\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4\"\u003e8.0.4\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esanitize envelope size to prevent SMTP command injection (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e2d7b971\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.2...v8.0.3\"\u003e8.0.3\u003c/a\u003e (2026-03-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up addressparser and fix group name fallback producing undefined (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9d55877f8ed15a6aefd7ba76cbb6b6a6cdbcc4fd\"\u003e9d55877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix cookie bugs, remove dead code, and improve hot-path efficiency (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003ee8c8b92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor smtp-connection for clarity and add Node.js 6 syntax compat test (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c5b48ea61c28eabf347972f4198a12cdab226ff7\"\u003ec5b48ea\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove familySupportCache that broke DNS resolution tests (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003ec803d90\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.2\"\u003e8.0.2\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emerge fragmented display names with unquoted commas in addressparser (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/fe27f7fd57f7587d897274438da2f628ad0ad7d9\"\u003efe27f7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.0...v8.0.1\"\u003e8.0.1\u003c/a\u003e (2026-02-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/7f8dde41438c66b8311e888fa5f8c518fcaba6f1\"\u003e7f8dde4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/381f628d55e62bb3131bd2a452fa1ce00bc48aea\"\u003e381f628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Gmail Workspace service configuration (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1787\"\u003e#1787\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/dc97ede417b3030b311771541b1f17f5ca76bcbf\"\u003edc97ede\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.13...v8.0.0\"\u003e8.0.0\u003c/a\u003e (2026-02-04)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md\"\u003enodemailer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.4...v8.0.5\"\u003e8.0.5\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edecode SMTP server responses as UTF-8 at line boundary (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e95876b1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esanitize CRLF in transport name option to prevent SMTP command injection (GHSA-vvjj-xcjg-gr5g) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e0a43876\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4\"\u003e8.0.4\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esanitize envelope size to prevent SMTP command injection (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e2d7b971\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.2...v8.0.3\"\u003e8.0.3\u003c/a\u003e (2026-03-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up addressparser and fix group name fallback producing undefined (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9d55877f8ed15a6aefd7ba76cbb6b6a6cdbcc4fd\"\u003e9d55877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix cookie bugs, remove dead code, and improve hot-path efficiency (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003ee8c8b92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor smtp-connection for clarity and add Node.js 6 syntax compat test (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c5b48ea61c28eabf347972f4198a12cdab226ff7\"\u003ec5b48ea\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove familySupportCache that broke DNS resolution tests (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003ec803d90\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.2\"\u003e8.0.2\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emerge fragmented display names with unquoted commas in addressparser (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/fe27f7fd57f7587d897274438da2f628ad0ad7d9\"\u003efe27f7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.0...v8.0.1\"\u003e8.0.1\u003c/a\u003e (2026-02-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/7f8dde41438c66b8311e888fa5f8c518fcaba6f1\"\u003e7f8dde4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/381f628d55e62bb3131bd2a452fa1ce00bc48aea\"\u003e381f628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Gmail Workspace service configuration (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1787\"\u003e#1787\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/dc97ede417b3030b311771541b1f17f5ca76bcbf\"\u003edc97ede\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.13...v8.0.0\"\u003e8.0.0\u003c/a\u003e (2026-02-04)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eError code 'NoAuth' renamed to 'ENOAUTH'\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/202cfb3e14010223204e9ba9f7430176be624f0f\"\u003e\u003ccode\u003e202cfb3\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.5 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1809\"\u003e#1809\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/b634abf05959edcc7207cdaba2c6541f92994cbb\"\u003e\u003ccode\u003eb634abf\u003c/code\u003e\u003c/a\u003e docs: add CLAUDE.md with project conventions and release process\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e\u003ccode\u003e95876b1\u003c/code\u003e\u003c/a\u003e fix: decode SMTP server responses as UTF-8 at line boundary\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e\u003ccode\u003e0a43876\u003c/code\u003e\u003c/a\u003e fix: sanitize CRLF in transport name option to prevent SMTP command injection...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/08e59e64d0f8595fa535f07061787e0946372657\"\u003e\u003ccode\u003e08e59e6\u003c/code\u003e\u003c/a\u003e chore: update dev dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d319753c34d2f0ced24d8eb1d7d866d965f59f4\"\u003e\u003ccode\u003e2d31975\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.4 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1806\"\u003e#1806\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e\u003ccode\u003e2d7b971\u003c/code\u003e\u003c/a\u003e fix: sanitize envelope size to prevent SMTP command injection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/4e702e97650aaff442a7bc040957ba9c53c614b8\"\u003e\u003ccode\u003e4e702e9\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.3 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1804\"\u003e#1804\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003e\u003ccode\u003ec803d90\u003c/code\u003e\u003c/a\u003e fix: remove familySupportCache that broke DNS resolution tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003e\u003ccode\u003ee8c8b92\u003c/code\u003e\u003c/a\u003e fix: fix cookie bugs, remove dead code, and improve hot-path efficiency\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.11...v8.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rollup` from 4.22.5 to 4.59.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/releases\"\u003erollup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.59.0\u003c/h2\u003e\n\u003ch2\u003e4.59.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow when the generated bundle contains paths that would leave the output directory (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6276\"\u003e#6276\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6275\"\u003e#6275\u003c/a\u003e: Validate bundle stays within output dir (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.58.0\u003c/h2\u003e\n\u003ch2\u003e4.58.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-20\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAlso support \u003ccode\u003e__NO_SIDE_EFFECTS__\u003c/code\u003e annotation before variable declarations declaring function expressions (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6272\"\u003e#6272\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6256\"\u003e#6256\u003c/a\u003e: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (\u003ca href=\"https://github.com/njg7194\"\u003e\u003ccode\u003e@​njg7194\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6259\"\u003e#6259\u003c/a\u003e: docs: Correct typo and improve sentence structure in docs for \u003ccode\u003eoutput.experimentalMinChunkSize\u003c/code\u003e (\u003ca href=\"https://github.com/millerick\"\u003e\u003ccode\u003e@​millerick\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6260\"\u003e#6260\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v47 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6261\"\u003e#6261\u003c/a\u003e: fix(deps): lock file maintenance minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6262\"\u003e#6262\u003c/a\u003e: Avoid unnecessary cloning of the code string (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6263\"\u003e#6263\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6265\"\u003e#6265\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6267\"\u003e#6267\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6268\"\u003e#6268\u003c/a\u003e: chore(deps): update dependency eslint-plugin-unicorn to v63 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6269\"\u003e#6269\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6270\"\u003e#6270\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6272\"\u003e#6272\u003c/a\u003e: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.57.1\u003c/h2\u003e\n\u003ch2\u003e4.57.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-01-30\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix heap corruption issue in Windows (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6251\"\u003e#6251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure exports of a dynamic import are fully included when called from a try...catch (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6254\"\u003e#6254\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6251\"\u003e#6251\u003c/a\u003e: fix: Isolate and cache \u003ccode\u003eprocess.report.getReport()\u003c/code\u003e calls in a child process for robust environment detection (\u003ca href=\"https://github.com/alan-agius4\"\u003e\u003ccode\u003e@​alan-agius4\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/blob/master/CHANGELOG.md\"\u003erollup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.59.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow when the generated bundle contains paths that would leave the output directory (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6276\"\u003e#6276\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6275\"\u003e#6275\u003c/a\u003e: Validate bundle stays within output dir (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.58.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-20\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAlso support \u003ccode\u003e__NO_SIDE_EFFECTS__\u003c/code\u003e annotation before variable declarations declaring function expressions (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6272\"\u003e#6272\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6256\"\u003e#6256\u003c/a\u003e: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (\u003ca href=\"https://github.com/njg7194\"\u003e\u003ccode\u003e@​njg7194\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6259\"\u003e#6259\u003c/a\u003e: docs: Correct typo and improve sentence structure in docs for \u003ccode\u003eoutput.experimentalMinChunkSize\u003c/code\u003e (\u003ca href=\"https://github.com/millerick\"\u003e\u003ccode\u003e@​millerick\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6260\"\u003e#6260\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v47 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6261\"\u003e#6261\u003c/a\u003e: fix(deps): lock file maintenance minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6262\"\u003e#6262\u003c/a\u003e: Avoid unnecessary cloning of the code string (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6263\"\u003e#6263\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6265\"\u003e#6265\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6267\"\u003e#6267\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6268\"\u003e#6268\u003c/a\u003e: chore(deps): update dependency eslint-plugin-unicorn to v63 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6269\"\u003e#6269\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6270\"\u003e#6270\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6272\"\u003e#6272\u003c/a\u003e: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.57.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-01-30\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix heap corruption issue in Windows (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6251\"\u003e#6251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure exports of a dynamic import are fully included when called from a try...catch (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6254\"\u003e#6254\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6251\"\u003e#6251\u003c/a\u003e: fix: Isolate and cache \u003ccode\u003eprocess.report.getReport()\u003c/code\u003e calls in a child process for robust environment detection (\u003ca href=\"https://github.com/alan-agius4\"\u003e\u003ccode\u003e@​alan-agius4\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6252\"\u003e#6252\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6253\"\u003e#6253\u003c/a\u003e: chore(deps): lock file maintenance minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6254\"\u003e#6254\u003c/a\u003e: Fully include dynamic imports in a try-catch (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/ae846957f109690a866cc3e4c073613c338d3476\"\u003e\u003ccode\u003eae84695\u003c/code\u003e\u003c/a\u003e 4.59.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/b39616e9175b3d9fc3977c99153174c490805a93\"\u003e\u003ccode\u003eb39616e\u003c/code\u003e\u003c/a\u003e Update audit-resolve\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/c60770d7aaf750e512c1b2774989ea4596e660b2\"\u003e\u003ccode\u003ec60770d\u003c/code\u003e\u003c/a\u003e Validate bundle stays within output dir (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6275\"\u003e#6275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/33f39c1f205ea2eadaf4b589e493453e2baa3662\"\u003e\u003ccode\u003e33f39c1\u003c/code\u003e\u003c/a\u003e 4.58.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/b61c40803b717854c1c28937e8098e5ad3c7b8ca\"\u003e\u003ccode\u003eb61c408\u003c/code\u003e\u003c/a\u003e forward NO_SIDE_EFFECTS annotations to function expressions in variable decla...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/7f00689ec90e2cafb11c26eefbcac62343c936f6\"\u003e\u003ccode\u003e7f00689\u003c/code\u003e\u003c/a\u003e Extend agent instructions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/e7b2b85af0901244ecc141b9d792c6db6b527ea4\"\u003e\u003ccode\u003ee7b2b85\u003c/code\u003e\u003c/a\u003e chore(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6270\"\u003e#6270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/2aa5da9baf82211b8207d268c8751630cb766970\"\u003e\u003ccode\u003e2aa5da9\u003c/code\u003e\u003c/a\u003e fix(deps): update minor/patch updates (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6267\"\u003e#6267\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/4319837c5448d0c10d89e9ded118888deec2eeec\"\u003e\u003ccode\u003e4319837\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6269\"\u003e#6269\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/c3b6b4bdc4f2ed978fa233132a526957e6513233\"\u003e\u003ccode\u003ec3b6b4b\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency eslint-plugin-unicorn to v63 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6268\"\u003e#6268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rollup/rollup/compare/v4.22.5...v4.59.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for rollup since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `samlify` from 2.10.0 to 2.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tngan/samlify/releases\"\u003esamlify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e from 0.8.11 to 0.8.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/603\"\u003etngan/samlify#603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e from 0.8.12 to 0.8.13 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/605\"\u003etngan/samlify#605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump postcss from 8.5.6 to 8.5.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/606\"\u003etngan/samlify#606\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: reject promises with Error instances, not raw strings (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/581\"\u003e#581\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/607\"\u003etngan/samlify#607\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support simpleSign binding for logout request/response (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/584\"\u003e#584\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/608\"\u003etngan/samlify#608\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: correct the parseResult example in saml-response (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/518\"\u003e#518\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/609\"\u003etngan/samlify#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify that wantMessageSigned and signatureConfig are SP options (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/516\"\u003e#516\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/610\"\u003etngan/samlify#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRFC-0001: introduce .skills/ and mandatory SAML 2.0 spec citation workflow by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/611\"\u003etngan/samlify#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: per-request relayState for login + logout (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/163\"\u003e#163\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/612\"\u003etngan/samlify#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esec: 2026-04 audit — patch vite, fix XXE bypass, reject unknown sig algs by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/613\"\u003etngan/samlify#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: omit AuthnRequest attributes whose value is null/undefined (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/455\"\u003e#455\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/614\"\u003etngan/samlify#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pass SessionIndex through createLogoutRequest (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/470\"\u003e#470\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/615\"\u003etngan/samlify#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: throw a clear error when redirect binding has no SSO/SLO endpoint (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/308\"\u003e#308\u003c/a\u003e \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/405\"\u003e#405\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/617\"\u003etngan/samlify#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: surface SP/IdP signing flags in ERR_METADATA_CONFLICT_REQUEST_SIGNED_FLAG (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/453\"\u003e#453\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/616\"\u003etngan/samlify#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: default signatureConfig for SP when wantMessageSigned is true (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/454\"\u003e#454\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/619\"\u003etngan/samlify#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: per-request ForceAuthn for createLoginRequest (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/359\"\u003e#359\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/618\"\u003etngan/samlify#618\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support tagPrefix.protocol and tagPrefix.assertion on IdP (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/388\"\u003e#388\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/620\"\u003etngan/samlify#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: invoke customTagReplacement even without explicit template (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/549\"\u003e#549\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/621\"\u003etngan/samlify#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support elementsOrder option on IdP metadata (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/429\"\u003e#429\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/622\"\u003etngan/samlify#622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support RSASSA-PSS signature algorithms (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/624\"\u003e#624\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/625\"\u003etngan/sa...\n\n_Description has been truncated_","html_url":"https://github.com/jeremiah9980/activepieces/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/jeremiah9980%2Factivepieces/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"9.0.0","new_version":"9.1.3","update_type":"minor","path":null,"pr_created_at":"2026-06-08T05:32:17.000Z","version_change":"9.0.0 → 9.1.3","issue":{"uuid":"4610267987","node_id":"PR_kwDOSO8knc7jxFDo","number":21,"state":"open","title":"chore(deps): bump the npm-minor group across 1 directory with 50 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-08T05:32:17.000Z","updated_at":"2026-06-08T05:32:18.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm-minor","update_count":50,"packages":[{"name":"@aws-sdk/client-s3","old_version":"3.975.0","new_version":"3.1063.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@aws-sdk/lib-storage","old_version":"3.975.0","new_version":"3.1063.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@aws-sdk/s3-request-presigner","old_version":"3.975.0","new_version":"3.1063.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@azure/storage-blob","old_version":"12.26.0","new_version":"12.32.0","repository_url":"https://github.com/Azure/azure-sdk-for-js"},{"name":"@databricks/sql","old_version":"1.12.0","new_version":"1.15.0","repository_url":"https://github.com/databricks/databricks-sql-nodejs"},{"name":"@fastify/static","old_version":"9.0.0","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"},{"name":"@langchain/anthropic","old_version":"1.3.15","new_version":"1.4.0","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"@langchain/langgraph","old_version":"1.1.4","new_version":"1.3.6","repository_url":"https://github.com/langchain-ai/langgraphjs"},{"name":"@langchain/openai","old_version":"1.2.5","new_version":"1.4.7","repository_url":"https://github.com/langchain-ai/langchainjs"},{"name":"@modelcontextprotocol/sdk","old_version":"1.26.0","new_version":"1.29.0","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"@nestjs/common","old_version":"11.1.12","new_version":"11.1.24","repository_url":"https://github.com/nestjs/nest"},{"name":"@nestjs/config","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/nestjs/config"},{"name":"@nestjs/core","old_version":"11.1.12","new_version":"11.1.24","repository_url":"https://github.com/nestjs/nest"},{"name":"@nestjs/event-emitter","old_version":"3.0.1","new_version":"3.1.0","repository_url":"https://github.com/nestjs/event-emitter"},{"name":"@nestjs/platform-fastify","old_version":"11.1.12","new_version":"11.1.24","repository_url":"https://github.com/nestjs/nest"},{"name":"@nestjs/schedule","old_version":"6.1.0","new_version":"6.1.3","repository_url":"https://github.com/nestjs/schedule"},{"name":"@nestjs/swagger","old_version":"11.2.5","new_version":"11.4.4","repository_url":"https://github.com/nestjs/swagger"},{"name":"@nestjs/terminus","old_version":"11.0.0","new_version":"11.1.1","repository_url":"https://github.com/nestjs/terminus"},{"name":"@opentelemetry/api","old_version":"1.9.0","new_version":"1.9.1","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"@opentelemetry/auto-instrumentations-node","old_version":"0.68.0","new_version":"0.76.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js-contrib"},{"name":"@opentelemetry/exporter-metrics-otlp-http","old_version":"0.210.0","new_version":"0.218.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"@opentelemetry/exporter-trace-otlp-http","old_version":"0.210.0","new_version":"0.218.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"@opentelemetry/sdk-node","old_version":"0.210.0","new_version":"0.218.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"@opentelemetry/semantic-conventions","old_version":"1.39.0","new_version":"1.41.1","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"class-validator","old_version":"0.14.3","new_version":"0.15.1","repository_url":"https://github.com/typestack/class-validator"},{"name":"js-yaml","old_version":"4.1.1","new_version":"4.2.0","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"mssql","old_version":"12.2.0","new_version":"12.5.5","repository_url":"https://github.com/tediousjs/node-mssql"},{"name":"@types/mssql","old_version":"9.1.9","new_version":"12.3.0","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"mysql2","old_version":"3.16.3","new_version":"3.22.5","repository_url":"https://github.com/sidorares/node-mysql2"},{"name":"n3","old_version":"2.0.1","new_version":"2.0.3","repository_url":"https://github.com/rdfjs/N3.js"},{"name":"neo4j-driver","old_version":"6.0.1","new_version":"6.1.0","repository_url":"https://github.com/neo4j/neo4j-javascript-driver"},{"name":"pg","old_version":"8.18.0","new_version":"8.21.0","repository_url":"https://github.com/brianc/node-postgres"},{"name":"@types/pg","old_version":"8.15.6","new_version":"8.20.0","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"snowflake-sdk","old_version":"2.3.3","new_version":"2.4.3","repository_url":"https://github.com/snowflakedb/snowflake-connector-nodejs"},{"name":"@nestjs/cli","old_version":"11.0.16","new_version":"11.0.21","repository_url":"https://github.com/nestjs/nest-cli"},{"name":"@nestjs/schematics","old_version":"11.0.9","new_version":"11.1.0","repository_url":"https://github.com/nestjs/schematics"},{"name":"@nestjs/testing","old_version":"11.1.12","new_version":"11.1.24","repository_url":"https://github.com/nestjs/nest"},{"name":"@swc/cli","old_version":"0.7.10","new_version":"0.8.1","repository_url":"https://github.com/swc-project/pkgs"},{"name":"@swc/core","old_version":"1.15.11","new_version":"1.15.40","repository_url":"https://github.com/swc-project/swc"},{"name":"ts-jest","old_version":"29.4.6","new_version":"29.4.11","repository_url":"https://github.com/kulshekhar/ts-jest"},{"name":"@codemirror/lang-yaml","old_version":"6.1.2","new_version":"6.1.3","repository_url":"https://github.com/codemirror/lang-yaml"},{"name":"@uiw/react-codemirror","old_version":"4.25.4","new_version":"4.25.10","repository_url":"https://github.com/uiwjs/react-codemirror"},{"name":"@vitest/coverage-v8","old_version":"4.0.17","new_version":"4.1.8","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"msw","old_version":"2.12.7","new_version":"2.14.6","repository_url":"https://github.com/mswjs/msw"},{"name":"validator","old_version":"13.15.26","new_version":"13.15.35","repository_url":"https://github.com/validatorjs/validator.js"},{"name":"memfs","old_version":"4.56.10","new_version":"4.57.6","repository_url":"https://github.com/streamich/memfs"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm-minor group with 46 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.975.0` | `3.1063.0` |\n| [@aws-sdk/lib-storage](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/lib/lib-storage) | `3.975.0` | `3.1063.0` |\n| [@aws-sdk/s3-request-presigner](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner) | `3.975.0` | `3.1063.0` |\n| [@azure/storage-blob](https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob) | `12.26.0` | `12.32.0` |\n| [@databricks/sql](https://github.com/databricks/databricks-sql-nodejs) | `1.12.0` | `1.15.0` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `9.0.0` | `9.1.3` |\n| [@langchain/anthropic](https://github.com/langchain-ai/langchainjs) | `1.3.15` | `1.4.0` |\n| [@langchain/langgraph](https://github.com/langchain-ai/langgraphjs/tree/HEAD/libs/langgraph-core) | `1.1.4` | `1.3.6` |\n| [@langchain/openai](https://github.com/langchain-ai/langchainjs) | `1.2.5` | `1.4.7` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.26.0` | `1.29.0` |\n| [@nestjs/common](https://github.com/nestjs/nest/tree/HEAD/packages/common) | `11.1.12` | `11.1.24` |\n| [@nestjs/config](https://github.com/nestjs/config) | `4.0.2` | `4.0.4` |\n| [@nestjs/core](https://github.com/nestjs/nest/tree/HEAD/packages/core) | `11.1.12` | `11.1.24` |\n| [@nestjs/event-emitter](https://github.com/nestjs/event-emitter) | `3.0.1` | `3.1.0` |\n| [@nestjs/platform-fastify](https://github.com/nestjs/nest/tree/HEAD/packages/platform-fastify) | `11.1.12` | `11.1.24` |\n| [@nestjs/schedule](https://github.com/nestjs/schedule) | `6.1.0` | `6.1.3` |\n| [@nestjs/swagger](https://github.com/nestjs/swagger) | `11.2.5` | `11.4.4` |\n| [@nestjs/terminus](https://github.com/nestjs/terminus) | `11.0.0` | `11.1.1` |\n| [@opentelemetry/api](https://github.com/open-telemetry/opentelemetry-js) | `1.9.0` | `1.9.1` |\n| [@opentelemetry/auto-instrumentations-node](https://github.com/open-telemetry/opentelemetry-js-contrib/tree/HEAD/packages/auto-instrumentations-node) | `0.68.0` | `0.76.0` |\n| [@opentelemetry/exporter-metrics-otlp-http](https://github.com/open-telemetry/opentelemetry-js) | `0.210.0` | `0.218.0` |\n| [@opentelemetry/exporter-trace-otlp-http](https://github.com/open-telemetry/opentelemetry-js) | `0.210.0` | `0.218.0` |\n| [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js) | `0.210.0` | `0.218.0` |\n| [@opentelemetry/semantic-conventions](https://github.com/open-telemetry/opentelemetry-js) | `1.39.0` | `1.41.1` |\n| [class-validator](https://github.com/typestack/class-validator) | `0.14.3` | `0.15.1` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.1` | `4.2.0` |\n| [mssql](https://github.com/tediousjs/node-mssql) | `12.2.0` | `12.5.5` |\n| [@types/mssql](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/mssql) | `9.1.9` | `12.3.0` |\n| [mysql2](https://github.com/sidorares/node-mysql2) | `3.16.3` | `3.22.5` |\n| [n3](https://github.com/rdfjs/N3.js) | `2.0.1` | `2.0.3` |\n| [neo4j-driver](https://github.com/neo4j/neo4j-javascript-driver) | `6.0.1` | `6.1.0` |\n| [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) | `8.18.0` | `8.21.0` |\n| [@types/pg](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/pg) | `8.15.6` | `8.20.0` |\n| [snowflake-sdk](https://github.com/snowflakedb/snowflake-connector-nodejs) | `2.3.3` | `2.4.3` |\n| [@nestjs/cli](https://github.com/nestjs/nest-cli) | `11.0.16` | `11.0.21` |\n| [@nestjs/schematics](https://github.com/nestjs/schematics) | `11.0.9` | `11.1.0` |\n| [@nestjs/testing](https://github.com/nestjs/nest/tree/HEAD/packages/testing) | `11.1.12` | `11.1.24` |\n| [@swc/cli](https://github.com/swc-project/pkgs) | `0.7.10` | `0.8.1` |\n| [@swc/core](https://github.com/swc-project/swc/tree/HEAD/packages/core) | `1.15.11` | `1.15.40` |\n| [ts-jest](https://github.com/kulshekhar/ts-jest) | `29.4.6` | `29.4.11` |\n| [@codemirror/lang-yaml](https://github.com/codemirror/lang-yaml) | `6.1.2` | `6.1.3` |\n| [@uiw/react-codemirror](https://github.com/uiwjs/react-codemirror) | `4.25.4` | `4.25.10` |\n| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.0.17` | `4.1.8` |\n| [msw](https://github.com/mswjs/msw) | `2.12.7` | `2.14.6` |\n| [validator](https://github.com/validatorjs/validator.js) | `13.15.26` | `13.15.35` |\n| [memfs](https://github.com/streamich/memfs) | `4.56.10` | `4.57.6` |\n\n\nUpdates `@aws-sdk/client-s3` from 3.975.0 to 3.1063.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/releases\"\u003e@​aws-sdk/client-s3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1063.0\u003c/h2\u003e\n\u003ch4\u003e3.1063.0(2026-06-05)\u003c/h4\u003e\n\u003ch5\u003eChores\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003eupdate author URL in package.json (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8080\"\u003e#8080\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9bd1a86b9bec0f69c58dcfdda481c9e1797dd73f\"\u003e9bd1a86b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecrt-loader:\u003c/strong\u003e  update to latest aws-crt (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8079\"\u003e#8079\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8c2bdabd5826c8914eb1904880eade3c81ca6be4\"\u003e8c2bdabd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  update client endpoints as of 2026-06-05 (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/fe9a398fbfb3d324e4b67c7677fc63f62933f283\"\u003efe9a398f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sagemaker:\u003c/strong\u003e  This release adds support for MLflow experiment tracking in SageMaker inference optimization. CreateAIRecommendationJob and CreateAIBenchmarkJob now accept an optional OutputConfig.MlflowConfig (MLflow App ARN, experiment, run name) to stream benchmark metrics and artifacts to your own MLflow App. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/394304420ef42ed5c8918990273788bfd69d5f5a\"\u003e39430442\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-emr-serverless:\u003c/strong\u003e  Adds support for updating max capacity and custom fields while application is started (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6c9cce08f51a2b91ca5c7fc9dca2bfd293980546\"\u003e6c9cce08\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-dynamodb:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/416005d46847152ba1a24e4ce3297f47469f685c\"\u003e416005d4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-mediaconvert:\u003c/strong\u003e  Adds support for configurable number of Clear Lead segments at the beginning of encrypted output. Adds support for multiple trickplay variants. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/40eb4c6b527bb508bc7bdb2402528cff5ed49198\"\u003e40eb4c6b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-payment-cryptography:\u003c/strong\u003e  Adds CloudFormation support for resource-based policies on AWS Payment Cryptography keys. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c32019a8ffa7be444993d1ee8288d2c43c8a3f89\"\u003ec32019a8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-quicksight:\u003c/strong\u003e  Adds support for Knowledge Base APIs and Index Capacity API (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8205152f535d2a38e0f0ea5e2d516ab8b484650d\"\u003e8205152f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eBug Fixes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore/httpAuthSchemes:\u003c/strong\u003e  fix concurrent skew correction (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8078\"\u003e#8078\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/83e48928b9f31c78c6c10adc2127d663837ddd2a\"\u003e83e48928\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eTests\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003emiddleware-endpoint-discovery:\u003c/strong\u003e  remove integration tests (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8077\"\u003e#8077\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/02363831ab1c4cae1b254efe92ab49fa71f20700\"\u003e02363831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  add client error deserialization tests (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8075\"\u003e#8075\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0dfa4ad150e0283cf787cd231600aeb7d75695f0\"\u003e0dfa4ad1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eFor list of updated packages, view \u003cstrong\u003eupdated-packages.md\u003c/strong\u003e in \u003cstrong\u003eassets-3.1063.0.zip\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1062.0\u003c/h2\u003e\n\u003ch4\u003e3.1062.0(2026-06-04)\u003c/h4\u003e\n\u003ch5\u003eChores\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003escripts:\u003c/strong\u003e  include generated packages when validating declared imports 1-1 with used imports (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8072\"\u003e#8072\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/291ad3664d63b413e6c9631ac0a833e5819ceeaa\"\u003e291ad366\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eDocumentation Changes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-guardduty:\u003c/strong\u003e  Remove unsupported RDS field for filter (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5815da7f30f1bdfdcd45fa09c59d0a199a4e8e0a\"\u003e5815da7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-interconnect:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/34e23ef23951a492d90749601a3c2e395177b019\"\u003e34e23ef2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ec2-instance-connect:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c2a4981e83ab456c1335204c4c5693cf2b4ef510\"\u003ec2a4981e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-mq:\u003c/strong\u003e  BDD bulk update change rollout (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e058b8fd7fb9bffbacde2468108973c5a82139e2\"\u003ee058b8fd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-workspaces:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6b1e3602cde54d7840c6ab80610c46c9bd07262c\"\u003e6b1e3602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-connectparticipant:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/22db2a6a6f37796f76290bcd3faf1a5bec0f4426\"\u003e22db2a6a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md\"\u003e@​aws-sdk/client-s3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1062.0...v3.1063.0\"\u003e3.1063.0\u003c/a\u003e (2026-06-05)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1061.0...v3.1062.0\"\u003e3.1062.0\u003c/a\u003e (2026-06-04)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1060.0...v3.1061.0\"\u003e3.1061.0\u003c/a\u003e (2026-06-03)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1059.0...v3.1060.0\"\u003e3.1060.0\u003c/a\u003e (2026-06-03)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1058.0...v3.1059.0\"\u003e3.1059.0\u003c/a\u003e (2026-06-02)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1057.0...v3.1058.0\"\u003e3.1058.0\u003c/a\u003e (2026-06-01)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1056.0...v3.1057.0\"\u003e3.1057.0\u003c/a\u003e (2026-05-29)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/85dabf4ef0c81d9db5405c483b3bfbd2126075d4\"\u003e\u003ccode\u003e85dabf4\u003c/code\u003e\u003c/a\u003e Publish v3.1063.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9bd1a86b9bec0f69c58dcfdda481c9e1797dd73f\"\u003e\u003ccode\u003e9bd1a86\u003c/code\u003e\u003c/a\u003e chore: update author URL in package.json (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8080\"\u003e#8080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/f5235bbaa2e234435fed935ae69df09b33149d0c\"\u003e\u003ccode\u003ef5235bb\u003c/code\u003e\u003c/a\u003e Publish v3.1062.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/291ad3664d63b413e6c9631ac0a833e5819ceeaa\"\u003e\u003ccode\u003e291ad36\u003c/code\u003e\u003c/a\u003e chore(scripts): include generated packages when validating declared imports 1...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/71df2cc54f319fdbd1a6cd82b0317dbb65b386a7\"\u003e\u003ccode\u003e71df2cc\u003c/code\u003e\u003c/a\u003e Publish v3.1061.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/121609400451d15166872f5dc2a2d8fe75c7d7f6\"\u003e\u003ccode\u003e1216094\u003c/code\u003e\u003c/a\u003e chore(middleware-sdk-s3): consolidate S3 internal packages (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8026\"\u003e#8026\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8aeb92dd6ab42e4b59ebb3ad5a7c43b503af0183\"\u003e\u003ccode\u003e8aeb92d\u003c/code\u003e\u003c/a\u003e Publish v3.1060.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/75bb4fc527454646b0992d69d8910e743d81654b\"\u003e\u003ccode\u003e75bb4fc\u003c/code\u003e\u003c/a\u003e Publish v3.1059.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6b082a6526a0bb0ba213bb16b4c97a0b1134bc45\"\u003e\u003ccode\u003e6b082a6\u003c/code\u003e\u003c/a\u003e chore(codegen): sync for adaptive retry fix, EAI_AGAIN transient error (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8067\"\u003e#8067\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d7602d4e4256f1c91b499dcfa8e444041fdf96b6\"\u003e\u003ccode\u003ed7602d4\u003c/code\u003e\u003c/a\u003e Publish v3.1058.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commits/v3.1063.0/clients/client-s3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@aws-sdk/lib-storage` from 3.975.0 to 3.1063.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/releases\"\u003e@​aws-sdk/lib-storage's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1063.0\u003c/h2\u003e\n\u003ch4\u003e3.1063.0(2026-06-05)\u003c/h4\u003e\n\u003ch5\u003eChores\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003eupdate author URL in package.json (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8080\"\u003e#8080\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9bd1a86b9bec0f69c58dcfdda481c9e1797dd73f\"\u003e9bd1a86b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecrt-loader:\u003c/strong\u003e  update to latest aws-crt (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8079\"\u003e#8079\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8c2bdabd5826c8914eb1904880eade3c81ca6be4\"\u003e8c2bdabd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  update client endpoints as of 2026-06-05 (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/fe9a398fbfb3d324e4b67c7677fc63f62933f283\"\u003efe9a398f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sagemaker:\u003c/strong\u003e  This release adds support for MLflow experiment tracking in SageMaker inference optimization. CreateAIRecommendationJob and CreateAIBenchmarkJob now accept an optional OutputConfig.MlflowConfig (MLflow App ARN, experiment, run name) to stream benchmark metrics and artifacts to your own MLflow App. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/394304420ef42ed5c8918990273788bfd69d5f5a\"\u003e39430442\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-emr-serverless:\u003c/strong\u003e  Adds support for updating max capacity and custom fields while application is started (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6c9cce08f51a2b91ca5c7fc9dca2bfd293980546\"\u003e6c9cce08\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-dynamodb:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/416005d46847152ba1a24e4ce3297f47469f685c\"\u003e416005d4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-mediaconvert:\u003c/strong\u003e  Adds support for configurable number of Clear Lead segments at the beginning of encrypted output. Adds support for multiple trickplay variants. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/40eb4c6b527bb508bc7bdb2402528cff5ed49198\"\u003e40eb4c6b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-payment-cryptography:\u003c/strong\u003e  Adds CloudFormation support for resource-based policies on AWS Payment Cryptography keys. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c32019a8ffa7be444993d1ee8288d2c43c8a3f89\"\u003ec32019a8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-quicksight:\u003c/strong\u003e  Adds support for Knowledge Base APIs and Index Capacity API (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8205152f535d2a38e0f0ea5e2d516ab8b484650d\"\u003e8205152f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eBug Fixes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore/httpAuthSchemes:\u003c/strong\u003e  fix concurrent skew correction (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8078\"\u003e#8078\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/83e48928b9f31c78c6c10adc2127d663837ddd2a\"\u003e83e48928\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eTests\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003emiddleware-endpoint-discovery:\u003c/strong\u003e  remove integration tests (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8077\"\u003e#8077\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/02363831ab1c4cae1b254efe92ab49fa71f20700\"\u003e02363831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  add client error deserialization tests (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8075\"\u003e#8075\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0dfa4ad150e0283cf787cd231600aeb7d75695f0\"\u003e0dfa4ad1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eFor list of updated packages, view \u003cstrong\u003eupdated-packages.md\u003c/strong\u003e in \u003cstrong\u003eassets-3.1063.0.zip\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1062.0\u003c/h2\u003e\n\u003ch4\u003e3.1062.0(2026-06-04)\u003c/h4\u003e\n\u003ch5\u003eChores\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003escripts:\u003c/strong\u003e  include generated packages when validating declared imports 1-1 with used imports (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8072\"\u003e#8072\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/291ad3664d63b413e6c9631ac0a833e5819ceeaa\"\u003e291ad366\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eDocumentation Changes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-guardduty:\u003c/strong\u003e  Remove unsupported RDS field for filter (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5815da7f30f1bdfdcd45fa09c59d0a199a4e8e0a\"\u003e5815da7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-interconnect:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/34e23ef23951a492d90749601a3c2e395177b019\"\u003e34e23ef2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ec2-instance-connect:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c2a4981e83ab456c1335204c4c5693cf2b4ef510\"\u003ec2a4981e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-mq:\u003c/strong\u003e  BDD bulk update change rollout (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e058b8fd7fb9bffbacde2468108973c5a82139e2\"\u003ee058b8fd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-workspaces:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6b1e3602cde54d7840c6ab80610c46c9bd07262c\"\u003e6b1e3602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-connectparticipant:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/22db2a6a6f37796f76290bcd3faf1a5bec0f4426\"\u003e22db2a6a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/blob/main/lib/lib-storage/CHANGELOG.md\"\u003e@​aws-sdk/lib-storage's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1062.0...v3.1063.0\"\u003e3.1063.0\u003c/a\u003e (2026-06-05)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/lib-storage\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1061.0...v3.1062.0\"\u003e3.1062.0\u003c/a\u003e (2026-06-04)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/lib-storage\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1060.0...v3.1061.0\"\u003e3.1061.0\u003c/a\u003e (2026-06-03)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/lib-storage\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1059.0...v3.1060.0\"\u003e3.1060.0\u003c/a\u003e (2026-06-03)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/lib-storage\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1058.0...v3.1059.0\"\u003e3.1059.0\u003c/a\u003e (2026-06-02)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/lib-storage\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1057.0...v3.1058.0\"\u003e3.1058.0\u003c/a\u003e (2026-06-01)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/lib-storage\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1056.0...v3.1057.0\"\u003e3.1057.0\u003c/a\u003e (2026-05-29)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/85dabf4ef0c81d9db5405c483b3bfbd2126075d4\"\u003e\u003ccode\u003e85dabf4\u003c/code\u003e\u003c/a\u003e Publish v3.1063.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9bd1a86b9bec0f69c58dcfdda481c9e1797dd73f\"\u003e\u003ccode\u003e9bd1a86\u003c/code\u003e\u003c/a\u003e chore: update author URL in package.json (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/lib/lib-storage/issues/8080\"\u003e#8080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/f5235bbaa2e234435fed935ae69df09b33149d0c\"\u003e\u003ccode\u003ef5235bb\u003c/code\u003e\u003c/a\u003e Publish v3.1062.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/71df2cc54f319fdbd1a6cd82b0317dbb65b386a7\"\u003e\u003ccode\u003e71df2cc\u003c/code\u003e\u003c/a\u003e Publish v3.1061.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8aeb92dd6ab42e4b59ebb3ad5a7c43b503af0183\"\u003e\u003ccode\u003e8aeb92d\u003c/code\u003e\u003c/a\u003e Publish v3.1060.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/75bb4fc527454646b0992d69d8910e743d81654b\"\u003e\u003ccode\u003e75bb4fc\u003c/code\u003e\u003c/a\u003e Publish v3.1059.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6b082a6526a0bb0ba213bb16b4c97a0b1134bc45\"\u003e\u003ccode\u003e6b082a6\u003c/code\u003e\u003c/a\u003e chore(codegen): sync for adaptive retry fix, EAI_AGAIN transient error (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/lib/lib-storage/issues/8067\"\u003e#8067\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d7602d4e4256f1c91b499dcfa8e444041fdf96b6\"\u003e\u003ccode\u003ed7602d4\u003c/code\u003e\u003c/a\u003e Publish v3.1058.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e836d5c0437f234ca692615924cf7f88cf2748c6\"\u003e\u003ccode\u003ee836d5c\u003c/code\u003e\u003c/a\u003e Publish v3.1057.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4b035429227c5be4093e5b3898a4eb5dc70824b0\"\u003e\u003ccode\u003e4b03542\u003c/code\u003e\u003c/a\u003e Publish v3.1056.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commits/v3.1063.0/lib/lib-storage\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@aws-sdk/s3-request-presigner` from 3.975.0 to 3.1063.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/releases\"\u003e@​aws-sdk/s3-request-presigner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1063.0\u003c/h2\u003e\n\u003ch4\u003e3.1063.0(2026-06-05)\u003c/h4\u003e\n\u003ch5\u003eChores\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003eupdate author URL in package.json (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8080\"\u003e#8080\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9bd1a86b9bec0f69c58dcfdda481c9e1797dd73f\"\u003e9bd1a86b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecrt-loader:\u003c/strong\u003e  update to latest aws-crt (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8079\"\u003e#8079\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8c2bdabd5826c8914eb1904880eade3c81ca6be4\"\u003e8c2bdabd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  update client endpoints as of 2026-06-05 (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/fe9a398fbfb3d324e4b67c7677fc63f62933f283\"\u003efe9a398f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sagemaker:\u003c/strong\u003e  This release adds support for MLflow experiment tracking in SageMaker inference optimization. CreateAIRecommendationJob and CreateAIBenchmarkJob now accept an optional OutputConfig.MlflowConfig (MLflow App ARN, experiment, run name) to stream benchmark metrics and artifacts to your own MLflow App. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/394304420ef42ed5c8918990273788bfd69d5f5a\"\u003e39430442\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-emr-serverless:\u003c/strong\u003e  Adds support for updating max capacity and custom fields while application is started (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6c9cce08f51a2b91ca5c7fc9dca2bfd293980546\"\u003e6c9cce08\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-dynamodb:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/416005d46847152ba1a24e4ce3297f47469f685c\"\u003e416005d4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-mediaconvert:\u003c/strong\u003e  Adds support for configurable number of Clear Lead segments at the beginning of encrypted output. Adds support for multiple trickplay variants. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/40eb4c6b527bb508bc7bdb2402528cff5ed49198\"\u003e40eb4c6b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-payment-cryptography:\u003c/strong\u003e  Adds CloudFormation support for resource-based policies on AWS Payment Cryptography keys. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c32019a8ffa7be444993d1ee8288d2c43c8a3f89\"\u003ec32019a8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-quicksight:\u003c/strong\u003e  Adds support for Knowledge Base APIs and Index Capacity API (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8205152f535d2a38e0f0ea5e2d516ab8b484650d\"\u003e8205152f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eBug Fixes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore/httpAuthSchemes:\u003c/strong\u003e  fix concurrent skew correction (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8078\"\u003e#8078\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/83e48928b9f31c78c6c10adc2127d663837ddd2a\"\u003e83e48928\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eTests\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003emiddleware-endpoint-discovery:\u003c/strong\u003e  remove integration tests (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8077\"\u003e#8077\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/02363831ab1c4cae1b254efe92ab49fa71f20700\"\u003e02363831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  add client error deserialization tests (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8075\"\u003e#8075\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0dfa4ad150e0283cf787cd231600aeb7d75695f0\"\u003e0dfa4ad1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eFor list of updated packages, view \u003cstrong\u003eupdated-packages.md\u003c/strong\u003e in \u003cstrong\u003eassets-3.1063.0.zip\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1062.0\u003c/h2\u003e\n\u003ch4\u003e3.1062.0(2026-06-04)\u003c/h4\u003e\n\u003ch5\u003eChores\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003escripts:\u003c/strong\u003e  include generated packages when validating declared imports 1-1 with used imports (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8072\"\u003e#8072\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/291ad3664d63b413e6c9631ac0a833e5819ceeaa\"\u003e291ad366\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eDocumentation Changes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-guardduty:\u003c/strong\u003e  Remove unsupported RDS field for filter (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5815da7f30f1bdfdcd45fa09c59d0a199a4e8e0a\"\u003e5815da7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-interconnect:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/34e23ef23951a492d90749601a3c2e395177b019\"\u003e34e23ef2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ec2-instance-connect:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c2a4981e83ab456c1335204c4c5693cf2b4ef510\"\u003ec2a4981e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-mq:\u003c/strong\u003e  BDD bulk update change rollout (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e058b8fd7fb9bffbacde2468108973c5a82139e2\"\u003ee058b8fd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-workspaces:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6b1e3602cde54d7840c6ab80610c46c9bd07262c\"\u003e6b1e3602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-connectparticipant:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/22db2a6a6f37796f76290bcd3faf1a5bec0f4426\"\u003e22db2a6a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/blob/main/packages/s3-request-presigner/CHANGELOG.md\"\u003e@​aws-sdk/s3-request-presigner's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1062.0...v3.1063.0\"\u003e3.1063.0\u003c/a\u003e (2026-06-05)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1061.0...v3.1062.0\"\u003e3.1062.0\u003c/a\u003e (2026-06-04)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1060.0...v3.1061.0\"\u003e3.1061.0\u003c/a\u003e (2026-06-03)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1059.0...v3.1060.0\"\u003e3.1060.0\u003c/a\u003e (2026-06-03)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1058.0...v3.1059.0\"\u003e3.1059.0\u003c/a\u003e (2026-06-02)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1057.0...v3.1058.0\"\u003e3.1058.0\u003c/a\u003e (2026-06-01)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/s3-request-presigner\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1056.0...v3.1057.0\"\u003e3.1057.0\u003c/a\u003e (2026-05-29)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/85dabf4ef0c81d9db5405c483b3bfbd2126075d4\"\u003e\u003ccode\u003e85dabf4\u003c/code\u003e\u003c/a\u003e Publish v3.1063.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9bd1a86b9bec0f69c58dcfdda481c9e1797dd73f\"\u003e\u003ccode\u003e9bd1a86\u003c/code\u003e\u003c/a\u003e chore: update author URL in package.json (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner/issues/8080\"\u003e#8080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/f5235bbaa2e234435fed935ae69df09b33149d0c\"\u003e\u003ccode\u003ef5235bb\u003c/code\u003e\u003c/a\u003e Publish v3.1062.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/71df2cc54f319fdbd1a6cd82b0317dbb65b386a7\"\u003e\u003ccode\u003e71df2cc\u003c/code\u003e\u003c/a\u003e Publish v3.1061.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8aeb92dd6ab42e4b59ebb3ad5a7c43b503af0183\"\u003e\u003ccode\u003e8aeb92d\u003c/code\u003e\u003c/a\u003e Publish v3.1060.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/75bb4fc527454646b0992d69d8910e743d81654b\"\u003e\u003ccode\u003e75bb4fc\u003c/code\u003e\u003c/a\u003e Publish v3.1059.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/6b082a6526a0bb0ba213bb16b4c97a0b1134bc45\"\u003e\u003ccode\u003e6b082a6\u003c/code\u003e\u003c/a\u003e chore(codegen): sync for adaptive retry fix, EAI_AGAIN transient error (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner/issues/8067\"\u003e#8067\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/d7602d4e4256f1c91b499dcfa8e444041fdf96b6\"\u003e\u003ccode\u003ed7602d4\u003c/code\u003e\u003c/a\u003e Publish v3.1058.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e836d5c0437f234ca692615924cf7f88cf2748c6\"\u003e\u003ccode\u003ee836d5c\u003c/code\u003e\u003c/a\u003e Publish v3.1057.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4b035429227c5be4093e5b3898a4eb5dc70824b0\"\u003e\u003ccode\u003e4b03542\u003c/code\u003e\u003c/a\u003e Publish v3.1056.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commits/v3.1063.0/packages/s3-request-presigner\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@azure/storage-blob` from 12.26.0 to 12.32.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/storage-blob/CHANGELOG.md\"\u003e@​azure/storage-blob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e12.32.0 (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003eFeatures Added\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIncludes all features released in 12.32.0-beta.1.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12.32.0-beta.1 (2026-03-05)\u003c/h2\u003e\n\u003ch3\u003eFeatures Added\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for service version 2026-04-06.\u003c/li\u003e\n\u003cli\u003eAdded support for Content Validation via Structured Message.\u003c/li\u003e\n\u003cli\u003eAdded support for Delete Blob Conditional Tier.\u003c/li\u003e\n\u003cli\u003eAdded support for Server-side Encryption Rekeying.\u003c/li\u003e\n\u003cli\u003eAdded cross-tenant support for Principal-Bound User Delegation SAS.\u003c/li\u003e\n\u003cli\u003eAdded support for Dynamic User Delegation SAS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12.31.0 (2026-02-10)\u003c/h2\u003e\n\u003ch3\u003eFeatures Added\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnhanced \u003ccode\u003ereadableStreamBody\u003c/code\u003e type to include \u003ccode\u003e.destroy()\u003c/code\u003e method, making stream cancellation more type-safe without requiring type casting.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated minimum version of \u003ccode\u003e@azure/storage-common\u003c/code\u003e to \u003ccode\u003e^12.3.0\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12.30.0 (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eFeatures Added\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIncludes all features released in 12.30.0-beta.1.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12.30.0-beta.1 (2025-11-24)\u003c/h2\u003e\n\u003ch3\u003eFeatures Added\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for service version 2026-02-06.\u003c/li\u003e\n\u003cli\u003eAdded support for the StartFrom parameter on BlobContainerClient.listBlobs() and .listBlobsByHierarchy().\u003c/li\u003e\n\u003cli\u003eAdded support for Principal-Bound Identity User Delegation SAS\u003c/li\u003e\n\u003cli\u003eAdded support for conditional headers on BlobBaseClient.getTags(), and .getTags().\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor to import and re-export common APIs from \u003ccode\u003e@azure/storage-common\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12.29.1 (2025-10-16)\u003c/h2\u003e\n\u003ch3\u003eFeatures Added\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commit/d740d83f7a558e4b10f7f2ff010c94fe6e4f016f\"\u003e\u003ccode\u003ed740d83\u003c/code\u003e\u003c/a\u003e Resolve interface comments (\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob/issues/38702\"\u003e#38702\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commit/ff9fc24b8d0c39aeefb48da2e223cc7f7c8448d3\"\u003e\u003ccode\u003eff9fc24\u003c/code\u003e\u003c/a\u003e Update package version for stg101 (\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob/issues/38623\"\u003e#38623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commit/603366dcbcdf287f9032301cdd2d3b642598c4a3\"\u003e\u003ccode\u003e603366d\u003c/code\u003e\u003c/a\u003e [storage] update streamToBuffer helpers to handle chunks correctly (\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob/issues/38465\"\u003e#38465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commit/3de1abed3cc6bba886c0381feb1c3de013f22506\"\u003e\u003ccode\u003e3de1abe\u003c/code\u003e\u003c/a\u003e Add imports field to all warp-built packages (\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob/issues/38391\"\u003e#38391\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commit/0aa0f0f78debca83fd0976ab581d282d3823b486\"\u003e\u003ccode\u003e0aa0f0f\u003c/code\u003e\u003c/a\u003e Add react-native devDependency to packages with RN targets (\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob/issues/38392\"\u003e#38392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commit/e8f0055e347ccd2cd9d282d45f4dc3e6fbf1137f\"\u003e\u003ccode\u003ee8f0055\u003c/code\u003e\u003c/a\u003e chore: Update registry for all package.json and adjust check rules (\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob/issues/38281\"\u003e#38281\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commit/8226e6f9f053b04be4274617057627ddf883bcfe\"\u003e\u003ccode\u003e8226e6f\u003c/code\u003e\u003c/a\u003e [test] Fix swapped assertion arguments across test files (\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob/issues/37972\"\u003e#37972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commit/65c0ccc3ac17dbd3a8f6ccd712f947ea878b3124\"\u003e\u003ccode\u003e65c0ccc\u003c/code\u003e\u003c/a\u003e feat(warp): explicit CJS via moduleType, esbuild ESM→CJS transform (\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob/issues/37893\"\u003e#37893\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commit/7b9b6aac5f2d4861087434c6cd38de3d91463278\"\u003e\u003ccode\u003e7b9b6aa\u003c/code\u003e\u003c/a\u003e Storage/content checksum (\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob/issues/37208\"\u003e#37208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commit/460a94d1f1aae2a497dac32257089f01acbcb444\"\u003e\u003ccode\u003e460a94d\u003c/code\u003e\u003c/a\u003e [warp] Migrate storage packages to warp with type-compatible browser … (\u003ca href=\"https://github.com/Azure/azure-sdk-for-js/tree/HEAD/sdk/storage/storage-blob/issues/37443\"\u003e#37443\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Azure/azure-sdk-for-js/commits/@azure/storage-blob_12.32.0/sdk/storage/storage-blob\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@databricks/sql` from 1.12.0 to 1.15.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/releases\"\u003e@​databricks/sql's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd SPOG routing support: parse \u003ccode\u003e?o=\u0026lt;workspaceId\u0026gt;\u003c/code\u003e from \u003ccode\u003ehttpPath\u003c/code\u003e and inject \u003ccode\u003ex-databricks-org-id\u003c/code\u003e on Thrift, telemetry, and feature-flag requests. Expose \u003ccode\u003ecustomHeaders\u003c/code\u003e on \u003ccode\u003eConnectionOptions\u003c/code\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#391\u003c/code\u003e\u003ca href=\"https://github.com/samikshya-db\"\u003e\u003ccode\u003e@​samikshya-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTelemetry: enable by default with feature-flag-controlled priority, and fix final-flush dropping on \u003ccode\u003eclient.close()\u003c/code\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#327\u003c/code\u003e\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/391\"\u003e#391\u003c/a\u003e by \u003ca href=\"https://github.com/samikshya-db\"\u003e\u003ccode\u003e@​samikshya-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#363\u003c/code\u003e\u003ca href=\"https://github.com/msrathore-db\"\u003e\u003ccode\u003e@​msrathore-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: use a valid SPDX license identifier in \u003ccode\u003epackage.json\u003c/code\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#389\u003c/code\u003e\u003ca href=\"https://github.com/sreekanth-db\"\u003e\u003ccode\u003e@​sreekanth-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#366\u003c/code\u003e\u003ca href=\"https://github.com/sreekanth-db\"\u003e\u003ccode\u003e@​sreekanth-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#333\u003c/code\u003e\u003ca href=\"https://github.com/vikrantpuppala\"\u003e\u003ccode\u003e@​vikrantpuppala\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#325\u003c/code\u003e\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/326\"\u003e#326\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/362\"\u003e#362\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.13.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAdd token federation support\u003c/strong\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#318\u003c/code\u003e\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/319\"\u003edatabricks/databricks-sql-nodejs#319\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/320\"\u003edatabricks/databricks-sql-nodejs#320\u003c/a\u003e by \u003ca href=\"https://github.com/madhav-db\"\u003e\u003ccode\u003e@​madhav-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAdd metric view metadata support\u003c/strong\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#312\u003c/code\u003e\u003ca href=\"https://github.com/shivam2680\"\u003e\u003ccode\u003e@​shivam2680\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFix:\u003c/strong\u003e Avoid calling \u003ccode\u003erequire('lz4')\u003c/code\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#316\u003c/code\u003e\u003ca href=\"https://github.com/ikkala\"\u003e\u003ccode\u003e@​ikkala\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFix flaky Iterator tests\u003c/strong\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#313\u003c/code\u003e\u003ca href=\"https://github.com/shivam2680\"\u003e\u003ccode\u003e@​shivam2680\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRemove notification spam\u003c/strong\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#322\u003c/code\u003e\u003ca href=\"https://github.com/samikshya-db\"\u003e\u003ccode\u003e@​samikshya-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAdd telemetry foundation\u003c/strong\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#324\u003c/code\u003e\u003ca href=\"https://github.com/samikshya-db\"\u003e\u003ccode\u003e@​samikshya-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ikkala\"\u003e\u003ccode\u003e@​ikkala\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/pull/316\"\u003edatabricks/databricks-sql-nodejs#316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/madhav-db\"\u003e\u003ccode\u003e@​madhav-db\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/pull/318\"\u003edatabricks/databricks-sql-nodejs#318\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/compare/1.12.0...1.13.0\"\u003ehttps://github.com/databricks/databricks-sql-nodejs/compare/1.12.0...1.13.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/blob/main/CHANGELOG.md\"\u003e@​databricks/sql's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd SPOG routing support: parse \u003ccode\u003e?o=\u0026lt;workspaceId\u0026gt;\u003c/code\u003e from \u003ccode\u003ehttpPath\u003c/code\u003e and inject \u003ccode\u003ex-databricks-org-id\u003c/code\u003e on Thrift, telemetry, and feature-flag requests. Expose \u003ccode\u003ecustomHeaders\u003c/code\u003e on \u003ccode\u003eConnectionOptions\u003c/code\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#391\u003c/code\u003e\u003ca href=\"https://github.com/samikshya-db\"\u003e\u003ccode\u003e@​samikshya-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTelemetry: enable by default with feature-flag-controlled priority, and fix final-flush dropping on \u003ccode\u003eclient.close()\u003c/code\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#327\u003c/code\u003e\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/391\"\u003e#391\u003c/a\u003e by \u003ca href=\"https://github.com/samikshya-db\"\u003e\u003ccode\u003e@​samikshya-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#363\u003c/code\u003e\u003ca href=\"https://github.com/msrathore-db\"\u003e\u003ccode\u003e@​msrathore-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: use a valid SPDX license identifier in \u003ccode\u003epackage.json\u003c/code\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#389\u003c/code\u003e\u003ca href=\"https://github.com/sreekanth-db\"\u003e\u003ccode\u003e@​sreekanth-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#366\u003c/code\u003e\u003ca href=\"https://github.com/sreekanth-db\"\u003e\u003ccode\u003e@​sreekanth-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#333\u003c/code\u003e\u003ca href=\"https://github.com/vikrantpuppala\"\u003e\u003ccode\u003e@​vikrantpuppala\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#325\u003c/code\u003e\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/326\"\u003e#326\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/362\"\u003e#362\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.13.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#318\u003c/code\u003e\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/319\"\u003edatabricks/databricks-sql-nodejs#319\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/320\"\u003edatabricks/databricks-sql-nodejs#320\u003c/a\u003e by \u003ca href=\"https://github.com/madhav-db\"\u003e\u003ccode\u003e@​madhav-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#312\u003c/code\u003e\u003ca href=\"https://github.com/shivam2680\"\u003e\u003ccode\u003e@​shivam2680\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#316\u003c/code\u003e\u003ca href=\"https://github.com/ikkala\"\u003e\u003ccode\u003e@​ikkala\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#324\u003c/code\u003e\u003ca href=\"https://github.com/samikshya-db\"\u003e\u003ccode\u003e@​samikshya-db\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edatabricks/databricks-sql-nodejs#327\u003c/code\u003e\u003ca href=\"https://github.com/samikshya-db\"\u003e\u003ccode\u003e@​samikshya-db\u003c/code\u003e\u003c/a\u003e).\n\u003cstrong\u003eDefault change:\u003c/strong\u003e \u003ccode\u003etelemetryEnabled\u003c/code\u003e now defaults to \u003ccode\u003etrue\u003c/code\u003e (gated by a remote feature flag).\nTo opt out programmatically, pass \u003ccode\u003etelemetryEnabled: false\u003c/code\u003e to \u003ccode\u003econnect()\u003c/code\u003e.\nTo disable globally without code changes, set the environment variable\n\u003ccode\u003eDATABRICKS_TELEMETRY_DISABLED\u003c/code\u003e to one of \u003ccode\u003e1\u003c/code\u003e, \u003ccode\u003etrue\u003c/code\u003e, \u003ccode\u003eyes\u003c/code\u003e, or \u003ccode\u003eon\u003c/code\u003e\n(case-insensitive). Other values (empty, \u003ccode\u003e0\u003c/code\u003e, \u003ccode\u003efalse\u003c/code\u003e, etc.) are ignored\n— the runtime config takes precedence.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/commit/e200a1bc7de6d3ddf12aae2f6bccf4cd281e4fcb\"\u003e\u003ccode\u003ee200a1b\u003c/code\u003e\u003c/a\u003e prepare release 1.15.0 (\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/395\"\u003e#395\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/commit/61805a6f4f788206a97bb6467a08dce430cbf4e0\"\u003e\u003ccode\u003e61805a6\u003c/code\u003e\u003c/a\u003e fix: use valid SPDX license identifier in package.json (\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/389\"\u003e#389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/commit/fab2288bc7efe8660868b02131969f6090975cba\"\u003e\u003ccode\u003efab2288\u003c/code\u003e\u003c/a\u003e [XTA-15079] Add SPOG ?o= routing support and fix final-flush auth on close (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/commit/7e04c7c403dd18436082b33cc237b49dd8f367da\"\u003e\u003ccode\u003e7e04c7c\u003c/code\u003e\u003c/a\u003e docs: telemetry user guide, design spec, and test summary (\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/364\"\u003e#364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/commit/5f1728a9d996817d542aeefe128ec36cd627bffd\"\u003e\u003ccode\u003e5f1728a\u003c/code\u003e\u003c/a\u003e [4/7] Telemetry Event Emission and Aggregation (\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/327\"\u003e#327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/commit/6a4a7c469a1e4ada96b8491f1e211e4cb203cbb3\"\u003e\u003ccode\u003e6a4a7c4\u003c/code\u003e\u003c/a\u003e Fix Azure AD OAuth: tenant-aware discovery URL + correct scope resource (\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/363\"\u003e#363\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/commit/f05f8a96b8920c752278ae9623eb6ebbe5b66b4e\"\u003e\u003ccode\u003ef05f8a9\u003c/code\u003e\u003c/a\u003e prepare release 1.14.0 (\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/371\"\u003e#371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/commit/c6676020d72f2547266d52ff420428b8ff144bcb\"\u003e\u003ccode\u003ec667602\u003c/code\u003e\u003c/a\u003e Statement level query tag in NodeJS connector (\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/commit/de440ef6586cd3abe4e216cd6693cd4eb5b26134\"\u003e\u003ccode\u003ede440ef\u003c/code\u003e\u003c/a\u003e [3/7] Telemetry Client Management: TelemetryClient and Provider (\u003ca href=\"https://redirect.github.com/databricks/databricks-sql-nodejs/issues/326\"\u003e#326\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/commit/3a5e659f126fb3bfd0323159f0bf7c716487a593\"\u003e\u003ccode\u003e3a5e659\u003c/code\u003e\u003c/a\u003e fix: route telemetry HTTP through shared connection stack; fix close() flush ...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/databricks/databricks-sql-nodejs/compare/1.12.0...1.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​databricks/sql\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fastify/static` from 9.0.0 to 9.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: support wildcard prefixes with route params by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/576\"\u003efastify/fastify-static#576\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: resolve wildcard paths in encapsulated contexts by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/574\"\u003efastify/fastify-static#574\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6410 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\u003c/a\u003e.\nThis fixes CVE CVE-2026-6414 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/570\"\u003efastify/fastify-static#570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/552\"\u003efastify/fastify-static#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move ignoreTrailingSlash under routerOptions by \u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/543\"\u003efastify/fastify-static#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump pino and borp dependencies, delete stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update syntax typescript by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/558\"\u003efastify/fastify-static#558\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/560\"\u003efastify/fastify-static#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: sendFile ignoring option overrides in some cases by \u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade c8 to v11.0.0 and improvements test by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/564\"\u003efastify/fastify-static#564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/566\"\u003efastify/fastify-static#566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/880c1a6c9118c7ff7c74a5727e5697237183d5cf\"\u003e\u003ccode\u003e880c1a6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/7f92da5bf2366ccd2e0082e77d5222a7cb47d152\"\u003e\u003ccode\u003e7f92da5\u003c/code\u003e\u003c/a\u003e fix: support wildcard prefixes with route params (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/b0a66d5270a1ee1535e0c786d9beac2c7c7619c6\"\u003e\u003ccode\u003eb0a66d5\u003c/code\u003e\u003c/a\u003e Bumped v9.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/32af86372ab45d3799408d5b56fc7f7d3003e5de\"\u003e\u003ccode\u003e32af863\u003c/code\u003e\u003c/a\u003e fix: resolve wildcard paths in encapsulated contexts (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/48b136f5d8da0efea328f49f6202ab3edabf608b\"\u003e\u003ccode\u003e48b136f\u003c/code\u003e\u003c/a\u003e Bumped v9.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/cc7b7f7e00a5f028599ba17392b831afd0c651aa\"\u003e\u003ccode\u003ecc7b7f7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/9921faa7ffe4931f4bbd2d1a8b6d90e720081856\"\u003e\u003ccode\u003e9921faa\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/4183d2d8dd52b11c27f7adc22abb8d2531ad4a02\"\u003e\u003ccode\u003e4183d2d\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/a3a8cd6c7a5b0937d7ad939564991c284f09754a\"\u003e\u003ccode\u003ea3a8cd6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/8423c80016917b40a3e42c38fd55070a89d1b9b8\"\u003e\u003ccode\u003e8423c80\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@langchain/anthropic` from 1.3.15 to 1.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langchainjs/releases\"\u003e@​langchain/anthropic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/anthropic\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.4.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10777\"\u003e#10777\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/0cfcfc66897d8fafeb7e7ed90b7299eace9a7c37\"\u003e\u003ccode\u003e0cfcfc6\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/jonaslalin\"\u003e\u003ccode\u003e@​jonaslalin\u003c/code\u003e\u003c/a\u003e! - feat(anthropic): support strict tool calling for custom tools\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/anthropic\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.3.27\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10726\"\u003e#10726\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/ad153c185b6cf813d4b7695740d9a4453d2cb63f\"\u003e\u003ccode\u003ead153c1\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e! - feat(anthropic): add Claude Opus 4.7 compatibility updates\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies [\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/589f29ce844eb252c2d5e6b0f8d26de37763a0d7\"\u003e\u003ccode\u003e589f29c\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/2e9e6969e248a53ede0659a41d0ac8dbaf291ab4\"\u003e\u003ccode\u003e2e9e696\u003c/code\u003e\u003c/a\u003e]:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​langchain/core\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.41\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/1b19e4f84d747b481879363b4884c20eb1c0f1a4\"\u003e\u003ccode\u003e1b19e4f\u003c/code\u003e\u003c/a\u003e chore: version packages (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10899\"\u003e#10899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/426e3aba21016d9ee070c3d130f74ae0047c9ce5\"\u003e\u003ccode\u003e426e3ab\u003c/code\u003e\u003c/a\u003e chore: fix uuid changeset (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10916\"\u003e#10916\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/245c98216ce4a6c4340954711a7ad60203283424\"\u003e\u003ccode\u003e245c982\u003c/code\u003e\u003c/a\u003e chore(deps): bump fast-xml-builder from 1.1.5 to 1.2.0 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10914\"\u003e#10914\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/126dac5a7a2fac5978448185893038ac8ea6d994\"\u003e\u003ccode\u003e126dac5\u003c/code\u003e\u003c/a\u003e chore(deps): bump brace-expansion from 5.0.5 to 5.0.6 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10912\"\u003e#10912\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/1abe24becdddce94c5bd2acfaf920b60a683f22b\"\u003e\u003ccode\u003e1abe24b\u003c/code\u003e\u003c/a\u003e chore(deps): bump fast-uri from 3.1.0 to 3.1.2 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10913\"\u003e#10913\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/229a7ad67b9a7ebd8df3ca451e0b8195bea0190e\"\u003e\u003ccode\u003e229a7ad\u003c/code\u003e\u003c/a\u003e fix(openai): preserve v1 assistant tool calls (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10902\"\u003e#10902\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/f26fc4a6f461d6d0f86d59bd00197ad510432c4a\"\u003e\u003ccode\u003ef26fc4a\u003c/code\u003e\u003c/a\u003e fix(core): share fakeModel invocation state across bindTools instances (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10901\"\u003e#10901\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/a0cd7477e59677c8d15e0e70b374afa0a2410582\"\u003e\u003ccode\u003ea0cd747\u003c/code\u003e\u003c/a\u003e chore(deps): bump fast-xml-builder from 1.1.5 to 1.1.9 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10910\"\u003e#10910\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/b208e625865fc7487876b652f479dbf854263e68\"\u003e\u003ccode\u003eb208e62\u003c/code\u003e\u003c/a\u003e chore(deps): bump ip-address from 10.1.0 to 10.2.0 (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10909\"\u003e#10909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/f7e50fb8b98bd9969c0f5cf0967a06df15453453\"\u003e\u003ccode\u003ef7e50fb\u003c/code\u003e\u003c/a\u003e feat(google): Service tier and custom headers (\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/issues/10704\"\u003e#10704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/langchain-ai/langchainjs/compare/@langchain/anthropic@1.3.15...@langchain/anthropic@1.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@langchain/core` from 1.1.19 to 1.1.48\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/langchain-ai/langchainjs/releases\"\u003e@​langchain/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/core\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.48\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10832\"\u003e#10832\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/1b24369a970ad6f56f1f428027f48601f87e62eb\"\u003e\u003ccode\u003e1b24369\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/info-arnav\"\u003e\u003ccode\u003e@​info-arnav\u003c/code\u003e\u003c/a\u003e! - fix(core, openrouter): make CJS default re-exports callable\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10666\"\u003e#10666\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/2bb55b053f49f89e81e3252a7af08e86d71ddd95\"\u003e\u003ccode\u003e2bb55b0\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hnustwjj\"\u003e\u003ccode\u003e@​hnustwjj\u003c/code\u003e\u003c/a\u003e! - feat(openrouter): surface reasoning content as v1 standard content blocks\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003econvertOpenRouterResponseToBaseMessage\u003c/code\u003e and\n\u003ccode\u003econvertOpenRouterDeltaToBaseMessageChunk\u003c/code\u003e now copy OpenRouter's\n\u003ccode\u003ereasoning\u003c/code\u003e (flat string) and \u003ccode\u003ereasoning_details\u003c/code\u003e (structured array) fields\nonto \u003ccode\u003eadditional_kwargs.reasoning_content\u003c/code\u003e / \u003ccode\u003eadditional_kwargs.reasoning_details\u003c/code\u003e.\nA new \u003ccode\u003eChatOpenRouterTranslator\u003c/code\u003e is registered in \u003ccode\u003e@langchain/core\u003c/code\u003e under\nthe \u003ccode\u003e\u0026quot;openrouter\u0026quot;\u003c/code\u003e provider key so \u003ccode\u003eAIMessage.contentBlocks\u003c/code\u003e emits standard\n\u003ccode\u003e{type: \u0026quot;reasoning\u0026quot;}\u003c/code\u003e blocks alongside text and tool calls.\u003c/p\u003e\n\u003cp\u003ePreviously, reasoning text returned by reasoning-capable models routed\nthrough OpenRouter (DeepSeek R1, Minimax M2, Claude extended thinking,\no-series, etc.) was silently dropped: only the \u003ccode\u003ereasoning_tokens\u003c/code\u003e count\nwas preserved via \u003ccode\u003eusage_metadata\u003c/code\u003e. Consumers using standard content blocks\n(including the frontend agent UI patterns shown in the docs) could not\ndisplay the model's chain of thought.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10918\"\u003e#10918\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/3999fab55870c6eea22d6d90c08aa472f9b2fac3\"\u003e\u003ccode\u003e3999fab\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/christian-bromann\"\u003e\u003ccode\u003e@​christian-bromann\u003c/code\u003e\u003c/a\u003e! - fix(openai): stream custom tool calls through Responses API chunks\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/core\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.47\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10906\"\u003e#10906\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/f61b3450f275831e47e69c08899b4a2b67b4bdb3\"\u003e\u003ccode\u003ef61b345\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e! - feat(core): add uuid v6 utility support\u003c/p\u003e\n\u003cp\u003eAdd \u003ccode\u003ev6\u003c/code\u003e UUID generation support to \u003ccode\u003e@langchain/core/utils/uuid\u003c/code\u003e by vendoring the upstream uuidjs \u003ccode\u003ev6\u003c/code\u003e implementation and its \u003ccode\u003ev1ToV6\u003c/code\u003e helper, exporting \u003ccode\u003ev6\u003c/code\u003e from the UUID utils index, and adding tests for deterministic generation, buffer/offset behavior, validation/versioning, and ordering.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10872\"\u003e#10872\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/a64007997a4940f51bba3c1c83dae89d1ccfb692\"\u003e\u003ccode\u003ea640079\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e! - chore(deps): remove redundant \u003ccode\u003e@​types/uuid\u003c/code\u003e declarations\u003c/p\u003e\n\u003cp\u003eRemove \u003ccode\u003e@types/uuid\u003c/code\u003e from package manifests that rely on \u003ccode\u003e@langchain/core/utils/uuid\u003c/code\u003e or do not require uuid type stubs directly, and refresh the lockfile entries accordingly.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10792\"\u003e#10792\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/3682268cd1844b2573b01f07bee367e21cb7bdc7\"\u003e\u003ccode\u003e3682268\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/Genmin\"\u003e\u003ccode\u003e@​Genmin\u003c/code\u003e\u003c/a\u003e! - fix(core): apply v1 message casting after implicit streaming aggregation\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10901\"\u003e#10901\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/f26fc4a6f461d6d0f86d59bd00197ad510432c4a\"\u003e\u003ccode\u003ef26fc4a\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/christian-bromann\"\u003e\u003ccode\u003e@​christian-bromann\u003c/code\u003e\u003c/a\u003e! - fix(testing): share fakeModel invocation state across bindTools instances\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​langchain/core\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.46\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10847\"\u003e#10847\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/1659e7d36e31e315c890fa98f43db887f7a2d52b\"\u003e\u003ccode\u003e1659e7d\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/hntrl\"\u003e\u003ccode\u003e@​hntrl\u003c/code\u003e\u003c/a\u003e! - chore(core): reduce transitive dependency exposure and tighten release hygiene\u003c/p\u003e\n\u003cp\u003eRemove direct runtime dependencies on \u003ccode\u003eansi-styles\u003c/code\u003e, \u003ccode\u003ecamelcase\u003c/code\u003e, and \u003ccode\u003edecamelize\u003c/code\u003e\nby inlining equivalent logic in core internals, and enable npm provenance in the\nrelease workflow.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/langchain-ai/langchainjs/pull/10790\"\u003e#10790\u003c/a\u003e \u003ca href=\"https://github.com/langchain-ai/langchainjs/commit/ef78bc6a21f9a8808ba95c98db2023f0a6b51bcc\"\u003e\u003ccode\u003eef78bc6\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/Genmin\"\u003e\u003ccode\u003e@​Genmin\u003c/code\u003e\u003c/a\u003e! - fix(core): keep different content block types separate when merging chunks\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/...\n\n_Description has been truncated_","html_url":"https://github.com/srini-lingareddy-ext-ey/knecta/pull/21","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/srini-lingareddy-ext-ey%2Fknecta/issues/21","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/21/packages"}},{"old_version":"9.1.1","new_version":"9.1.3","update_type":"patch","path":null,"pr_created_at":"2026-06-04T05:03:02.000Z","version_change":"9.1.1 → 9.1.3","issue":{"uuid":"4585962915","node_id":"PR_kwDOSwnLhs7iiPmI","number":6,"state":"closed","title":"chore(deps): bump the minor-and-patch group with 8 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-08T06:26:09.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-04T05:03:02.000Z","updated_at":"2026-06-08T06:26:11.000Z","time_to_close":350587,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"minor-and-patch","update_count":8,"packages":[{"name":"@fastify/static","old_version":"9.1.1","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"},{"name":"@playwright/test","old_version":"1.59.1","new_version":"1.60.0","repository_url":"https://github.com/microsoft/playwright"},{"name":"@types/node","old_version":"25.6.0","new_version":"25.9.1","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"@types/vscode","old_version":"1.116.0","new_version":"1.120.0","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"eslint","old_version":"10.2.0","new_version":"10.4.1","repository_url":"https://github.com/eslint/eslint"},{"name":"knip","old_version":"6.4.1","new_version":"6.15.0","repository_url":"https://github.com/webpro-nl/knip"},{"name":"tsx","old_version":"4.21.0","new_version":"4.22.4","repository_url":"https://github.com/privatenumber/tsx"},{"name":"typescript-eslint","old_version":"8.58.2","new_version":"8.60.1","repository_url":"https://github.com/typescript-eslint/typescript-eslint"}],"path":null,"ecosystem":"npm"},"body":"Bumps the minor-and-patch group with 8 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `9.1.1` | `9.1.3` |\n| [@playwright/test](https://github.com/microsoft/playwright) | `1.59.1` | `1.60.0` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.6.0` | `25.9.1` |\n| [@types/vscode](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/vscode) | `1.116.0` | `1.120.0` |\n| [eslint](https://github.com/eslint/eslint) | `10.2.0` | `10.4.1` |\n| [knip](https://github.com/webpro-nl/knip/tree/HEAD/packages/knip) | `6.4.1` | `6.15.0` |\n| [tsx](https://github.com/privatenumber/tsx) | `4.21.0` | `4.22.4` |\n| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.58.2` | `8.60.1` |\n\nUpdates `@fastify/static` from 9.1.1 to 9.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: support wildcard prefixes with route params by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/576\"\u003efastify/fastify-static#576\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: resolve wildcard paths in encapsulated contexts by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/574\"\u003efastify/fastify-static#574\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/880c1a6c9118c7ff7c74a5727e5697237183d5cf\"\u003e\u003ccode\u003e880c1a6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/7f92da5bf2366ccd2e0082e77d5222a7cb47d152\"\u003e\u003ccode\u003e7f92da5\u003c/code\u003e\u003c/a\u003e fix: support wildcard prefixes with route params (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/b0a66d5270a1ee1535e0c786d9beac2c7c7619c6\"\u003e\u003ccode\u003eb0a66d5\u003c/code\u003e\u003c/a\u003e Bumped v9.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/32af86372ab45d3799408d5b56fc7f7d3003e5de\"\u003e\u003ccode\u003e32af863\u003c/code\u003e\u003c/a\u003e fix: resolve wildcard paths in encapsulated contexts (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@playwright/test` from 1.59.1 to 1.60.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/microsoft/playwright/releases\"\u003e@​playwright/test's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.60.0\u003c/h2\u003e\n\u003ch2\u003e🌐 HAR recording on Tracing\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://playwright.dev/docs/api/class-tracing#tracing-start-har\"\u003etracing.startHar()\u003c/a\u003e / \u003ca href=\"https://playwright.dev/docs/api/class-tracing#tracing-stop-har\"\u003etracing.stopHar()\u003c/a\u003e expose HAR recording as a first-class tracing API, with the same \u003ccode\u003econtent\u003c/code\u003e, \u003ccode\u003emode\u003c/code\u003e and \u003ccode\u003eurlFilter\u003c/code\u003e options as \u003ccode\u003erecordHar\u003c/code\u003e. The returned \u003ca href=\"https://playwright.dev/docs/api/class-disposable\"\u003eDisposable\u003c/a\u003e makes it easy to scope a recording with \u003ccode\u003eawait using\u003c/code\u003e:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait using har = await context.tracing.startHar('trace.har');\r\nconst page = await context.newPage();\r\nawait page.goto('https://playwright.dev');\r\n// HAR is finalized when `har` goes out of scope.\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003e🪝 Drop API\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-locator#locator-drop\"\u003elocator.drop()\u003c/a\u003e simulates an external drag-and-drop of files or clipboard-like data onto an element. Playwright dispatches \u003ccode\u003edragenter\u003c/code\u003e, \u003ccode\u003edragover\u003c/code\u003e, and \u003ccode\u003edrop\u003c/code\u003e with a synthetic [DataTransfer] in the page context — works cross-browser and is great for testing upload zones:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait page.locator('#dropzone').drop({\r\n  files: { name: 'note.txt', mimeType: 'text/plain', buffer: Buffer.from('hello') },\r\n});\r\n\u003cp\u003eawait page.locator('#dropzone').drop({\ndata: {\n'text/plain': 'hello world',\n'text/uri-list': '\u003ca href=\"https://example.com\"\u003ehttps://example.com\u003c/a\u003e',\n},\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003ch2\u003e🎯 Aria snapshots\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://playwright.dev/docs/api/class-pageassertions#page-assertions-to-match-aria-snapshot\"\u003eexpect(page).toMatchAriaSnapshot()\u003c/a\u003e now works on a \u003ca href=\"https://playwright.dev/docs/api/class-page\"\u003ePage\u003c/a\u003e, in addition to a \u003ca href=\"https://playwright.dev/docs/api/class-locator\"\u003eLocator\u003c/a\u003e — equivalent to asserting against \u003ccode\u003epage.locator('body')\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eNew \u003ccode\u003eboxes\u003c/code\u003e option on \u003ca href=\"https://playwright.dev/docs/api/class-locator#locator-aria-snapshot\"\u003elocator.ariaSnapshot()\u003c/a\u003e / \u003ca href=\"https://playwright.dev/docs/api/class-page#page-aria-snapshot\"\u003epage.ariaSnapshot()\u003c/a\u003e appends each element's bounding box as \u003ccode\u003e[box=x,y,width,height]\u003c/code\u003e, useful for AI consumption.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🛑 test.abort()\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-test#test-abort\"\u003etest.abort()\u003c/a\u003e aborts the currently running test from a fixture, hook, or route handler with an optional message. Use it when you have detected an unrecoverable misuse and want to fail the test right away:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003etest('does not publish to the shared page', async ({ page }) =\u0026gt; {\r\n  await page.route('**/publish', route =\u0026gt; {\r\n    test.abort('Tests must not publish to the shared page. Use the `clone` option.');\r\n    return route.abort();\r\n  });\r\n  // ...\r\n});\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eNew APIs\u003c/h2\u003e\n\u003ch3\u003eBrowser, Context and Page\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/87bb9ddbd78f329df18c2b24847bc9409240cd07\"\u003e\u003ccode\u003e87bb9dd\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40747\"\u003e#40747\u003c/a\u003e): fix(yauzl): vendor yauzl with destroy-lifecycle fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9a9c51cb7d1b39fab51ca288e59f8ca38fd19910\"\u003e\u003ccode\u003e9a9c51c\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40733\"\u003e#40733\u003c/a\u003e): chore(electron): revert \u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40184\"\u003e#40184\u003c/a\u003e (move Electron API to a s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/4b3b628663031bcaaeca907e337892263524634d\"\u003e\u003ccode\u003e4b3b628\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40736\"\u003e#40736\u003c/a\u003e): Revert \u0026quot;feat(electron): add timeout option to electronAp...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/f869f96bbe6607cc3b88b4ca96fd82f17b301b50\"\u003e\u003ccode\u003ef869f96\u003c/code\u003e\u003c/a\u003e chore: bump version to v1.60.0 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40714\"\u003e#40714\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/7eb6918afadfb0dd5c7e94ca9ffbddd84d8fbb39\"\u003e\u003ccode\u003e7eb6918\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40710\"\u003e#40710\u003c/a\u003e): docs: release notes v1.60\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/118d2aa6076d82840decca15d96b48611b08e392\"\u003e\u003ccode\u003e118d2aa\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40693\"\u003e#40693\u003c/a\u003e): chore(python): formdata path type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/54012f5dcc586da2e5d6cccd75f13ca367b94579\"\u003e\u003ccode\u003e54012f5\u003c/code\u003e\u003c/a\u003e chore(deps): bump ip-address and express-rate-limit (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40680\"\u003e#40680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9fa531da5677a3807d6e1dccd22c5137339a44f7\"\u003e\u003ccode\u003e9fa531d\u003c/code\u003e\u003c/a\u003e fix(screencast): unblock frame ack when an async client disconnects (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40674\"\u003e#40674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/3649db560ff943e724185784d34f7db131a11961\"\u003e\u003ccode\u003e3649db5\u003c/code\u003e\u003c/a\u003e chore(mcp): bump default extension protocol to v2 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40678\"\u003e#40678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/bb6c00957f47ba04caad7fca75d426309a2d32d4\"\u003e\u003ccode\u003ebb6c009\u003c/code\u003e\u003c/a\u003e chore(extension): mark 0.2.1 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40679\"\u003e#40679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/playwright/compare/v1.59.1...v1.60.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 25.6.0 to 25.9.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/vscode` from 1.116.0 to 1.120.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/vscode\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eslint` from 10.2.0 to 10.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint/eslint/releases\"\u003eeslint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.4.1\u003c/h2\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e557467db7496220eebcbe2ac5ea6d38c12bb1ec\"\u003e\u003ccode\u003ee557467\u003c/code\u003e\u003c/a\u003e fix: update \u003ccode\u003e@eslint/plugin-kit\u003c/code\u003e version to 0.7.2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20930\"\u003e#20930\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d4ce898796ca22c3b96aa70d3014cb85f4bac1cd\"\u003e\u003ccode\u003ed4ce898\u003c/code\u003e\u003c/a\u003e fix: propagate failures from delegated commands (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20917\"\u003e#20917\u003c/a\u003e) (Minh Vu)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f4f3507460bc016b5be979c05d2969793f570cbf\"\u003e\u003ccode\u003ef4f3507\u003c/code\u003e\u003c/a\u003e fix: prefer-arrow-callback invalid autofix with newline after \u003ccode\u003easync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20916\"\u003e#20916\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c5bc78b37e08b9054a11f0cc2d81808bb24acb85\"\u003e\u003ccode\u003ec5bc78b\u003c/code\u003e\u003c/a\u003e fix: false positive for reference in \u003ccode\u003efinally\u003c/code\u003e block (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20655\"\u003e#20655\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/27538c01f5df4e9306f6f4ba867b2dd6307fae59\"\u003e\u003ccode\u003e27538c0\u003c/code\u003e\u003c/a\u003e fix: add missing CodePath and CodePathSegment types (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20853\"\u003e#20853\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/61b0add61ffc52665562be7bb96f526690a78b30\"\u003e\u003ccode\u003e61b0add\u003c/code\u003e\u003c/a\u003e docs: remove deprecated rule from related rules of \u003ccode\u003emax-params\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20921\"\u003e#20921\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/305d5b91aeac24d36fde42f75625a8f183d4ce43\"\u003e\u003ccode\u003e305d5b9\u003c/code\u003e\u003c/a\u003e docs: remove deprecated rules from related rules section (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20911\"\u003e#20911\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/49b0202d01918b8061720d586dffd7c68047090c\"\u003e\u003ccode\u003e49b0202\u003c/code\u003e\u003c/a\u003e docs: fix \u003ccode\u003edisplay: none\u003c/code\u003e of ad (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20901\"\u003e#20901\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/9067f9492ec998afc5b4f057a477ecf6ebd45e44\"\u003e\u003ccode\u003e9067f94\u003c/code\u003e\u003c/a\u003e docs: switch build to Node.js 24 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20893\"\u003e#20893\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c91b0417e3420c76807ce1fa2aea76e2de87ab86\"\u003e\u003ccode\u003ec91b041\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e349265cb37f3ebc837e178e48a725bb782bd870\"\u003e\u003ccode\u003ee349265\u003c/code\u003e\u003c/a\u003e docs: clarify semver strings in rule deprecation objects (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20885\"\u003e#20885\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b0e466b6ab47bfc7de43d8de0c315d8ee83aa584\"\u003e\u003ccode\u003eb0e466b\u003c/code\u003e\u003c/a\u003e test: add \u003ccode\u003edata\u003c/code\u003e property to invalid tests cases for rules (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20924\"\u003e#20924\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f78838bc4c86d487e1bcc7cede260c4467721c46\"\u003e\u003ccode\u003ef78838b\u003c/code\u003e\u003c/a\u003e test: add CodePath type coverage (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20904\"\u003e#20904\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1daa4bd734b79a62e317d0394394a6b38cff49f9\"\u003e\u003ccode\u003e1daa4bd\u003c/code\u003e\u003c/a\u003e chore: update \u003ccode\u003eeslint-plugin-eslint-comments\u003c/code\u003e test data to latest commit (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20922\"\u003e#20922\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/002942ce988ea28b78e0a2f3b074081e638b552c\"\u003e\u003ccode\u003e002942c\u003c/code\u003e\u003c/a\u003e ci: declare contents:read on update-readme workflow (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20919\"\u003e#20919\u003c/a\u003e) (Arpit Jain)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/64bca24e7bed35bc3c864fc625cb2d89eca87d5b\"\u003e\u003ccode\u003e64bca24\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20912\"\u003e#20912\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/6d7c832950d5e92499d88e504080661f888f8f56\"\u003e\u003ccode\u003e6d7c832\u003c/code\u003e\u003c/a\u003e chore: ignore fflate updates in renovate (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20908\"\u003e#20908\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b2c86382164d87c6203b78d52068cd6a2a6ffe30\"\u003e\u003ccode\u003eb2c8638\u003c/code\u003e\u003c/a\u003e ci: bump pnpm/action-setup from 6.0.7 to 6.0.8 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20889\"\u003e#20889\u003c/a\u003e) (dependabot[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/a9b8d7f74c50211701cfc49710fa541fd91b2aa5\"\u003e\u003ccode\u003ea9b8d7f\u003c/code\u003e\u003c/a\u003e chore: increase maxBuffer for ecosystem tests (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20881\"\u003e#20881\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b702ead5e1ed7cb9f28238a454797662efb37396\"\u003e\u003ccode\u003eb702ead\u003c/code\u003e\u003c/a\u003e chore: update ecosystem update PR settings (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20884\"\u003e#20884\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/507f60e9a78c9a902bc8759f066ae17a1ea6cd81\"\u003e\u003ccode\u003e507f60e\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20882\"\u003e#20882\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/92f5c5bb6bf3a5d167c8ee53a430833410295c6d\"\u003e\u003ccode\u003e92f5c5b\u003c/code\u003e\u003c/a\u003e test: add unit test for message-count (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20878\"\u003e#20878\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/df321080af5758b1fa25e4b9a40e26135642dd6e\"\u003e\u003ccode\u003edf32108\u003c/code\u003e\u003c/a\u003e chore: add \u003ccode\u003e@​eslint/markdown\u003c/code\u003e and typescript-eslint ecosystem tests (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20837\"\u003e#20837\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/327f91d36aa49f2a50ded931d841a16374fd875f\"\u003e\u003ccode\u003e327f91d\u003c/code\u003e\u003c/a\u003e chore: use includeIgnoreFile internally (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20876\"\u003e#20876\u003c/a\u003e) (Kirk Waiblinger)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f0dc4bd893fb3a9f44e4ddc3ad7063ffb0beacd3\"\u003e\u003ccode\u003ef0dc4bd\u003c/code\u003e\u003c/a\u003e chore: pin fflate@0.8.2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20877\"\u003e#20877\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/0f4bd257a67a082b756de746d9e0c4842ab764ca\"\u003e\u003ccode\u003e0f4bd25\u003c/code\u003e\u003c/a\u003e ci: run Discord alert for ecosystem test failures (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20873\"\u003e#20873\u003c/a\u003e) (Copilot)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.4.0\u003c/h2\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1a45ec596af1dd5f880e6874cb8f24dafb6a7ecf\"\u003e\u003ccode\u003e1a45ec5\u003c/code\u003e\u003c/a\u003e feat: check sequence expressions in \u003ccode\u003efor-direction\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20701\"\u003e#20701\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/450040bd89b989b3531824c6be45feb5fe3d936b\"\u003e\u003ccode\u003e450040b\u003c/code\u003e\u003c/a\u003e feat: add \u003ccode\u003eincludeIgnoreFile()\u003c/code\u003e to \u003ccode\u003eeslint/config\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20735\"\u003e#20735\u003c/a\u003e) (Kirk Waiblinger)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/544c0c3da589166ad8e5d634f35d3d06701c57be\"\u003e\u003ccode\u003e544c0c3\u003c/code\u003e\u003c/a\u003e fix: escape code path DOT labels in debug output (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20866\"\u003e#20866\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/6799431203f2579632d0870f98ba132067f4040c\"\u003e\u003ccode\u003e6799431\u003c/code\u003e\u003c/a\u003e fix: update dependency \u003ccode\u003e@​eslint/config-helpers\u003c/code\u003e to ^0.6.0 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20850\"\u003e#20850\u003c/a\u003e) (renovate[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f078fef5005dceb14fc162aab7c7200e027688dd\"\u003e\u003ccode\u003ef078fef\u003c/code\u003e\u003c/a\u003e fix: handle non-array deprecated rule replacements (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20825\"\u003e#20825\u003c/a\u003e) (xbinaryx)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/7e52a7151fb92eec0e0f67fe4e5ddbd1ccce796f\"\u003e\u003ccode\u003e7e52a71\u003c/code\u003e\u003c/a\u003e docs: add mention of \u003ccode\u003e@eslint-react/eslint-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20869\"\u003e#20869\u003c/a\u003e) (Pavel)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/db3468ba746407d7f286f18f7ea9db6df0e3bc08\"\u003e\u003ccode\u003edb3468b\u003c/code\u003e\u003c/a\u003e docs: tweak wording around ambiguous CJS-vs-ESM config (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20865\"\u003e#20865\u003c/a\u003e) (Kirk Waiblinger)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/90846643ec6e97d447ae0d831fabe6d17b0a998a\"\u003e\u003ccode\u003e9084664\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/9cc73875046e3c4b8313644cbb1e99e26b36bd3f\"\u003e\u003ccode\u003e9cc7387\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/3d7b5484407403817aa9071a394d336d8ea96eb5\"\u003e\u003ccode\u003e3d7b548\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/191ec3c0a3f94ce0f110df761f0b2b8949011ccb\"\u003e\u003ccode\u003e191ec3c\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/4a3d15a99c452c4db2fd56b577fa7597e98ab0c2\"\u003e\u003ccode\u003e4a3d15a\u003c/code\u003e\u003c/a\u003e 10.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/43e7e2bdc5c6cacc535446b7d23c10f780384ba8\"\u003e\u003ccode\u003e43e7e2b\u003c/code\u003e\u003c/a\u003e Build: changelog update for 10.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e557467db7496220eebcbe2ac5ea6d38c12bb1ec\"\u003e\u003ccode\u003ee557467\u003c/code\u003e\u003c/a\u003e fix: update \u003ccode\u003e@eslint/plugin-kit\u003c/code\u003e version to 0.7.2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20930\"\u003e#20930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b0e466b6ab47bfc7de43d8de0c315d8ee83aa584\"\u003e\u003ccode\u003eb0e466b\u003c/code\u003e\u003c/a\u003e test: add \u003ccode\u003edata\u003c/code\u003e property to invalid tests cases for rules (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20924\"\u003e#20924\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d4ce898796ca22c3b96aa70d3014cb85f4bac1cd\"\u003e\u003ccode\u003ed4ce898\u003c/code\u003e\u003c/a\u003e fix: propagate failures from delegated commands (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20917\"\u003e#20917\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f4f3507460bc016b5be979c05d2969793f570cbf\"\u003e\u003ccode\u003ef4f3507\u003c/code\u003e\u003c/a\u003e fix: prefer-arrow-callback invalid autofix with newline after \u003ccode\u003easync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20916\"\u003e#20916\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f78838bc4c86d487e1bcc7cede260c4467721c46\"\u003e\u003ccode\u003ef78838b\u003c/code\u003e\u003c/a\u003e test: add CodePath type coverage (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20904\"\u003e#20904\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/61b0add61ffc52665562be7bb96f526690a78b30\"\u003e\u003ccode\u003e61b0add\u003c/code\u003e\u003c/a\u003e docs: remove deprecated rule from related rules of \u003ccode\u003emax-params\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20921\"\u003e#20921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1daa4bd734b79a62e317d0394394a6b38cff49f9\"\u003e\u003ccode\u003e1daa4bd\u003c/code\u003e\u003c/a\u003e chore: update \u003ccode\u003eeslint-plugin-eslint-comments\u003c/code\u003e test data to latest commit (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20\"\u003e#20\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/002942ce988ea28b78e0a2f3b074081e638b552c\"\u003e\u003ccode\u003e002942c\u003c/code\u003e\u003c/a\u003e ci: declare contents:read on update-readme workflow (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20919\"\u003e#20919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eslint/eslint/compare/v10.2.0...v10.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `knip` from 6.4.1 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpro-nl/knip/releases\"\u003eknip's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease 6.15.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReport exported type used only in inferred-return function body (resolve \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1765\"\u003e#1765\u003c/a\u003e) (2413408753f7abc7a9dfdba520990afd18c53ee0)\u003c/li\u003e\n\u003cli\u003eWork that EXPORTS.md again (7e13451fab7ad85362fb63a4715ea450690aedef)\u003c/li\u003e\n\u003cli\u003eUpdate npmx ecosystem snapshot (dfc401145a880f156c66eb83ea1622a99540304a)\u003c/li\u003e\n\u003cli\u003eLink \u003ccode\u003edependencies\u003c/code\u003e key with notes (closes \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1764\"\u003e#1764\u003c/a\u003e) (e3e66cea9e946558940bf8705129efea3f23b3ba)\u003c/li\u003e\n\u003cli\u003eResolve tsconfig paths when loading plugin configs (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1762\"\u003e#1762\u003c/a\u003e) (0177c7466559e2ae99b5e1cd1e3a8043ca494edc) - thanks \u003ca href=\"https://github.com/jakeleventhal\"\u003e\u003ccode\u003e@​jakeleventhal\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eAvoid caching failed plugin config loads (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1768\"\u003e#1768\u003c/a\u003e) (5e201cde9b1ba2568ead2ae790ab888c966828ae) - thanks \u003ca href=\"https://github.com/jakeleventhal\"\u003e\u003ccode\u003e@​jakeleventhal\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eResolve extensionless .sass imports in SCSS compiler (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1770\"\u003e#1770\u003c/a\u003e) (30c22835383b2355787cc2a871b22de80ff75544) - thanks \u003ca href=\"https://github.com/sebacardello\"\u003e\u003ccode\u003e@​sebacardello\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003efix(vite): detect inline module script entry points in index.html (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1772\"\u003e#1772\u003c/a\u003e) (51f4eddc9e1b2fed1ba25e81fc596e9fb514ce01) - thanks \u003ca href=\"https://github.com/lucas-spin\"\u003e\u003ccode\u003e@​lucas-spin\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eHarden vite inline module script import detection (b8abcfd2f4f5486aea08a934514bc55de86be030)\u003c/li\u003e\n\u003cli\u003eUse RecordableHistogram for timerified function stats (d575c6905704af1b0b4620edd874fc09bc86ed28)\u003c/li\u003e\n\u003cli\u003eAdd orval plugin (resolves \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1751\"\u003e#1751\u003c/a\u003e) (4c82aa82c2a02fbda27a316389f210d11621f8cb)\u003c/li\u003e\n\u003cli\u003eAdd treatTagHintsAsErrors and --no-tag-hints (resolves \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1767\"\u003e#1767\u003c/a\u003e) (4b6a573e0c1e0daf65c76c32f7336ea71db6bb64)\u003c/li\u003e\n\u003cli\u003eAdd nano-spawn plugin (resolves \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1769\"\u003e#1769\u003c/a\u003e) (b2cad06dfd9958485537c5545c6c497fc8823ac3)\u003c/li\u003e\n\u003cli\u003eSimplify glob cache validation and ignore-list assembly (df1a9603a5ea8ed7bad9588bf13672cedf37c90e)\u003c/li\u003e\n\u003cli\u003eDedupe ignore-pattern collection and dependency fixing (d49b626ad6736d7123d44568ef8c42a3e1d28aa3)\u003c/li\u003e\n\u003cli\u003eSimplify installed-binaries collection in manifest metadata (55143941eebbc8dac12c79b77c1f65a8b61dfbef)\u003c/li\u003e\n\u003cli\u003eFlatten control flow in ConfigurationChief (010d5709b0f9a3adc5ebe6e7169b9f5c4f29abc5)\u003c/li\u003e\n\u003cli\u003eInline trivial installed-binaries and types-included accessors (b5afb9f29e3474eee4bf276c1de83cb0682a5663)\u003c/li\u003e\n\u003cli\u003eFormat (eb4b178d5d90a719cdc576d644766f8f95a47876)\u003c/li\u003e\n\u003cli\u003eReplace \u003ccode\u003e@​wdio/types\u003c/code\u003e dev dep with inline types (a3747d61ee0e594854e5da0ca6cb7597e0096b99)\u003c/li\u003e\n\u003cli\u003eBump dependencies (822ab3905cb7b5a216404231607a7820105930a2)\u003c/li\u003e\n\u003cli\u003eWork AGENTS.md, etcetera (361bd4803934a01e01b08170565f8374e4e49eb2)\u003c/li\u003e\n\u003cli\u003eRemove rootDirs workaround resolved by oxc-resolver 11.20.0 (e190a9fec22db41975cf9568a31970a05c86e66b)\u003c/li\u003e\n\u003cli\u003eAdd nuxt no-root-tsconfig fixture guarding alias resolution (e3e5bc94d5f7b6ffdbc89b18d7c8d5acbb5a9008)\u003c/li\u003e\n\u003cli\u003eAllow extra args for release-it (f9c59952fa2c8c4c13bd42edc0935610900d1980)\u003c/li\u003e\n\u003cli\u003eAdd \u003ca href=\"https://github.com/vercel\"\u003e\u003ccode\u003e@​vercel\u003c/code\u003e\u003c/a\u003e as platinum sponsor (c4c06a9149c986680f0d1aa74b57a46ff1f88601)\u003c/li\u003e\n\u003cli\u003eOverhaul \u0026amp; improve --trace functionailty (60df0b05f364c8d841c0f784a06bab2a3215a32f)\u003c/li\u003e\n\u003cli\u003eRe-gen plugins.md (0f9d044d312053154498a562e3a9422a4f44afe6)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 6.14.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix vscode-knip build: pin native oxc bindings to bundled JS version (1b45a4103312c9c059560ae2e1eac25d86b4e2ac)\u003c/li\u003e\n\u003cli\u003eRelease vscode-knip@2.1.5 (328892eb04e65b4702e1ef2303db3156b8f2e1a3)\u003c/li\u003e\n\u003cli\u003eFix Astro plugin to support both possible middleware entry points (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1749\"\u003e#1749\u003c/a\u003e) (33e0cc1a530a8cf5b6b05c8b3a3ca55f8fce8a75) - thanks \u003ca href=\"https://github.com/schmalz-dmi\"\u003e\u003ccode\u003e@​schmalz-dmi\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eFix LICENSE link (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1760\"\u003e#1760\u003c/a\u003e) (829620f9077ddea086a610c279c7c1250dd66e11) - thanks \u003ca href=\"https://github.com/vortispy\"\u003e\u003ccode\u003e@​vortispy\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eFix GraphQL Codegen script config dependencies (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1756\"\u003e#1756\u003c/a\u003e) (e841c6355e7eff240e74010bfd2be8bbb22ff2b6) - thanks \u003ca href=\"https://github.com/jakeleventhal\"\u003e\u003ccode\u003e@​jakeleventhal\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eSet pnpm config via env vars, disable verify-deps in ecosystem tests (53c12248cc3e79fd79f3efde691d463fc795c40f)\u003c/li\u003e\n\u003cli\u003eUpdate slonik ecosystem snapshot (f18410b34c8554364a9f003660bebae5e826de57)\u003c/li\u003e\n\u003cli\u003eFix Serverless TypeScript plugin dependencies (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1757\"\u003e#1757\u003c/a\u003e) (ebde7f8f3e3004db7f51fb5d60a0bdc2452116ef) - thanks \u003ca href=\"https://github.com/jakeleventhal\"\u003e\u003ccode\u003e@​jakeleventhal\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eFix extended tsconfig type dependency attribution (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1758\"\u003e#1758\u003c/a\u003e) (f600b09e562317a37844ed8cdf1b9b46e06c9405) - thanks \u003ca href=\"https://github.com/jakeleventhal\"\u003e\u003ccode\u003e@​jakeleventhal\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eFix Bun binary dependency tracking (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1759\"\u003e#1759\u003c/a\u003e) (1b289239f35ff2912195b7e39a96c667c54c1fc5) - thanks \u003ca href=\"https://github.com/jakeleventhal\"\u003e\u003ccode\u003e@​jakeleventhal\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eDetect Babel plugins/presets in Vite plugin options (resolve \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1761\"\u003e#1761\u003c/a\u003e) (2753d6910743a12a207fca81cb8325c00803963a)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 6.14.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDetect dynamic imports in Svelte compiler (\u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1747\"\u003e#1747\u003c/a\u003e) (e1c1b1705f96ed7d6ac537a7969cbd07d238246a) - thanks \u003ca href=\"https://github.com/jinhyuk9714\"\u003e\u003ccode\u003e@​jinhyuk9714\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eDetect dynamic import attributes; share import matcher with Astro-MDX (9dae64166bbc45be1abeb8d741127d109d48d351)\u003c/li\u003e\n\u003cli\u003eWork the docs (close \u003ca href=\"https://github.com/webpro-nl/knip/tree/HEAD/packages/knip/issues/1746\"\u003e#1746\u003c/a\u003e) (919cba2f11d1979b854c7abaaca8992ee8b08e23)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 6.14.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eResolve imports satisfied via transitive peerDeps (d654ec74d)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/3f3769e37b75e3d35e3713e8435735adc00df52b\"\u003e\u003ccode\u003e3f3769e\u003c/code\u003e\u003c/a\u003e Release knip@6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/60df0b05f364c8d841c0f784a06bab2a3215a32f\"\u003e\u003ccode\u003e60df0b0\u003c/code\u003e\u003c/a\u003e Overhaul \u0026amp; improve --trace functionailty\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/e3e5bc94d5f7b6ffdbc89b18d7c8d5acbb5a9008\"\u003e\u003ccode\u003ee3e5bc9\u003c/code\u003e\u003c/a\u003e Add nuxt no-root-tsconfig fixture guarding alias resolution\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/e190a9fec22db41975cf9568a31970a05c86e66b\"\u003e\u003ccode\u003ee190a9f\u003c/code\u003e\u003c/a\u003e Remove rootDirs workaround resolved by oxc-resolver 11.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/822ab3905cb7b5a216404231607a7820105930a2\"\u003e\u003ccode\u003e822ab39\u003c/code\u003e\u003c/a\u003e Bump dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/a3747d61ee0e594854e5da0ca6cb7597e0096b99\"\u003e\u003ccode\u003ea3747d6\u003c/code\u003e\u003c/a\u003e Replace \u003ccode\u003e@​wdio/types\u003c/code\u003e dev dep with inline types\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/eb4b178d5d90a719cdc576d644766f8f95a47876\"\u003e\u003ccode\u003eeb4b178\u003c/code\u003e\u003c/a\u003e Format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/b5afb9f29e3474eee4bf276c1de83cb0682a5663\"\u003e\u003ccode\u003eb5afb9f\u003c/code\u003e\u003c/a\u003e Inline trivial installed-binaries and types-included accessors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/010d5709b0f9a3adc5ebe6e7169b9f5c4f29abc5\"\u003e\u003ccode\u003e010d570\u003c/code\u003e\u003c/a\u003e Flatten control flow in ConfigurationChief\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpro-nl/knip/commit/55143941eebbc8dac12c79b77c1f65a8b61dfbef\"\u003e\u003ccode\u003e5514394\u003c/code\u003e\u003c/a\u003e Simplify installed-binaries collection in manifest metadata\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/webpro-nl/knip/commits/knip@6.15.0/packages/knip\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tsx` from 4.21.0 to 4.22.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/privatenumber/tsx/releases\"\u003etsx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.22.3...v4.22.4\"\u003e4.22.4\u003c/a\u003e (2026-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eresolve CommonJS directory requires inside dependencies (\u003ca href=\"https://redirect.github.com/privatenumber/tsx/issues/803\"\u003e#803\u003c/a\u003e) (\u003ca href=\"https://github.com/privatenumber/tsx/commit/1ce846335b7c445a3328c7d27f06424949356d97\"\u003e1ce8463\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eThis release is also available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/tsx/v/4.22.4\"\u003e\u003ccode\u003enpm package (@​latest dist-tag)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.22.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.22.2...v4.22.3\"\u003e4.22.3\u003c/a\u003e (2026-05-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edecode typed loader source (\u003ca href=\"https://github.com/privatenumber/tsx/commit/dce02fc3b8b64a58d24560714902b16f89332f1f\"\u003edce02fc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epreserve entrypoint with TypeScript preload hooks (\u003ca href=\"https://github.com/privatenumber/tsx/commit/68f72f3304d8c3ff7048bde8571af9c163fcefa2\"\u003e68f72f3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eThis release is also available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/tsx/v/4.22.3\"\u003e\u003ccode\u003enpm package (@​latest dist-tag)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.22.1...v4.22.2\"\u003e4.22.2\u003c/a\u003e (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epreserve CJS JSON require in ESM hooks (\u003ca href=\"https://github.com/privatenumber/tsx/commit/35b700bd8620696df03827068af29dcd0d091a60\"\u003e35b700b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003epreserve named exports from CommonJS TypeScript (\u003ca href=\"https://github.com/privatenumber/tsx/commit/11de737dae1fb9dae28db3716df5b1a7e1a6a089\"\u003e11de737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport module.exports require(esm) interop (\u003ca href=\"https://github.com/privatenumber/tsx/commit/cf8f19918e4e0a0dc5ee5c52d8cc15e5e22d7c49\"\u003ecf8f199\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eThis release is also available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/tsx/v/4.22.2\"\u003e\u003ccode\u003enpm package (@​latest dist-tag)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.22.0...v4.22.1\"\u003e4.22.1\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eresolve tsconfig path aliases containing a colon (\u003ca href=\"https://redirect.github.com/privatenumber/tsx/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/privatenumber/tsx/commit/6979f28810829dc79ec9baf406e162a18b65ab4b\"\u003e6979f28\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eThis release is also available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/tsx/v/4.22.1\"\u003e\u003ccode\u003enpm package (@​latest dist-tag)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/1ce846335b7c445a3328c7d27f06424949356d97\"\u003e\u003ccode\u003e1ce8463\u003c/code\u003e\u003c/a\u003e fix: resolve CommonJS directory requires inside dependencies (\u003ca href=\"https://redirect.github.com/privatenumber/tsx/issues/803\"\u003e#803\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/dce02fc3b8b64a58d24560714902b16f89332f1f\"\u003e\u003ccode\u003edce02fc\u003c/code\u003e\u003c/a\u003e fix: decode typed loader source\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/68f72f3304d8c3ff7048bde8571af9c163fcefa2\"\u003e\u003ccode\u003e68f72f3\u003c/code\u003e\u003c/a\u003e fix: preserve entrypoint with TypeScript preload hooks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/69455cfefbfe71100a3c58d3ce7cea42445d9113\"\u003e\u003ccode\u003e69455cf\u003c/code\u003e\u003c/a\u003e test: cover package exports for ambiguous ESM reexports\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/35b700bd8620696df03827068af29dcd0d091a60\"\u003e\u003ccode\u003e35b700b\u003c/code\u003e\u003c/a\u003e fix: preserve CJS JSON require in ESM hooks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/ef807dba6832260fb4cafd78d81f5469a733966b\"\u003e\u003ccode\u003eef807db\u003c/code\u003e\u003c/a\u003e chore: update testing dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/3917090d4f61863ea6ea16e4a9a3722a112cc3f7\"\u003e\u003ccode\u003e3917090\u003c/code\u003e\u003c/a\u003e test: document compatibility test taxonomy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/de8113ffa8edbcd4e05fa218324c3e8c2a4afdbe\"\u003e\u003ccode\u003ede8113f\u003c/code\u003e\u003c/a\u003e refactor: centralize Node capability facts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/c1f62db45ada60b24ceb3dfdf7f64173d9a15396\"\u003e\u003ccode\u003ec1f62db\u003c/code\u003e\u003c/a\u003e test: consolidate tsconfig path edge coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/privatenumber/tsx/commit/4e08174ec10276ac71c9a69eb28426ad702d0c76\"\u003e\u003ccode\u003e4e08174\u003c/code\u003e\u003c/a\u003e test: consolidate loader hook coverage\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/privatenumber/tsx/compare/v4.21.0...v4.22.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for tsx since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `typescript-eslint` from 8.58.2 to 8.60.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases\"\u003etypescript-eslint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.60.1\u003c/h2\u003e\n\u003ch2\u003e8.60.1 (2026-06-01)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eeslint-plugin:\u003c/strong\u003e respect ECMAScript line terminators in ts-comment rules (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12352\"\u003e#12352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eeslint-plugin:\u003c/strong\u003e [no-shadow] correct rule to match ESLint v10 handling (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12182\"\u003e#12182\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elumir\u003c/li\u003e\n\u003cli\u003eNevette Bailey \u003ca href=\"https://github.com/nevette-bailey\"\u003e\u003ccode\u003e@​nevette-bailey\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.1\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003ev8.60.0\u003c/h2\u003e\n\u003ch2\u003e8.60.0 (2026-05-25)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erule-tester:\u003c/strong\u003e added updates of RuleTester from upstream (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12291\"\u003e#12291\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eplayground TS version selector is not working (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12326\"\u003e#12326\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/issues/12325\"\u003e#12325\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEvyatar Daud \u003ca href=\"https://github.com/StyleShit\"\u003e\u003ccode\u003e@​StyleShit\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eVinccool96\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003ev8.59.4\u003c/h2\u003e\n\u003ch2\u003e8.59.4 (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eeslint-plugin:\u003c/strong\u003e [no-floating-promises] stack overflow when using recursive types (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12294\"\u003e#12294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eproject-service:\u003c/strong\u003e throw error cause in \u003ccode\u003egetParsedConfigFileFromTSServer\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12321\"\u003e#12321\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypescript-eslint:\u003c/strong\u003e export Compatible* types from typescript-eslint to resolve pnpm TS error (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12340\"\u003e#12340\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEvyatar Daud \u003ca href=\"https://github.com/StyleShit\"\u003e\u003ccode\u003e@​StyleShit\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md\"\u003etypescript-eslint's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.60.1 (2026-06-01)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.1\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.60.0 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.59.4 (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript-eslint:\u003c/strong\u003e export Compatible* types from typescript-eslint to resolve pnpm TS error (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12340\"\u003e#12340\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.4\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.59.3 (2026-05-11)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.3\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.59.2 (2026-05-04)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.2\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.59.1 (2026-04-27)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/4f84a697aedc436559c3ae09b5b357d98b448d68\"\u003e\u003ccode\u003e4f84a69\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.60.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/1849b530c254fb4f89d7270160f3a998e4acd964\"\u003e\u003ccode\u003e1849b53\u003c/code\u003e\u003c/a\u003e chore: typecheck using tsgo (\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/12139\"\u003e#12139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/f891c29de5f3e23f3d8c59cc599d3196e54e9b58\"\u003e\u003ccode\u003ef891c29\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.60.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/ca6ca1431b6d18235297a7e29feb5d98f012dff2\"\u003e\u003ccode\u003eca6ca14\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/4b927c607755b2648d5854b9e928c1dbb2b8e088\"\u003e\u003ccode\u003e4b927c6\u003c/code\u003e\u003c/a\u003e fix(typescript-eslint): export Compatible* types from typescript-eslint to re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/48e13c0261e3cb1bf4f4dfaa462cdb3a56ef7383\"\u003e\u003ccode\u003e48e13c0\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/44f9625336841a8ee3eb01a9e02e49b1d7b12648\"\u003e\u003ccode\u003e44f9625\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4.1.5 (\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/12307\"\u003e#12307\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/2ec35f1760aade4df4c631d76d78c7ed5e136333\"\u003e\u003ccode\u003e2ec35f1\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/52457932e5507b5ca01e720a541f3f8d01e09b9d\"\u003e\u003ccode\u003e5245793\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/ea9ae4f8817873480e3501145059f63e39e8d8a1\"\u003e\u003ccode\u003eea9ae4f\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commits/v8.60.1/packages/typescript-eslint\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/jason2071/sample-pixel-agents/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/jason2071%2Fsample-pixel-agents/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"9.1.1","new_version":"9.1.3","update_type":"patch","path":null,"pr_created_at":"2026-06-02T03:39:39.000Z","version_change":"9.1.1 → 9.1.3","issue":{"uuid":"4568198156","node_id":"PR_kwDORKyzps7hnykU","number":252,"state":"open","title":"chore(deps): bump the production-dependencies group with 5 updates","user":"dependabot[bot]","labels":[],"assignees":["berntpopp"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-02T03:39:39.000Z","updated_at":"2026-06-02T03:39:40.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"production-dependencies","update_count":5,"packages":[{"name":"@fastify/static","old_version":"9.1.1","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"},{"name":"plotly.js-basic-dist-min","old_version":"3.5.1","new_version":"3.6.0","repository_url":"https://github.com/plotly/plotly.js"},{"name":"stream-json","old_version":"3.1.0","new_version":"3.3.0","repository_url":"https://github.com/uhop/stream-json"},{"name":"vue-router","old_version":"5.0.7","new_version":"5.1.0","repository_url":"https://github.com/vuejs/router"},{"name":"vuetify","old_version":"4.0.7","new_version":"4.0.8","repository_url":"https://github.com/vuetifyjs/vuetify"}],"path":null,"ecosystem":"npm"},"body":"Bumps the production-dependencies group with 5 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `9.1.1` | `9.1.3` |\n| [plotly.js-basic-dist-min](https://github.com/plotly/plotly.js) | `3.5.1` | `3.6.0` |\n| [stream-json](https://github.com/uhop/stream-json) | `3.1.0` | `3.3.0` |\n| [vue-router](https://github.com/vuejs/router) | `5.0.7` | `5.1.0` |\n| [vuetify](https://github.com/vuetifyjs/vuetify/tree/HEAD/packages/vuetify) | `4.0.7` | `4.0.8` |\n\nUpdates `@fastify/static` from 9.1.1 to 9.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: support wildcard prefixes with route params by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/576\"\u003efastify/fastify-static#576\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: resolve wildcard paths in encapsulated contexts by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/574\"\u003efastify/fastify-static#574\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/880c1a6c9118c7ff7c74a5727e5697237183d5cf\"\u003e\u003ccode\u003e880c1a6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/7f92da5bf2366ccd2e0082e77d5222a7cb47d152\"\u003e\u003ccode\u003e7f92da5\u003c/code\u003e\u003c/a\u003e fix: support wildcard prefixes with route params (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/b0a66d5270a1ee1535e0c786d9beac2c7c7619c6\"\u003e\u003ccode\u003eb0a66d5\u003c/code\u003e\u003c/a\u003e Bumped v9.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/32af86372ab45d3799408d5b56fc7f7d3003e5de\"\u003e\u003ccode\u003e32af863\u003c/code\u003e\u003c/a\u003e fix: resolve wildcard paths in encapsulated contexts (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `plotly.js-basic-dist-min` from 3.5.1 to 3.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/plotly/plotly.js/releases\"\u003eplotly.js-basic-dist-min's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.6.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for arrays for the pie property \u003ccode\u003elegendrank\u003c/code\u003e, so that it can be configured per slice [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7723\"\u003e#7723\u003c/a\u003e], with thanks to \u003ca href=\"https://github.com/my-tien\"\u003e\u003ccode\u003e@​my-tien\u003c/code\u003e\u003c/a\u003e for the contribution!\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ehoversort\u003c/code\u003e layout attribute to sort unified hover label items by value [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7734\"\u003e#7734\u003c/a\u003e], with thanks to \u003ca href=\"https://github.com/kimsehwan96\"\u003e\u003ccode\u003e@​kimsehwan96\u003c/code\u003e\u003c/a\u003e for the contribution!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix unexpected \u003ccode\u003eticklabelindex\u003c/code\u003e behavior when minor ticks are not shown [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7735\"\u003e#7735\u003c/a\u003e], with thanks to \u003ca href=\"https://github.com/my-tien\"\u003e\u003ccode\u003e@​my-tien\u003c/code\u003e\u003c/a\u003e for the contribution!\u003c/li\u003e\n\u003cli\u003eFix issue where \u003ccode\u003ehoveranywhere\u003c/code\u003e / \u003ccode\u003eclickanywhere\u003c/code\u003e would not emit hover and click events over editable shapes [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7788\"\u003e#7788\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eHandle 'pixel' size mode for shape labels [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7790\"\u003e#7790\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate box plot defaults to fix issue with calling \u003ccode\u003ePlotly.react\u003c/code\u003e to switch from box to violin plot [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7811\"\u003e#7811\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eInclude shapes with \u003ccode\u003elegendgroup\u003c/code\u003e specified when handling legend visibility toggling [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7813\"\u003e#7813\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/plotly/plotly.js/compare/v3.5.1...v3.6.0\"\u003ehttps://github.com/plotly/plotly.js/compare/v3.5.1...v3.6.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/plotly/plotly.js/blob/master/CHANGELOG.md\"\u003eplotly.js-basic-dist-min's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.6.0] -- 2026-06-01\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for arrays for the pie property \u003ccode\u003elegendrank\u003c/code\u003e, so that it can be configured per slice [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7723\"\u003e#7723\u003c/a\u003e], with thanks to \u003ca href=\"https://github.com/my-tien\"\u003e\u003ccode\u003e@​my-tien\u003c/code\u003e\u003c/a\u003e for the contribution!\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ehoversort\u003c/code\u003e layout attribute to sort unified hover label items by value [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7734\"\u003e#7734\u003c/a\u003e], with thanks to \u003ca href=\"https://github.com/kimsehwan96\"\u003e\u003ccode\u003e@​kimsehwan96\u003c/code\u003e\u003c/a\u003e for the contribution!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix unexpected \u003ccode\u003eticklabelindex\u003c/code\u003e behavior when minor ticks are not shown [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7735\"\u003e#7735\u003c/a\u003e], with thanks to \u003ca href=\"https://github.com/my-tien\"\u003e\u003ccode\u003e@​my-tien\u003c/code\u003e\u003c/a\u003e for the contribution!\u003c/li\u003e\n\u003cli\u003eFix issue where \u003ccode\u003ehoveranywhere\u003c/code\u003e / \u003ccode\u003eclickanywhere\u003c/code\u003e would not emit hover and click events over editable shapes [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7788\"\u003e#7788\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eHandle 'pixel' size mode for shape labels [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7790\"\u003e#7790\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate box plot defaults to fix issue with calling \u003ccode\u003ePlotly.react\u003c/code\u003e to switch from box to violin plot [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7811\"\u003e#7811\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eInclude shapes with \u003ccode\u003elegendgroup\u003c/code\u003e specified when handling legend visibility toggling [\u003ca href=\"https://redirect.github.com/plotly/plotly.js/pull/7813\"\u003e#7813\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/plotly.js/commit/ca26165100b7a76624dd2333e0f5189bfa7f6636\"\u003e\u003ccode\u003eca26165\u003c/code\u003e\u003c/a\u003e 3.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/plotly.js/commit/966b223ae4754e4fff28c4dc4d9306bab34195bc\"\u003e\u003ccode\u003e966b223\u003c/code\u003e\u003c/a\u003e updates for release v3.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/plotly.js/commit/067ce36d2bb5d9f7b598e00756876ec0827e48ce\"\u003e\u003ccode\u003e067ce36\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/plotly.js/issues/7814\"\u003e#7814\u003c/a\u003e from plotly/fix-typo-in-upload-dev-build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/plotly.js/commit/856b506998635edf41112dfc38eb7b4597f8983b\"\u003e\u003ccode\u003e856b506\u003c/code\u003e\u003c/a\u003e Fix typo in property name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/plotly.js/commit/21ce92bbc564ebdd2bcd22cc1643293586ec5b2e\"\u003e\u003ccode\u003e21ce92b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/plotly.js/issues/7811\"\u003e#7811\u003c/a\u003e from plotly/cam/7791/box-to-violin-plot-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/plotly.js/commit/dbefbad33a3abb8278f2fc980c3ba8c1403f364c\"\u003e\u003ccode\u003edbefbad\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/plotly.js/issues/7813\"\u003e#7813\u003c/a\u003e from plotly/cam/6771/fix-legendgroup-toggling-shapes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/plotly.js/commit/76296e8820a3ea2df49c1753c42aafc6a955a08e\"\u003e\u003ccode\u003e76296e8\u003c/code\u003e\u003c/a\u003e Add draftlog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/plotly.js/commit/c1b147f0c134d4b2808d9c92b737027480052247\"\u003e\u003ccode\u003ec1b147f\u003c/code\u003e\u003c/a\u003e Add test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/plotly.js/commit/1a08754e6596df00030e9723cabc705d300056ac\"\u003e\u003ccode\u003e1a08754\u003c/code\u003e\u003c/a\u003e Include shapes with legendgroup when handling legend click\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/plotly.js/commit/61b81860b4ee1ac1c5c2361ff2477b69fcd50eb3\"\u003e\u003ccode\u003e61b8186\u003c/code\u003e\u003c/a\u003e Linting/formatting\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/plotly/plotly.js/compare/v3.5.1...v3.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `stream-json` from 3.1.0 to 3.3.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uhop/stream-json/commit/64bebf86f3c4979bde4e81394f6ca60afe37dea5\"\u003e\u003ccode\u003e64bebf8\u003c/code\u003e\u003c/a\u003e Updated deps.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uhop/stream-json/commit/21bf254b41721d9f7aa208ccd67de898eeee2889\"\u003e\u003ccode\u003e21bf254\u003c/code\u003e\u003c/a\u003e New version: 3.3.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uhop/stream-json/commit/59ab722661a7f94a820c5f03a660f3e53f282c3c\"\u003e\u003ccode\u003e59ab722\u003c/code\u003e\u003c/a\u003e JSONC parser emits comma and stringer can consume it.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uhop/stream-json/commit/01e1390fe65c9b7f9a227b1b91d2f72ff97ef899\"\u003e\u003ccode\u003e01e1390\u003c/code\u003e\u003c/a\u003e Added \u003ccode\u003etrailingComma\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uhop/stream-json/commit/00b34eabae657e0d08d7e5f31788962c780fc686\"\u003e\u003ccode\u003e00b34ea\u003c/code\u003e\u003c/a\u003e Cleaned up JSONL.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uhop/stream-json/commit/2da75f5f87faf2004f0630daeafc6d3bd1e37ee0\"\u003e\u003ccode\u003e2da75f5\u003c/code\u003e\u003c/a\u003e Delegated JSONL to \u003ccode\u003estream-chain\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uhop/stream-json/commit/9d9b2a4c244292197c9ca52ebe0c8c7b421f3a5c\"\u003e\u003ccode\u003e9d9b2a4\u003c/code\u003e\u003c/a\u003e Added file adapters.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uhop/stream-json/commit/edd0b85f2d5b2a42d4445de789330ec206831792\"\u003e\u003ccode\u003eedd0b85\u003c/code\u003e\u003c/a\u003e Switched to char parsing for comments.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uhop/stream-json/commit/09c435f8dfc6483dedcc295ce0e4a26165aa02e1\"\u003e\u003ccode\u003e09c435f\u003c/code\u003e\u003c/a\u003e Updated docs.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uhop/stream-json/commit/d51498b257c6ec4e98784f50b6d73c847ce67c12\"\u003e\u003ccode\u003ed51498b\u003c/code\u003e\u003c/a\u003e Fixed stringer export.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uhop/stream-json/compare/3.1.0...3.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vue-router` from 5.0.7 to 5.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vuejs/router/releases\"\u003evue-router's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.1.0\u003c/h2\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTyped definePage params.path  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vuejs/router/issues/2716\"\u003evuejs/router#2716\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/d65de749\"\u003e\u003c!-- raw HTML omitted --\u003e(d65de)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStrict type for definePage param default  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/0ae10cdd\"\u003e\u003c!-- raw HTML omitted --\u003e(0ae10)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport raw param parsers  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/eadec558\"\u003e\u003c!-- raw HTML omitted --\u003e(eadec)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eForce array type raw param parsers  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/7a68b87c\"\u003e\u003c!-- raw HTML omitted --\u003e(7a68b)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow overriding the global Router type  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/1cd93b33\"\u003e\u003c!-- raw HTML omitted --\u003e(1cd93)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEmit runtime warning for invalid format in query params  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/8259a09c\"\u003e\u003c!-- raw HTML omitted --\u003e(8259a)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOverride useRouter() return with experimental types config  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/39a344f7\"\u003e\u003c!-- raw HTML omitted --\u003e(39a34)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow string as a param parser for convenience  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/be37b798\"\u003e\u003c!-- raw HTML omitted --\u003e(be37b)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix auto import fixes and make experimental esm only  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/db3a6b37\"\u003e\u003c!-- raw HTML omitted --\u003e(db3a6)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeterministic param parser types order  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/bf0fc9b6\"\u003e\u003c!-- raw HTML omitted --\u003e(bf0fc)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid importing unused param parsers  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/41c00e7c\"\u003e\u003c!-- raw HTML omitted --\u003e(41c00)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFilter invalid query params without failing to match  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/db7178a5\"\u003e\u003c!-- raw HTML omitted --\u003e(db717)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDetect not set format  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/aa89e2ee\"\u003e\u003c!-- raw HTML omitted --\u003e(aa89e)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow undefined values for params in query  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/4726e2b6\"\u003e\u003c!-- raw HTML omitted --\u003e(4726e)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eexperimental\u003c/strong\u003e: Repeatable params in subsegments  -  by \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/846640e4\"\u003e\u003c!-- raw HTML omitted --\u003e(84664)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes\u003c/strong\u003e: Add vite as optional peer dependency  -  by \u003ca href=\"https://github.com/ForgottenR\"\u003e\u003ccode\u003e@​ForgottenR\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/posva\"\u003e\u003ccode\u003e@​posva\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eshihuijie\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vuejs/router/issues/2712\"\u003evuejs/router#2712\u003c/a\u003e \u003ca href=\"https://github.com/vuejs/router/commit/facbf6b1\"\u003e\u003c!-- raw HTML omitted --\u003e(facbf)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vuejs/router/compare/v5.0.7...v5.1.0\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/router/commit/c0e3226dabccd7596b996ce851386997ea2d3cca\"\u003e\u003ccode\u003ec0e3226\u003c/code\u003e\u003c/a\u003e release: vue-router@5.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/router/commit/9ca76720bb7189dbfda1f2cf6255b876517d121c\"\u003e\u003ccode\u003e9ca7672\u003c/code\u003e\u003c/a\u003e chore: fix playgroundc usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/router/commit/315cc09e6779615434186272503aba71684f7bc4\"\u003e\u003ccode\u003e315cc09\u003c/code\u003e\u003c/a\u003e refactor(experimental): remove defineQueryParamParser and definePathParamParser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/router/commit/7fa42f455d5fb660b7035722bd9ee373b590cbfb\"\u003e\u003ccode\u003e7fa42f4\u003c/code\u003e\u003c/a\u003e docs: fix gen and dead links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/router/commit/1b3a0683cbe7d95b5aadaea3b19a435c70489c53\"\u003e\u003ccode\u003e1b3a068\u003c/code\u003e\u003c/a\u003e refactor: organize imports and exports add back Router\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/router/commit/665be2dda8e770a7e9a2136c9692cf80519ab133\"\u003e\u003ccode\u003e665be2d\u003c/code\u003e\u003c/a\u003e docs: links update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/router/commit/5d79bd2b9c18db12f87d83e41c014efc10e617c9\"\u003e\u003ccode\u003e5d79bd2\u003c/code\u003e\u003c/a\u003e chore: unused param\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/router/commit/9ccf3d1758ee53eabe781ceabb46287f645ffa18\"\u003e\u003ccode\u003e9ccf3d1\u003c/code\u003e\u003c/a\u003e docs: experimental\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/router/commit/eee8ac6c6aee19b05910ae4147faae122869b186\"\u003e\u003ccode\u003eeee8ac6\u003c/code\u003e\u003c/a\u003e chore: playground param parsers testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/router/commit/0194b85b7275ee172024baed3da6fb180a1bda2b\"\u003e\u003ccode\u003e0194b85\u003c/code\u003e\u003c/a\u003e build: build before test:types\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vuejs/router/compare/v5.0.7...v5.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vuetify` from 4.0.7 to 4.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vuetifyjs/vuetify/releases\"\u003evuetify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.8\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!CAUTION]\nVuetify Needs Your Support! The OpenCollective funds dried up. We are currently \u003cstrong\u003eunable to compensate our contributors\u003c/strong\u003e for their continued work on the framework and the ecosystem tools.\u003c/p\u003e\n\u003cp\u003eIf Vuetify is part of your stack, please consider sponsoring the project so we can continue delivering updates and fixes.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ca href=\"https://opencollective.com/vuetify\"\u003eSponsor via Open Collective\u003c/a\u003e\u003c/strong\u003e | \u003cstrong\u003e\u003ca href=\"https://github.com/sponsors/johnleider\"\u003eSponsor via GitHub\u003c/a\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eWhat happens when you open source project depends on unpaid labor:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ereleases appear less frequently\u003c/li\u003e\n\u003cli\u003ehard bugs get sidelined because nobody can afford the time to fix them\u003c/li\u003e\n\u003cli\u003emaintainers burn out from juggling day jobs with the framework you depend on\u003c/li\u003e\n\u003cli\u003eroadmap targets are moved\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eEvery contribution helps us keep Vuetify alive and ship exciting new features.\u003c/p\u003e\n\u003cp\u003eThank you.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003chr /\u003e\n\u003ch3\u003e:wrench: Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etheme:\u003c/strong\u003e support transparent hex color for CSS variables (\u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22875\"\u003e#22875\u003c/a\u003e) (\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/a986920876beb7f0c8e90f1b44848b942fe535e4\"\u003ea986920\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22865\"\u003e#22865\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eVAutocomplete/VCombobox:\u003c/strong\u003e click in empty space should not close menu (\u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22754\"\u003e#22754\u003c/a\u003e) (\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/d8b16d4f793a813baabdceaf6171750d940bdf06\"\u003ed8b16d4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eVBtnToggle:\u003c/strong\u003e restore active overlay when no color is set (\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/70804c2955d1beca7af60b9c001492d432fc6c51\"\u003e70804c2\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22856\"\u003e#22856\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eVOverlay:\u003c/strong\u003e restore focus without preventing Enter keydown (\u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22276\"\u003e#22276\u003c/a\u003e) (\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/f4d376ddc9542a50fb6c32c1867536e431d92927\"\u003ef4d376d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/19872\"\u003e#19872\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22387\"\u003e#22387\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eVOverlay:\u003c/strong\u003e pull focus to trap when it biefly escapes (\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/5d52b80a0378c017a8f8215abf1eeb96fef0f470\"\u003e5d52b80\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22322\"\u003e#22322\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eVSelect/VAutocomplete/VCombobox:\u003c/strong\u003e keep menu open when scrolling (\u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22877\"\u003e#22877\u003c/a\u003e) (\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/300af6dd811ad78ebe51821284aae5fd4f5ea66b\"\u003e300af6d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22850\"\u003e#22850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eVSwitch:\u003c/strong\u003e suppress user-agent styles to avoid click dead-zone (\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/3e16cc04c01764921371e2eab41cf84e8cd7af99\"\u003e3e16cc0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e:fire: Performance Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eVForm:\u003c/strong\u003e avoid eager .value reads in default slot props (\u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22846\"\u003e#22846\u003c/a\u003e) (\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/43696084b969fa884a2f3b6f6f8797703293343f\"\u003e4369608\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuetifyjs/vuetify/issues/22816\"\u003e#22816\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/fe43accf33123984d7afca86369cbc2048e604da\"\u003e\u003ccode\u003efe43acc\u003c/code\u003e\u003c/a\u003e chore(release): publish v4.0.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/b16628512cf52b6bf492bd14be2e604b2dcc18e1\"\u003e\u003ccode\u003eb166285\u003c/code\u003e\u003c/a\u003e chore(VCombobox): fix flaky test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/300af6dd811ad78ebe51821284aae5fd4f5ea66b\"\u003e\u003ccode\u003e300af6d\u003c/code\u003e\u003c/a\u003e fix(VSelect/VAutocomplete/VCombobox): keep menu open when scrolling (\u003ca href=\"https://github.com/vuetifyjs/vuetify/tree/HEAD/packages/vuetify/issues/22877\"\u003e#22877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/d8b16d4f793a813baabdceaf6171750d940bdf06\"\u003e\u003ccode\u003ed8b16d4\u003c/code\u003e\u003c/a\u003e fix(VAutocomplete/VCombobox): click in empty space should not close menu (\u003ca href=\"https://github.com/vuetifyjs/vuetify/tree/HEAD/packages/vuetify/issues/22\"\u003e#22\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/f4d376ddc9542a50fb6c32c1867536e431d92927\"\u003e\u003ccode\u003ef4d376d\u003c/code\u003e\u003c/a\u003e fix(VOverlay): restore focus without preventing Enter keydown (\u003ca href=\"https://github.com/vuetifyjs/vuetify/tree/HEAD/packages/vuetify/issues/22276\"\u003e#22276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/a986920876beb7f0c8e90f1b44848b942fe535e4\"\u003e\u003ccode\u003ea986920\u003c/code\u003e\u003c/a\u003e fix(theme): support transparent hex color for CSS variables (\u003ca href=\"https://github.com/vuetifyjs/vuetify/tree/HEAD/packages/vuetify/issues/22875\"\u003e#22875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/43696084b969fa884a2f3b6f6f8797703293343f\"\u003e\u003ccode\u003e4369608\u003c/code\u003e\u003c/a\u003e perf(VForm): avoid eager .value reads in default slot props (\u003ca href=\"https://github.com/vuetifyjs/vuetify/tree/HEAD/packages/vuetify/issues/22846\"\u003e#22846\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/3e16cc04c01764921371e2eab41cf84e8cd7af99\"\u003e\u003ccode\u003e3e16cc0\u003c/code\u003e\u003c/a\u003e fix(VSwitch): suppress user-agent styles to avoid click dead-zone\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/5d52b80a0378c017a8f8215abf1eeb96fef0f470\"\u003e\u003ccode\u003e5d52b80\u003c/code\u003e\u003c/a\u003e fix(VOverlay): pull focus to trap when it biefly escapes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuetifyjs/vuetify/commit/70804c2955d1beca7af60b9c001492d432fc6c51\"\u003e\u003ccode\u003e70804c2\u003c/code\u003e\u003c/a\u003e fix(VBtnToggle): restore active overlay when no color is set\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vuetifyjs/vuetify/commits/v4.0.8/packages/vuetify\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/berntpopp/VarLens/pull/252","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/berntpopp%2FVarLens/issues/252","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/252/packages"}},{"old_version":"8.3.0","new_version":"9.1.1","update_type":"major","path":null,"pr_created_at":"2026-05-28T22:37:47.000Z","version_change":"8.3.0 → 9.1.1","issue":{"uuid":"4544297545","node_id":"PR_kwDORu7QIs7gblj9","number":773,"state":"open","title":"chore(deps): bump @fastify/static from 8.3.0 to 9.1.1","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-28T22:37:47.000Z","updated_at":"2026-05-29T04:00:14.913Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"@fastify/static","old_version":"8.3.0","new_version":"9.1.1","repository_url":"https://github.com/fastify/fastify-static"}],"path":null,"ecosystem":"npm"},"body":"Bumps [@fastify/static](https://github.com/fastify/fastify-static) from 8.3.0 to 9.1.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6410 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\u003c/a\u003e.\nThis fixes CVE CVE-2026-6414 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/570\"\u003efastify/fastify-static#570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/552\"\u003efastify/fastify-static#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move ignoreTrailingSlash under routerOptions by \u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/543\"\u003efastify/fastify-static#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump pino and borp dependencies, delete stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update syntax typescript by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/558\"\u003efastify/fastify-static#558\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/560\"\u003efastify/fastify-static#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: sendFile ignoring option overrides in some cases by \u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade c8 to v11.0.0 and improvements test by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/564\"\u003efastify/fastify-static#564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/566\"\u003efastify/fastify-static#566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump content-disposition from 0.5.4 to 1.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/547\"\u003efastify/fastify-static#547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate glob@13 by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/550\"\u003efastify/fastify-static#550\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/48b136f5d8da0efea328f49f6202ab3edabf608b\"\u003e\u003ccode\u003e48b136f\u003c/code\u003e\u003c/a\u003e Bumped v9.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/cc7b7f7e00a5f028599ba17392b831afd0c651aa\"\u003e\u003ccode\u003ecc7b7f7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/9921faa7ffe4931f4bbd2d1a8b6d90e720081856\"\u003e\u003ccode\u003e9921faa\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/4183d2d8dd52b11c27f7adc22abb8d2531ad4a02\"\u003e\u003ccode\u003e4183d2d\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/a3a8cd6c7a5b0937d7ad939564991c284f09754a\"\u003e\u003ccode\u003ea3a8cd6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/8423c80016917b40a3e42c38fd55070a89d1b9b8\"\u003e\u003ccode\u003e8423c80\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/475dce148995ac754a8cb344bad63c8cbd6517d2\"\u003e\u003ccode\u003e475dce1\u003c/code\u003e\u003c/a\u003e chore: upgrade c8 to v11.0.0 and improvements test (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/3ff0f39b94da96f42a88ed57c554abc8381806c3\"\u003e\u003ccode\u003e3ff0f39\u003c/code\u003e\u003c/a\u003e fix: sendFile ignoring option overrides in some cases (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/559\"\u003e#559\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/663baa7da61ff69115995baf59efba6396d814a8\"\u003e\u003ccode\u003e663baa7\u003c/code\u003e\u003c/a\u003e chore(license): standardise license notice (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/560\"\u003e#560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/51bb66e88667850ff5e8f4e9a27ebbf8c5b7bbad\"\u003e\u003ccode\u003e51bb66e\u003c/code\u003e\u003c/a\u003e chore: update syntax typescript (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.3.0...v9.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@fastify/static\u0026package-manager=npm_and_yarn\u0026previous-version=8.3.0\u0026new-version=9.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/josephfung/curia/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/josephfung/curia/pull/773","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/josephfung%2Fcuria/issues/773","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/773/packages"}},{"old_version":"8.3.0","new_version":"9.1.1","update_type":"major","path":"/server","pr_created_at":"2026-05-23T01:36:10.000Z","version_change":"8.3.0 → 9.1.1","issue":{"uuid":"4506421245","node_id":"PR_kwDOSlZRTs7eiQTf","number":6,"state":"closed","title":"deps(server): bump @fastify/static from 8.3.0 to 9.1.1 in /server","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-23T03:54:11.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-23T01:36:10.000Z","updated_at":"2026-05-23T03:54:13.000Z","time_to_close":8281,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(server)","packages":[{"name":"@fastify/static","old_version":"8.3.0","new_version":"9.1.1","repository_url":"https://github.com/fastify/fastify-static"}],"path":"/server","ecosystem":"npm"},"body":"Bumps [@fastify/static](https://github.com/fastify/fastify-static) from 8.3.0 to 9.1.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6410 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\u003c/a\u003e.\nThis fixes CVE CVE-2026-6414 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/570\"\u003efastify/fastify-static#570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/552\"\u003efastify/fastify-static#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move ignoreTrailingSlash under routerOptions by \u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/543\"\u003efastify/fastify-static#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump pino and borp dependencies, delete stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update syntax typescript by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/558\"\u003efastify/fastify-static#558\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/560\"\u003efastify/fastify-static#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: sendFile ignoring option overrides in some cases by \u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade c8 to v11.0.0 and improvements test by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/564\"\u003efastify/fastify-static#564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/566\"\u003efastify/fastify-static#566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump content-disposition from 0.5.4 to 1.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/547\"\u003efastify/fastify-static#547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate glob@13 by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/550\"\u003efastify/fastify-static#550\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/48b136f5d8da0efea328f49f6202ab3edabf608b\"\u003e\u003ccode\u003e48b136f\u003c/code\u003e\u003c/a\u003e Bumped v9.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/cc7b7f7e00a5f028599ba17392b831afd0c651aa\"\u003e\u003ccode\u003ecc7b7f7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/9921faa7ffe4931f4bbd2d1a8b6d90e720081856\"\u003e\u003ccode\u003e9921faa\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/4183d2d8dd52b11c27f7adc22abb8d2531ad4a02\"\u003e\u003ccode\u003e4183d2d\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/a3a8cd6c7a5b0937d7ad939564991c284f09754a\"\u003e\u003ccode\u003ea3a8cd6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/8423c80016917b40a3e42c38fd55070a89d1b9b8\"\u003e\u003ccode\u003e8423c80\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/475dce148995ac754a8cb344bad63c8cbd6517d2\"\u003e\u003ccode\u003e475dce1\u003c/code\u003e\u003c/a\u003e chore: upgrade c8 to v11.0.0 and improvements test (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/3ff0f39b94da96f42a88ed57c554abc8381806c3\"\u003e\u003ccode\u003e3ff0f39\u003c/code\u003e\u003c/a\u003e fix: sendFile ignoring option overrides in some cases (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/559\"\u003e#559\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/663baa7da61ff69115995baf59efba6396d814a8\"\u003e\u003ccode\u003e663baa7\u003c/code\u003e\u003c/a\u003e chore(license): standardise license notice (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/560\"\u003e#560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/51bb66e88667850ff5e8f4e9a27ebbf8c5b7bbad\"\u003e\u003ccode\u003e51bb66e\u003c/code\u003e\u003c/a\u003e chore: update syntax typescript (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.3.0...v9.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@fastify/static\u0026package-manager=npm_and_yarn\u0026previous-version=8.3.0\u0026new-version=9.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/tesseractAZ/ecoflow-panel/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/tesseractAZ/ecoflow-panel/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/tesseractAZ%2Fecoflow-panel/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"8.3.0","new_version":"9.1.1","update_type":"major","path":null,"pr_created_at":"2026-05-22T01:05:34.000Z","version_change":"8.3.0 → 9.1.1","issue":{"uuid":"4498947752","node_id":"PR_kwDONiT-TM7eKI6p","number":1,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 27 updates","user":"dependabot[bot]","labels":["dependencies","javascript","packages/backend","packages/frontend"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-22T01:05:34.000Z","updated_at":"2026-05-22T01:07:50.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":27,"packages":[{"name":"vite","old_version":"7.2.2","new_version":"7.3.2","repository_url":"https://github.com/vitejs/vite"},{"name":"@fastify/express","old_version":"4.0.2","new_version":"4.0.5","repository_url":"https://github.com/fastify/fastify-express"},{"name":"@fastify/static","old_version":"8.3.0","new_version":"9.1.1","repository_url":"https://github.com/fastify/fastify-static"},{"name":"@nestjs/core","old_version":"11.1.9","new_version":"11.1.18","repository_url":"https://github.com/nestjs/nest"},{"name":"fastify","old_version":"5.6.2","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"},{"name":"file-type","old_version":"21.1.1","new_version":"21.3.2","repository_url":"https://github.com/sindresorhus/file-type"},{"name":"happy-dom","old_version":"20.0.10","new_version":"20.8.9","repository_url":"https://github.com/capricorn86/happy-dom"},{"name":"jsrsasign","old_version":"11.1.0","new_version":"11.1.1","repository_url":"https://github.com/kjur/jsrsasign"},{"name":"nodemailer","old_version":"7.0.10","new_version":"8.0.5","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"postcss","old_version":"8.5.6","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"rollup","old_version":"4.53.3","new_version":"4.59.0","repository_url":"https://github.com/rollup/rollup"},{"name":"systeminformation","old_version":"5.27.11","new_version":"5.31.6","repository_url":"https://github.com/sebhildebrandt/systeminformation"},{"name":"tar","old_version":"7.5.2","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"uuid","old_version":"13.0.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"ws","old_version":"8.18.3","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"@xmldom/xmldom","old_version":"0.9.8","new_version":"0.9.10","repository_url":"https://github.com/xmldom/xmldom"},{"name":"axios","old_version":"0.24.0","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"fast-uri","old_version":"3.1.0","new_version":"3.1.2","repository_url":"https://github.com/fastify/fast-uri"},{"name":"fast-xml-parser","old_version":"4.5.3","new_version":"5.2.5","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.15.11","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"immutable","old_version":"5.1.4","new_version":"5.1.5","repository_url":"https://github.com/immutable-js/immutable-js"},{"name":"ip-address","old_version":"9.0.5","new_version":"10.2.0","repository_url":"https://github.com/beaugunderson/ip-address"},{"name":"picomatch","old_version":"2.3.1","new_version":"4.0.4","repository_url":"https://github.com/micromatch/picomatch"},{"name":"svgo","old_version":"4.0.0","new_version":"4.0.1","repository_url":"https://github.com/svg/svgo"},{"name":"undici","old_version":"5.29.0","new_version":"7.25.0","repository_url":"https://github.com/nodejs/undici"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 3 updates in the /scripts/changelog-checker directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite), [rollup](https://github.com/rollup/rollup) and [picomatch](https://github.com/micromatch/picomatch).\nBumps the npm_and_yarn group with 26 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `7.2.2` | `7.3.2` |\n| [@fastify/express](https://github.com/fastify/fastify-express) | `4.0.2` | `4.0.5` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.3.0` | `9.1.1` |\n| [@nestjs/core](https://github.com/nestjs/nest/tree/HEAD/packages/core) | `11.1.9` | `11.1.18` |\n| [fastify](https://github.com/fastify/fastify) | `5.6.2` | `5.8.5` |\n| [file-type](https://github.com/sindresorhus/file-type) | `21.1.1` | `21.3.2` |\n| [happy-dom](https://github.com/capricorn86/happy-dom) | `20.0.10` | `20.8.9` |\n| [jsrsasign](https://github.com/kjur/jsrsasign) | `11.1.0` | `11.1.1` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `7.0.10` | `8.0.5` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.6` | `8.5.10` |\n| [rollup](https://github.com/rollup/rollup) | `4.53.3` | `4.59.0` |\n| [systeminformation](https://github.com/sebhildebrandt/systeminformation) | `5.27.11` | `5.31.6` |\n| [tar](https://github.com/isaacs/node-tar) | `7.5.2` | `7.5.11` |\n| [uuid](https://github.com/uuidjs/uuid) | `13.0.0` | `14.0.0` |\n| [ws](https://github.com/websockets/ws) | `8.18.3` | `8.20.1` |\n| [@xmldom/xmldom](https://github.com/xmldom/xmldom) | `0.9.8` | `0.9.10` |\n| [axios](https://github.com/axios/axios) | `0.24.0` | `1.16.1` |\n| [fast-uri](https://github.com/fastify/fast-uri) | `3.1.0` | `3.1.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.3` | `5.2.5` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.11` | `1.16.0` |\n| [immutable](https://github.com/immutable-js/immutable-js) | `5.1.4` | `5.1.5` |\n| [ip-address](https://github.com/beaugunderson/ip-address) | `9.0.5` | `10.2.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `4.0.4` |\n| [svgo](https://github.com/svg/svgo) | `4.0.0` | `4.0.1` |\n| [undici](https://github.com/nodejs/undici) | `5.29.0` | `7.25.0` |\n\n\nUpdates `vite` from 7.2.2 to 7.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.3\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.3/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.3.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.3.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.1/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.3.0\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.0/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.2.7\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.2.6\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.2.6/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.2.5\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.2.5/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eNote: 7.2.5 failed to publish so it is skipped on npm\u003c/em\u003e\u003c/p\u003e\n\u003ch2\u003ev7.2.4\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.2.4/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.2.3\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.2.3/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.3/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.2...v7.3.3\"\u003e7.3.3\u003c/a\u003e (2026-05-07)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid destructure lowering for newer safari (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22346\"\u003e#22346\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/5ab51c0f76f0896175e02ad797c1f5fe116d02f4\"\u003e5ab51c0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.1...v7.3.2\"\u003e7.3.2\u003c/a\u003e (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e09d8c90\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebackport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22162\"\u003e#22162\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e19db0f2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echeck \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22160\"\u003e#22160\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003ef8103cc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.0...v7.3.1\"\u003e7.3.1\u003c/a\u003e (2026-01-07)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eignoreOutdatedRequests\u003c/code\u003e option to \u003ccode\u003eoptimizeDeps\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21364\"\u003e#21364\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/9d39d373a7b4e0a93322b70b9dbeb202af06af3e\"\u003e9d39d37\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.2.7...v7.3.0\"\u003e7.3.0\u003c/a\u003e (2025-12-15)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update esbuild from ^0.25.0 to ^0.27.0 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21183\"\u003e#21183\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/cff26ec0fc13373d7125a5eac6cb01fe63fee4b1\"\u003ecff26ec\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.2.6...v7.2.7\"\u003e7.2.7\u003c/a\u003e (2025-12-08)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eplugin shortcut support (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21211\"\u003e#21211\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/721f16343d9555ae8fc71a2e5354b22e12ff0dc3\"\u003e721f163\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.2.5...v7.2.6\"\u003e7.2.6\u003c/a\u003e (2025-12-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.2.4...v7.2.5\"\u003e7.2.5\u003c/a\u003e (2025-12-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003econfig:\u003c/strong\u003e handle shebang properly (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21158\"\u003e#21158\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/df5a30d2690a2ebc4824a79becdcef30538dc602\"\u003edf5a30d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update all non-major dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21146\"\u003e#21146\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/a3cd262f37228967e455617e982b35fccc49ffe9\"\u003ea3cd262\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update all non-major dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21175\"\u003e#21175\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/72e398a46d8d2f54fbcbeb9ff0dceab346aeb642\"\u003e72e398a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix \u003ccode\u003eexternal: true\u003c/code\u003e merging (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21164\"\u003e#21164\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/5ef557a96c4a1f2b3a3aa25c12df3ee87b4a03f5\"\u003e5ef557a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eshortcuts not rebound after server restart (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21166\"\u003e#21166\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/3765f7baea36234bf3816eeed38776d27bfd3649\"\u003e3765f7b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e replace debug with obug (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21137\"\u003e#21137\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/203a5512a42a1031f685993f5d9cbae5f328354f\"\u003e203a551\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclarify manifest.json \u003ccode\u003eimports\u003c/code\u003e field is JS chunks only (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21136\"\u003e#21136\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/46d3077f2b63771cc50230bc907c48f5773c00fb\"\u003e46d3077\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update rolldown-related dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21174\"\u003e#21174\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/74559c947483a8ee24da052ac2d9568f7cb3546a\"\u003e74559c9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.2.3...v7.2.4\"\u003e7.2.4\u003c/a\u003e (2025-11-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca31424cccb075c88131132b929a63527d0e2b69\"\u003e\u003ccode\u003eca31424\u003c/code\u003e\u003c/a\u003e release: v7.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/5ab51c0f76f0896175e02ad797c1f5fe116d02f4\"\u003e\u003ccode\u003e5ab51c0\u003c/code\u003e\u003c/a\u003e fix: avoid destructure lowering for newer safari (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22346\"\u003e#22346\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cc383e07b66d4c5a9768fcb570e0af812cb8d999\"\u003e\u003ccode\u003ecc383e0\u003c/code\u003e\u003c/a\u003e release: v7.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e\u003ccode\u003e09d8c90\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003e\u003ccode\u003ef8103cc\u003c/code\u003e\u003c/a\u003e fix: check \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22160\"\u003e#22160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e\u003ccode\u003e19db0f2\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22162\"\u003e#22162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/95e8923f35d0252c9f6eb2d5e358c084542706f1\"\u003e\u003ccode\u003e95e8923\u003c/code\u003e\u003c/a\u003e release: v7.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/9d39d373a7b4e0a93322b70b9dbeb202af06af3e\"\u003e\u003ccode\u003e9d39d37\u003c/code\u003e\u003c/a\u003e feat: add \u003ccode\u003eignoreOutdatedRequests\u003c/code\u003e option to \u003ccode\u003eoptimizeDeps\u003c/code\u003e (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21364\"\u003e#21364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/acf7e05eaeb18e98f5e19e2d3e648950726f20d1\"\u003e\u003ccode\u003eacf7e05\u003c/code\u003e\u003c/a\u003e release: v7.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cff26ec0fc13373d7125a5eac6cb01fe63fee4b1\"\u003e\u003ccode\u003ecff26ec\u003c/code\u003e\u003c/a\u003e feat(deps): update esbuild from ^0.25.0 to ^0.27.0 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21183\"\u003e#21183\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v7.3.3/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rollup` from 4.53.3 to 4.60.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/releases\"\u003erollup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.60.4\u003c/h2\u003e\n\u003ch2\u003e4.60.4\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-05-14\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImprove stability of chunk hashes (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6362\"\u003e#6362\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6362\"\u003e#6362\u003c/a\u003e: fix: stabilize chunk assignment across parallel file reads (\u003ca href=\"https://github.com/sonukapoor\"\u003e\u003ccode\u003e@​sonukapoor\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/Sonu\"\u003e\u003ccode\u003e@​Sonu\u003c/code\u003e\u003c/a\u003e Kapoor, \u003ca href=\"https://github.com/TrickyPi\"\u003e\u003ccode\u003e@​TrickyPi\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6370\"\u003e#6370\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6371\"\u003e#6371\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6372\"\u003e#6372\u003c/a\u003e: chore(deps): update react monorepo to v19 (major) (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6373\"\u003e#6373\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6375\"\u003e#6375\u003c/a\u003e: Resolve vulnerabilities (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.60.2\u003c/h2\u003e\n\u003ch2\u003e4.60.2\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-04-18\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eResolve a variable rendering bug when generating different formats from the same build (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6350\"\u003e#6350\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6327\"\u003e#6327\u003c/a\u003e: docs: fix various typos in source and documentation (\u003ca href=\"https://github.com/Abhi3975\"\u003e\u003ccode\u003e@​Abhi3975\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6331\"\u003e#6331\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6332\"\u003e#6332\u003c/a\u003e: chore(deps): update codecov/codecov-action action to v6 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6333\"\u003e#6333\u003c/a\u003e: chore(deps): update dependency eslint-plugin-unicorn to v64 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6334\"\u003e#6334\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v51 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6335\"\u003e#6335\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6346\"\u003e#6346\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6347\"\u003e#6347\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6348\"\u003e#6348\u003c/a\u003e: fix(deps): update swc monorepo (major) (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6349\"\u003e#6349\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6350\"\u003e#6350\u003c/a\u003e: fix: reset variable render names between outputs in the same generate (\u003ca href=\"https://github.com/barry3406\"\u003e\u003ccode\u003e@​barry3406\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6351\"\u003e#6351\u003c/a\u003e: chore(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6352\"\u003e#6352\u003c/a\u003e: chore(deps): update cross-platform-actions/action action to v1 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6353\"\u003e#6353\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6354\"\u003e#6354\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6355\"\u003e#6355\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6356\"\u003e#6356\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6358\"\u003e#6358\u003c/a\u003e: chore: remove cross-env from devDeps (\u003ca href=\"https://github.com/K-tecchan\"\u003e\u003ccode\u003e@​K-tecchan\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.60.1\u003c/h2\u003e\n\u003ch2\u003e4.60.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/blob/master/CHANGELOG.md\"\u003erollup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.60.4\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-05-14\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImprove stability of chunk hashes (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6362\"\u003e#6362\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6362\"\u003e#6362\u003c/a\u003e: fix: stabilize chunk assignment across parallel file reads (\u003ca href=\"https://github.com/sonukapoor\"\u003e\u003ccode\u003e@​sonukapoor\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/Sonu\"\u003e\u003ccode\u003e@​Sonu\u003c/code\u003e\u003c/a\u003e Kapoor, \u003ca href=\"https://github.com/TrickyPi\"\u003e\u003ccode\u003e@​TrickyPi\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6370\"\u003e#6370\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6371\"\u003e#6371\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6372\"\u003e#6372\u003c/a\u003e: chore(deps): update react monorepo to v19 (major) (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6373\"\u003e#6373\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6375\"\u003e#6375\u003c/a\u003e: Resolve vulnerabilities (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.60.3\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-05-04\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure nested \u0026quot;exports\u0026quot; variables are not renamed (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6360\"\u003e#6360\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6360\"\u003e#6360\u003c/a\u003e: fix: do not rename nested \u0026quot;exports\u0026quot; bindings that do not conflict (\u003ca href=\"https://github.com/tariqrafique\"\u003e\u003ccode\u003e@​tariqrafique\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6364\"\u003e#6364\u003c/a\u003e: chore(deps): update msys2/setup-msys2 digest to e989830 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6365\"\u003e#6365\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6366\"\u003e#6366\u003c/a\u003e: fix(deps): update swc monorepo (major) (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6367\"\u003e#6367\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6368\"\u003e#6368\u003c/a\u003e: docs: add missing backticks in \u003ccode\u003eplugin-development\u003c/code\u003e (\u003ca href=\"https://github.com/lumirlumir\"\u003e\u003ccode\u003e@​lumirlumir\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.60.2\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-04-18\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eResolve a variable rendering bug when generating different formats from the same build (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6350\"\u003e#6350\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6327\"\u003e#6327\u003c/a\u003e: docs: fix various typos in source and documentation (\u003ca href=\"https://github.com/Abhi3975\"\u003e\u003ccode\u003e@​Abhi3975\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6331\"\u003e#6331\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6332\"\u003e#6332\u003c/a\u003e: chore(deps): update codecov/codecov-action action to v6 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6333\"\u003e#6333\u003c/a\u003e: chore(deps): update dependency eslint-plugin-unicorn to v64 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6334\"\u003e#6334\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v51 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6335\"\u003e#6335\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/d311a84b0bb4d4a6f50d19ffd2c29cca28660c88\"\u003e\u003ccode\u003ed311a84\u003c/code\u003e\u003c/a\u003e 4.60.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/6aa324854482e273b711972955d2d1b3bb445bcc\"\u003e\u003ccode\u003e6aa3248\u003c/code\u003e\u003c/a\u003e fix: stabilize chunk assignment across parallel file reads (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6362\"\u003e#6362\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/82a0fe76b1372a2cf509fc4067d69f25569b83f5\"\u003e\u003ccode\u003e82a0fe7\u003c/code\u003e\u003c/a\u003e Resolve vulnerabilities (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6375\"\u003e#6375\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/71f5ebc893d7ff76b5571d63b04ea2ed4a4ddd9d\"\u003e\u003ccode\u003e71f5ebc\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6371\"\u003e#6371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/af91d778cdf564dd1ae1bfd6e92604ec031824a7\"\u003e\u003ccode\u003eaf91d77\u003c/code\u003e\u003c/a\u003e chore(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6373\"\u003e#6373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/65e7b94ddda9f02334fa8f12ff6bf699c1f07833\"\u003e\u003ccode\u003e65e7b94\u003c/code\u003e\u003c/a\u003e chore(deps): update react monorepo to v19 (major) (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6372\"\u003e#6372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/642587f3d9c5b4aa482a5027672f0fa8ea76da12\"\u003e\u003ccode\u003e642587f\u003c/code\u003e\u003c/a\u003e fix(deps): update minor/patch updates (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6370\"\u003e#6370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/b47bdabeccbb7aa1b1d4117f2f4a781a9f6de297\"\u003e\u003ccode\u003eb47bdab\u003c/code\u003e\u003c/a\u003e 4.60.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/15c5f33083c8c6b1b2cbae548124fffbba2553bb\"\u003e\u003ccode\u003e15c5f33\u003c/code\u003e\u003c/a\u003e Add again some unneeded dev dependencies, to make some builds succeed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/12195dcebbd21f0f2d91e26720cd053526edbfe3\"\u003e\u003ccode\u003e12195dc\u003c/code\u003e\u003c/a\u003e fix: do not rename nested \u0026quot;exports\u0026quot; bindings that do not conflict (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6360\"\u003e#6360\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rollup/rollup/compare/v4.53.3...v4.60.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 4.0.3 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.0.4\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\"\u003ehttps://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e5474fc1a4d7991870058170407dda8a42be5334\"\u003e\u003ccode\u003ee5474fc\u003c/code\u003e\u003c/a\u003e Publish 4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903\"\u003e\u003ccode\u003e4516eb5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d\"\u003e\u003ccode\u003e5eceecd\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/0db7dd70651ca7c8265601c0442a996ed32e3238\"\u003e\u003ccode\u003e0db7dd7\u003c/code\u003e\u003c/a\u003e Run benchmark again against latest minimatch version (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/161\"\u003e#161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/95003777eb1c60dec09495a8231fa2ba4054d76a\"\u003e\u003ccode\u003e9500377\u003c/code\u003e\u003c/a\u003e docs: clarify what brace expansion syntax is and isn't supported (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/2661f23eca86c8b4a2b14815b9b2b3b74bd5a171\"\u003e\u003ccode\u003e2661f23\u003c/code\u003e\u003c/a\u003e fix typo in globstars.js test name (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/138\"\u003e#138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/1798b07e9df59500b9cf567294d44d559032f4c7\"\u003e\u003ccode\u003e1798b07\u003c/code\u003e\u003c/a\u003e docs: fix \u003ccode\u003emakeRe\u003c/code\u003e example (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/9d76bc57a03b7f57cc4ca516c8071daf632bafd8\"\u003e\u003ccode\u003e9d76bc5\u003c/code\u003e\u003c/a\u003e chore: undocument removed options (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e4d718bbfb47e4f030ab2612b5b04a9297fe272d\"\u003e\u003ccode\u003ee4d718b\u003c/code\u003e\u003c/a\u003e Remove unused time-require (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/38dffeb16221cc8eb8981524fb6895dd2aaaba76\"\u003e\u003ccode\u003e38dffeb\u003c/code\u003e\u003c/a\u003e chore(deps): pin dependencies (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/158\"\u003e#158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 7.2.2 to 7.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.3\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.3/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.3.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.3.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.1/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.3.0\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.0/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.2.7\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.2.6\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.2.6/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.2.5\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.2.5/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eNote: 7.2.5 failed to publish so it is skipped on npm\u003c/em\u003e\u003c/p\u003e\n\u003ch2\u003ev7.2.4\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.2.4/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev7.2.3\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.2.3/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.3/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.2...v7.3.3\"\u003e7.3.3\u003c/a\u003e (2026-05-07)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid destructure lowering for newer safari (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22346\"\u003e#22346\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/5ab51c0f76f0896175e02ad797c1f5fe116d02f4\"\u003e5ab51c0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.1...v7.3.2\"\u003e7.3.2\u003c/a\u003e (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e09d8c90\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebackport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22162\"\u003e#22162\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e19db0f2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echeck \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22160\"\u003e#22160\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003ef8103cc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.0...v7.3.1\"\u003e7.3.1\u003c/a\u003e (2026-01-07)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eignoreOutdatedRequests\u003c/code\u003e option to \u003ccode\u003eoptimizeDeps\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21364\"\u003e#21364\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/9d39d373a7b4e0a93322b70b9dbeb202af06af3e\"\u003e9d39d37\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.2.7...v7.3.0\"\u003e7.3.0\u003c/a\u003e (2025-12-15)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update esbuild from ^0.25.0 to ^0.27.0 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21183\"\u003e#21183\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/cff26ec0fc13373d7125a5eac6cb01fe63fee4b1\"\u003ecff26ec\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.2.6...v7.2.7\"\u003e7.2.7\u003c/a\u003e (2025-12-08)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eplugin shortcut support (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21211\"\u003e#21211\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/721f16343d9555ae8fc71a2e5354b22e12ff0dc3\"\u003e721f163\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.2.5...v7.2.6\"\u003e7.2.6\u003c/a\u003e (2025-12-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.2.4...v7.2.5\"\u003e7.2.5\u003c/a\u003e (2025-12-01)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003econfig:\u003c/strong\u003e handle shebang properly (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21158\"\u003e#21158\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/df5a30d2690a2ebc4824a79becdcef30538dc602\"\u003edf5a30d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update all non-major dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21146\"\u003e#21146\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/a3cd262f37228967e455617e982b35fccc49ffe9\"\u003ea3cd262\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update all non-major dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21175\"\u003e#21175\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/72e398a46d8d2f54fbcbeb9ff0dceab346aeb642\"\u003e72e398a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix \u003ccode\u003eexternal: true\u003c/code\u003e merging (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21164\"\u003e#21164\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/5ef557a96c4a1f2b3a3aa25c12df3ee87b4a03f5\"\u003e5ef557a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eshortcuts not rebound after server restart (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21166\"\u003e#21166\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/3765f7baea36234bf3816eeed38776d27bfd3649\"\u003e3765f7b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e replace debug with obug (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21137\"\u003e#21137\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/203a5512a42a1031f685993f5d9cbae5f328354f\"\u003e203a551\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclarify manifest.json \u003ccode\u003eimports\u003c/code\u003e field is JS chunks only (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21136\"\u003e#21136\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/46d3077f2b63771cc50230bc907c48f5773c00fb\"\u003e46d3077\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update rolldown-related dependencies (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21174\"\u003e#21174\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/74559c947483a8ee24da052ac2d9568f7cb3546a\"\u003e74559c9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.2.3...v7.2.4\"\u003e7.2.4\u003c/a\u003e (2025-11-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca31424cccb075c88131132b929a63527d0e2b69\"\u003e\u003ccode\u003eca31424\u003c/code\u003e\u003c/a\u003e release: v7.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/5ab51c0f76f0896175e02ad797c1f5fe116d02f4\"\u003e\u003ccode\u003e5ab51c0\u003c/code\u003e\u003c/a\u003e fix: avoid destructure lowering for newer safari (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22346\"\u003e#22346\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cc383e07b66d4c5a9768fcb570e0af812cb8d999\"\u003e\u003ccode\u003ecc383e0\u003c/code\u003e\u003c/a\u003e release: v7.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e\u003ccode\u003e09d8c90\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003e\u003ccode\u003ef8103cc\u003c/code\u003e\u003c/a\u003e fix: check \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22160\"\u003e#22160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e\u003ccode\u003e19db0f2\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22162\"\u003e#22162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/95e8923f35d0252c9f6eb2d5e358c084542706f1\"\u003e\u003ccode\u003e95e8923\u003c/code\u003e\u003c/a\u003e release: v7.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/9d39d373a7b4e0a93322b70b9dbeb202af06af3e\"\u003e\u003ccode\u003e9d39d37\u003c/code\u003e\u003c/a\u003e feat: add \u003ccode\u003eignoreOutdatedRequests\u003c/code\u003e option to \u003ccode\u003eoptimizeDeps\u003c/code\u003e (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21364\"\u003e#21364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/acf7e05eaeb18e98f5e19e2d3e648950726f20d1\"\u003e\u003ccode\u003eacf7e05\u003c/code\u003e\u003c/a\u003e release: v7.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cff26ec0fc13373d7125a5eac6cb01fe63fee4b1\"\u003e\u003ccode\u003ecff26ec\u003c/code\u003e\u003c/a\u003e feat(deps): update esbuild from ^0.25.0 to ^0.27.0 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21183\"\u003e#21183\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v7.3.3/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fastify/express` from 4.0.2 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-express/releases\"\u003e@​fastify/express's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33807 \u003ca href=\"https://github.com/fastify/fastify-express/security/advisories/GHSA-hrwm-hgmj-7p9c\"\u003ehttps://github.com/fastify/fastify-express/security/advisories/GHSA-hrwm-hgmj-7p9c\u003c/a\u003e.\nThis fixes CVE CVE-2026-33808 \u003ca href=\"https://github.com/fastify/fastify-express/security/advisories/GHSA-6hw5-45gm-fj88\"\u003ehttps://github.com/fastify/fastify-express/security/advisories/GHSA-6hw5-45gm-fj88\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump express from 4.22.1 to 5.2.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/179\"\u003efastify/fastify-express#179\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: remove stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/181\"\u003efastify/fastify-express#181\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump c8 from 10.1.3 to 11.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/183\"\u003efastify/fastify-express#183\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/182\"\u003efastify/fastify-express#182\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/185\"\u003efastify/fastify-express#185\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/187\"\u003efastify/fastify-express#187\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/188\"\u003efastify/fastify-express#188\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/181\"\u003efastify/fastify-express#181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-express/compare/v4.0.4...v4.0.5\"\u003ehttps://github.com/fastify/fastify-express/compare/v4.0.4...v4.0.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: decode url with query params by \u003ca href=\"https://github.com/nolway\"\u003e\u003ccode\u003e@​nolway\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/178\"\u003efastify/fastify-express#178\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolway\"\u003e\u003ccode\u003e@​nolway\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/178\"\u003efastify/fastify-express#178\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-express/compare/v4.0.3...v4.0.4\"\u003ehttps://github.com/fastify/fastify-express/compare/v4.0.3...v4.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(dependabot): reduce npm updates to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/157\"\u003efastify/fastify-express#157\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: rename master to main by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/158\"\u003efastify/fastify-express#158\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: migrate to node test runner by \u003ca href=\"https://github.com/ilteoood\"\u003e\u003ccode\u003e@​ilteoood\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/159\"\u003efastify/fastify-express#159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): set job permissions by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/161\"\u003efastify/fastify-express#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(readme): update plugin version syntax by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/162\"\u003efastify/fastify-express#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: set permissions at workflow level by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/163\"\u003efastify/fastify-express#163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore job level permissions by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/164\"\u003efastify/fastify-express#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump express from 4.21.2 to 5.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/166\"\u003efastify/fastify-express#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump serve-static from 1.16.2 to 2.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/165\"\u003efastify/fastify-express#165\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump tsd from 0.31.2 to 0.32.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/168\"\u003efastify/fastify-express#168\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): update date ranges; standardise style by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/169\"\u003efastify/fastify-express#169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(.npmrc): ignore scripts by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/171\"\u003efastify/fastify-express#171\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): add concurrency config by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/172\"\u003efastify/fastify-express#172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump tsd from 0.32.0 to 0.33.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/170\"\u003efastify/fastify-express#170\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: decode paths before matching by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/174\"\u003efastify/fastify-express#174\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore express4 by \u003ca href=\"https://github.com/Eomm\"\u003e\u003ccode\u003e@​Eomm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/176\"\u003efastify/fastify-express#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ilteoood\"\u003e\u003ccode\u003e@​ilteoood\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-express/pull/159\"\u003efastify/fastify-express#159\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-express/commit/f52f4476cbd874a9526027082b9e075d3bff63ac\"\u003e\u003ccode\u003ef52f447\u003c/code\u003e\u003c/a\u003e Bumped v4.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-express/commit/c4e49b5244fcfadb38dc08e9b1808c5d759021a2\"\u003e\u003ccode\u003ec4e49b5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-express/commit/674020f27ddc1d1709e4369cb40158d4c958d42b\"\u003e\u003ccode\u003e674020f\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-express/commit/96eb39be998436e639401ce763941a919145b8ad\"\u003e\u003ccode\u003e96eb39b\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-express/issues/188\"\u003e#188\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-express/commit/65ddc99fba34f9f1561435daa08dd654f126bd46\"\u003e\u003ccode\u003e65ddc99\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-express/issues/187\"\u003e#187\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-express/commit/2746f1f040a9b57b24481d4e0dbbedbf05ca234e\"\u003e\u003ccode\u003e2746f1f\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-express/issues/185\"\u003e#185\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-express/commit/cce14b12102da13f84cedf21cdf18b2ac75676e7\"\u003e\u003ccode\u003ecce14b1\u003c/code\u003e\u003c/a\u003e chore(license): standardise license notice (\u003ca href=\"https://redirect.github.com/fastify/fastify-express/issues/182\"\u003e#182\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-express/commit/70a809411d0f4d4b4a0993c45bd9881e0b427847\"\u003e\u003ccode\u003e70a8094\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump c8 from 10.1.3 to 11.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-express/issues/183\"\u003e#183\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-express/commit/6f627c610007c0985d9af80f8dff072b9d21ee37\"\u003e\u003ccode\u003e6f627c6\u003c/code\u003e\u003c/a\u003e ci: remove stale.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-express/issues/181\"\u003e#181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-express/commit/fa4a726d0be418a1ce2ee7abe88250cce8213ea4\"\u003e\u003ccode\u003efa4a726\u003c/code\u003e\u003c/a\u003e build(deps): bump express from 4.22.1 to 5.2.1 (\u003ca href=\"https://redirect.github.com/fastify/fastify-express/issues/179\"\u003e#179\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-express/compare/v4.0.2...v4.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~climba03003\"\u003eclimba03003\u003c/a\u003e, a new releaser for \u003ccode\u003e@​fastify/express\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fastify/static` from 8.3.0 to 9.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6410 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\u003c/a\u003e.\nThis fixes CVE CVE-2026-6414 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/570\"\u003efastify/fastify-static#570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/552\"\u003efastify/fastify-static#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move ignoreTrailingSlash under routerOptions by \u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/543\"\u003efastify/fastify-static#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump pino and borp dependencies, delete stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update syntax typescript by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/558\"\u003efastify/fastify-static#558\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/560\"\u003efastify/fastify-static#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: sendFile ignoring option overrides in some cases by \u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade c8 to v11.0.0 and improvements test by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/564\"\u003efastify/fastify-static#564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/566\"\u003efastify/fastify-static#566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump content-disposition from 0.5.4 to 1.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/547\"\u003efastify/fastify-static#547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate glob@13 by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/550\"\u003efastify/fastify-static#550\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/48b136f5d8da0efea328f49f6202ab3edabf608b\"\u003e\u003ccode\u003e48b136f\u003c/code\u003e\u003c/a\u003e Bumped v9.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/cc7b7f7e00a5f028599ba17392b831afd0c651aa\"\u003e\u003ccode\u003ecc7b7f7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/9921faa7ffe4931f4bbd2d1a8b6d90e720081856\"\u003e\u003ccode\u003e9921faa\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/4183d2d8dd52b11c27f7adc22abb8d2531ad4a02\"\u003e\u003ccode\u003e4183d2d\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/a3a8cd6c7a5b0937d7ad939564991c284f09754a\"\u003e\u003ccode\u003ea3a8cd6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/8423c80016917b40a3e42c38fd55070a89d1b9b8\"\u003e\u003ccode\u003e8423c80\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/475dce148995ac754a8cb344bad63c8cbd6517d2\"\u003e\u003ccode\u003e475dce1\u003c/code\u003e\u003c/a\u003e chore: upgrade c8 to v11.0.0 and improvements test (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/3ff0f39b94da96f42a88ed57c554abc8381806c3\"\u003e\u003ccode\u003e3ff0f39\u003c/code\u003e\u003c/a\u003e fix: sendFile ignoring option overrides in some cases (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/559\"\u003e#559\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/663baa7da61ff69115995baf59efba6396d814a8\"\u003e\u003ccode\u003e663baa7\u003c/code\u003e\u003c/a\u003e chore(license): standardise license notice (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/560\"\u003e#560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/51bb66e88667850ff5e8f4e9a27ebbf8c5b7bbad\"\u003e\u003ccode\u003e51bb66e\u003c/code\u003e\u003c/a\u003e chore: update syntax typescript (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.3.0...v9.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@nestjs/core` from 11.1.9 to 11.1.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nestjs/nest/releases\"\u003e@​nestjs/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev11.1.18 (2026-04-03)\u003c/h2\u003e\n\u003ch4\u003eBug fixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003emicroservices\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16675\"\u003e#16675\u003c/a\u003e fix(microservices): preserve packet headers in nats serializer (\u003ca href=\"https://github.com/wwenrr\"\u003e\u003ccode\u003e@​wwenrr\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ecore\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16683\"\u003e#16683\u003c/a\u003e fix(core): prevent injector hang when design:paramtypes is missing (\u003ca href=\"https://github.com/Youmoo\"\u003e\u003ccode\u003e@​Youmoo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16637\"\u003e#16637\u003c/a\u003e fix(core): dependency injection edge case with moduleref.create (\u003ca href=\"https://github.com/JakobStaudinger\"\u003e\u003ccode\u003e@​JakobStaudinger\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16686\"\u003enestjs/nest#16686\u003c/a\u003e fix(core): sanitize sse message\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eDependencies\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecore\u003c/code\u003e, \u003ccode\u003eplatform-express\u003c/code\u003e, \u003ccode\u003eplatform-fastify\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16679\"\u003e#16679\u003c/a\u003e fix(deps): update dependency path-to-regexp to v8.4.2 (\u003ca href=\"https://github.com/apps/renovate\"\u003e\u003ccode\u003e@​renovate[bot]\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eplatform-fastify\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16623\"\u003e#16623\u003c/a\u003e fix(deps): update dependency fastify to v5.8.4 (\u003ca href=\"https://github.com/apps/renovate\"\u003e\u003ccode\u003e@​renovate[bot]\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eplatform-ws\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16618\"\u003e#16618\u003c/a\u003e chore(deps): bump ws from 8.19.0 to 8.20.0 (\u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ecommon\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16619\"\u003e#16619\u003c/a\u003e chore(deps): bump file-type from 21.3.3 to 21.3.4 (\u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAnkit San (\u003ca href=\"https://github.com/ankitbelal\"\u003e\u003ccode\u003e@​ankitbelal\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eJakob Staudinger (\u003ca href=\"https://github.com/JakobStaudinger\"\u003e\u003ccode\u003e@​JakobStaudinger\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKamil Mysliwiec (\u003ca href=\"https://github.com/kamilmysliwiec\"\u003e\u003ccode\u003e@​kamilmysliwiec\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKrishna Chaitanya (\u003ca href=\"https://github.com/Krishnachaitanyakc\"\u003e\u003ccode\u003e@​Krishnachaitanyakc\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMK (\u003ca href=\"https://github.com/wwenrr\"\u003e\u003ccode\u003e@​wwenrr\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eyoumoo (\u003ca href=\"https://github.com/Youmoo\"\u003e\u003ccode\u003e@​Youmoo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev11.1.17 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003eEnhancements\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003emicroservices\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16218\"\u003e#16218\u003c/a\u003e feat(microservices): add redis driver identification (\u003ca href=\"https://github.com/vchomakov\"\u003e\u003ccode\u003e@​vchomakov\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eBugs\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eplatform-fastify\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eauto-run middleware for HEAD requests as fastify redirects them to GET handlers (effectively skipping middleware execution) \u003ca href=\"https://github.com/nestjs/nest/commit/cbdf737cd6e7cefa52d05ecea2ae4af95c464614\"\u003ehttps://github.com/nestjs/nest/commit/cbdf737cd6e7cefa52d05ecea2ae4af95c464614\u003c/a\u003e (\u003ca href=\"https://github.com/kamilmysliwiec\"\u003e\u003ccode\u003e@​kamilmysliwiec\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eDependencies\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecommon\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16567\"\u003e#16567\u003c/a\u003e fix(deps): update dependency file-type to v21.3.2 (\u003ca href=\"https://github.com/apps/renovate\"\u003e\u003ccode\u003e@​renovate[bot]\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eplatform-fastify\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/nestjs/nest/pull/16533\"\u003e#16533\u003c/a\u003e fix(deps): update dependency fastify to v5.8.2 (\u003ca href=\"https://github.com/apps/renovate\"\u003e\u003ccode\u003e@​renovate[bot]\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRohan Santhosh Kumar (\u003ca href=\"https://github.com/Rohan5commit\"\u003e\u003ccode\u003e@​Rohan5commit\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eVasil Chomakov (\u003ca href=\"https://github.com/vchomakov\"\u003e\u003ccode\u003e@​vchomakov\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKamil Mysliwiec (\u003ca href=\"https://github.com/kamilmysliwiec\"\u003e\u003ccode\u003e@​kamilmysliwiec\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nestjs/nest/commit/3c1cc5f91e95fcec27c3694cd42a08a50e85cc5f\"\u003e\u003ccode\u003e3c1cc5f\u003c/code\u003e\u003c/a\u003e chore(release): publish v11.1.18 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nestjs/nest/commit/0f962c75a474b08fbc1bdf072b89eda14151c856\"\u003e\u003ccode\u003e0f962c7\u003c/code\u003e\u003c/a\u003e fix(core): sanitize sse message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nestjs/nest/commit/94aa4242f622d6f6b071c35dbcd90e0f2f3f32de\"\u003e\u003ccode\u003e94aa424\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/nestjs/nest/tree/HEAD/packages/core/issues/16679\"\u003e#16679\u003c/a\u003e from nestjs/renovate/path-to-regexp-8.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nestjs/nest/commit/368691c35fa221b68baad8d4e569d9d8685c0ea1\"\u003e\u003ccode\u003e368691c\u003c/code\u003e\u003c/a\u003e fix(core): prevent injector hang when design:paramtypes is missing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nestjs/nest/commit/25d4fdef37ac20930cc66b1283267651631e26f8\"\u003e\u003ccode\u003e25d4fde\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency path-to-regexp to v8.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nestjs/nest/commit/5c0b11e20c35c0a5692c16187519982091d57150\"\u003e\u003ccode\u003e5c0b11e\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency path-to-regexp to v8.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nestjs/nest/commit/f7d4460f0b34bd4a70be4552c3ca9e11eaecdb8c\"\u003e\u003ccode\u003ef7d4460\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/nestjs/nest/tree/HEAD/packages/core/issues/16637\"\u003e#16637\u003c/a\u003e from JakobStaudinger/moduleref-create-transient-sco...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nestjs/nest/commit/d0a9dc97acba4ae7b33d9a46d8941f4ad6b3b914\"\u003e\u003ccode\u003ed0a9dc9\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency path-to-regexp to v8.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nestjs/nest/commit/46774340b61d8e5751b13ba95a27628267266be3\"\u003e\u003ccode\u003e4677434\u003c/code\u003e\u003c/a\u003e feat(core): export \u003ccode\u003eIEntryNestModule\u003c/code\u003e type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nestjs/nest/commit/7493b94647fc51d6d774f1e20f1b2f66c692182f\"\u003e\u003ccode\u003e7493b94\u003c/code\u003e\u003c/a\u003e fix(core): dependency injection edge case with moduleref.create\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nestjs/nest/commits/v11.1.18/packages/core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.6.2 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e...\n\n_Description has been truncated_","html_url":"https://github.com/towan912/misskey/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/towan912%2Fmisskey/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"7.0.4","new_version":"9.1.3","update_type":"major","path":"/server","pr_created_at":"2026-05-19T05:10:45.000Z","version_change":"7.0.4 → 9.1.3","issue":{"uuid":"4474588215","node_id":"PR_kwDOSg3iM87c7O-1","number":14,"state":"closed","title":"Bump @fastify/static from 7.0.4 to 9.1.3 in /server","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-19T05:11:19.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-19T05:10:45.000Z","updated_at":"2026-05-19T05:11:28.000Z","time_to_close":34,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"@fastify/static","old_version":"7.0.4","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"}],"path":"/server","ecosystem":"npm"},"body":"Bumps [@fastify/static](https://github.com/fastify/fastify-static) from 7.0.4 to 9.1.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: support wildcard prefixes with route params by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/576\"\u003efastify/fastify-static#576\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: resolve wildcard paths in encapsulated contexts by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/574\"\u003efastify/fastify-static#574\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6410 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\u003c/a\u003e.\nThis fixes CVE CVE-2026-6414 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/570\"\u003efastify/fastify-static#570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/552\"\u003efastify/fastify-static#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move ignoreTrailingSlash under routerOptions by \u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/543\"\u003efastify/fastify-static#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump pino and borp dependencies, delete stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update syntax typescript by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/558\"\u003efastify/fastify-static#558\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/560\"\u003efastify/fastify-static#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: sendFile ignoring option overrides in some cases by \u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade c8 to v11.0.0 and improvements test by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/564\"\u003efastify/fastify-static#564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/566\"\u003efastify/fastify-static#566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump content-disposition from 0.5.4 to 1.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/547\"\u003efastify/fastify-static#547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate glob@13 by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/550\"\u003efastify/fastify-static#550\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/880c1a6c9118c7ff7c74a5727e5697237183d5cf\"\u003e\u003ccode\u003e880c1a6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/7f92da5bf2366ccd2e0082e77d5222a7cb47d152\"\u003e\u003ccode\u003e7f92da5\u003c/code\u003e\u003c/a\u003e fix: support wildcard prefixes with route params (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/b0a66d5270a1ee1535e0c786d9beac2c7c7619c6\"\u003e\u003ccode\u003eb0a66d5\u003c/code\u003e\u003c/a\u003e Bumped v9.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/32af86372ab45d3799408d5b56fc7f7d3003e5de\"\u003e\u003ccode\u003e32af863\u003c/code\u003e\u003c/a\u003e fix: resolve wildcard paths in encapsulated contexts (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/48b136f5d8da0efea328f49f6202ab3edabf608b\"\u003e\u003ccode\u003e48b136f\u003c/code\u003e\u003c/a\u003e Bumped v9.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/cc7b7f7e00a5f028599ba17392b831afd0c651aa\"\u003e\u003ccode\u003ecc7b7f7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/9921faa7ffe4931f4bbd2d1a8b6d90e720081856\"\u003e\u003ccode\u003e9921faa\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/4183d2d8dd52b11c27f7adc22abb8d2531ad4a02\"\u003e\u003ccode\u003e4183d2d\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/a3a8cd6c7a5b0937d7ad939564991c284f09754a\"\u003e\u003ccode\u003ea3a8cd6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/8423c80016917b40a3e42c38fd55070a89d1b9b8\"\u003e\u003ccode\u003e8423c80\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v7.0.4...v9.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@fastify/static\u0026package-manager=npm_and_yarn\u0026previous-version=7.0.4\u0026new-version=9.1.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/chartmann1590/family-guardian/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/chartmann1590%2Ffamily-guardian/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"}},{"old_version":"9.1.1","new_version":"9.1.3","update_type":"patch","path":null,"pr_created_at":"2026-05-18T20:41:15.000Z","version_change":"9.1.1 → 9.1.3","issue":{"uuid":"4472422412","node_id":"PR_kwDOShO_U87c0UPw","number":16,"state":"closed","title":"chore(deps)(deps): Bump the fastify group across 1 directory with 3 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-18T20:44:06.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-18T20:41:15.000Z","updated_at":"2026-05-18T20:44:15.000Z","time_to_close":171,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)(deps): Bump","group_name":"fastify","update_count":3,"packages":[{"name":"@fastify/cookie","old_version":"10.0.1","new_version":"11.0.2","repository_url":"https://github.com/fastify/fastify-cookie"},{"name":"@fastify/static","old_version":"9.1.1","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"},{"name":"fastify-type-provider-zod","old_version":"4.0.2","new_version":"6.1.0","repository_url":"https://github.com/turkerdev/fastify-type-provider-zod"}],"path":null,"ecosystem":"npm"},"body":"Bumps the fastify group with 3 updates in the / directory: [@fastify/cookie](https://github.com/fastify/fastify-cookie), [@fastify/static](https://github.com/fastify/fastify-static) and [fastify-type-provider-zod](https://github.com/turkerdev/fastify-type-provider-zod).\n\nUpdates `@fastify/cookie` from 10.0.1 to 11.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-cookie/releases\"\u003e@​fastify/cookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev11.0.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(readme): update ci badge syntax by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/309\"\u003efastify/fastify-cookie#309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): replace standard with neostandard by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/310\"\u003efastify/fastify-cookie#310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: move from tap to node:test by \u003ca href=\"https://github.com/eugleenyc\"\u003e\u003ccode\u003e@​eugleenyc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/306\"\u003efastify/fastify-cookie#306\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump neostandard from 0.11.9 to 0.12.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/311\"\u003efastify/fastify-cookie#311\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): add eslint, peer dep of neostandard by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/312\"\u003efastify/fastify-cookie#312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(package): add contribs and funding by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/313\"\u003efastify/fastify-cookie#313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(readme): add compatibility table by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/314\"\u003efastify/fastify-cookie#314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: prefix unused params with underscores by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/316\"\u003efastify/fastify-cookie#316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(signer): remove unused catch binding by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/315\"\u003efastify/fastify-cookie#315\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(readme): grammar fixes by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/317\"\u003efastify/fastify-cookie#317\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: merge duplicate \u003ccode\u003eFastifyCookieOptions\u003c/code\u003e interface exports by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/318\"\u003efastify/fastify-cookie#318\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eugleenyc\"\u003e\u003ccode\u003e@​eugleenyc\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/306\"\u003efastify/fastify-cookie#306\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-cookie/compare/v11.0.1...v11.0.2\"\u003ehttps://github.com/fastify/fastify-cookie/compare/v11.0.1...v11.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: remove redundant dependency, cookie-signature by \u003ca href=\"https://github.com/gurgunday\"\u003e\u003ccode\u003e@​gurgunday\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/305\"\u003efastify/fastify-cookie#305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-cookie/compare/v11.0.0...v11.0.1\"\u003ehttps://github.com/fastify/fastify-cookie/compare/v11.0.0...v11.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efastifyCookieClearCookie sets maxAge to zero by \u003ca href=\"https://github.com/aristofun\"\u003e\u003ccode\u003e@​aristofun\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/304\"\u003efastify/fastify-cookie#304\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse cookie package again by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/302\"\u003efastify/fastify-cookie#302\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aristofun\"\u003e\u003ccode\u003e@​aristofun\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/304\"\u003efastify/fastify-cookie#304\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/pull/302\"\u003efastify/fastify-cookie#302\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-cookie/compare/v10.0.1...v11.0.0\"\u003ehttps://github.com/fastify/fastify-cookie/compare/v10.0.1...v11.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-cookie/commit/3ff06ef2b08487f3bdcd55218915aceaa8538250\"\u003e\u003ccode\u003e3ff06ef\u003c/code\u003e\u003c/a\u003e 11.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-cookie/commit/24a584436a52ecaf4df129437195bfa105929304\"\u003e\u003ccode\u003e24a5844\u003c/code\u003e\u003c/a\u003e types: merge duplicate \u003ccode\u003eFastifyCookieOptions\u003c/code\u003e interface exports (\u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/issues/318\"\u003e#318\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-cookie/commit/b9fcf1350bade8c6cd5f7f4e65ba371e01ee4422\"\u003e\u003ccode\u003eb9fcf13\u003c/code\u003e\u003c/a\u003e docs(readme): grammar fixes (\u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-cookie/commit/a8023cd1608977d8a6866a728920421dac51cb9a\"\u003e\u003ccode\u003ea8023cd\u003c/code\u003e\u003c/a\u003e refactor(signer): remove unused catch binding (\u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/issues/315\"\u003e#315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-cookie/commit/639f778584f4abb5157a3b515ce110e04457b4fa\"\u003e\u003ccode\u003e639f778\u003c/code\u003e\u003c/a\u003e refactor: prefix unused params with underscores (\u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/issues/316\"\u003e#316\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-cookie/commit/0f1acb119b2022d7d58b02375cc4a723c8ad3219\"\u003e\u003ccode\u003e0f1acb1\u003c/code\u003e\u003c/a\u003e docs(readme): add compatibility table (\u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-cookie/commit/645e80b6f5b04c426d88c8f286db8e63d5fc87ea\"\u003e\u003ccode\u003e645e80b\u003c/code\u003e\u003c/a\u003e chore(package): add contribs and funding (\u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/issues/313\"\u003e#313\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-cookie/commit/5e4c22ee572b098c5816b8ec4acff324d988e707\"\u003e\u003ccode\u003e5e4c22e\u003c/code\u003e\u003c/a\u003e build(deps-dev): add eslint, peer dep of neostandard (\u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/issues/312\"\u003e#312\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-cookie/commit/1f2af60d253ab4493d085a142504b9e5dad59570\"\u003e\u003ccode\u003e1f2af60\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump neostandard from 0.11.9 to 0.12.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/issues/311\"\u003e#311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-cookie/commit/38913b7ebea774a854b72d01d90d11c9864d1f02\"\u003e\u003ccode\u003e38913b7\u003c/code\u003e\u003c/a\u003e chore: move from tap to node:test (\u003ca href=\"https://redirect.github.com/fastify/fastify-cookie/issues/306\"\u003e#306\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-cookie/compare/v10.0.1...v11.0.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~fdawgs\"\u003efdawgs\u003c/a\u003e, a new releaser for \u003ccode\u003e@​fastify/cookie\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fastify/static` from 9.1.1 to 9.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: support wildcard prefixes with route params by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/576\"\u003efastify/fastify-static#576\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: resolve wildcard paths in encapsulated contexts by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/574\"\u003efastify/fastify-static#574\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/880c1a6c9118c7ff7c74a5727e5697237183d5cf\"\u003e\u003ccode\u003e880c1a6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/7f92da5bf2366ccd2e0082e77d5222a7cb47d152\"\u003e\u003ccode\u003e7f92da5\u003c/code\u003e\u003c/a\u003e fix: support wildcard prefixes with route params (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/b0a66d5270a1ee1535e0c786d9beac2c7c7619c6\"\u003e\u003ccode\u003eb0a66d5\u003c/code\u003e\u003c/a\u003e Bumped v9.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/32af86372ab45d3799408d5b56fc7f7d3003e5de\"\u003e\u003ccode\u003e32af863\u003c/code\u003e\u003c/a\u003e fix: resolve wildcard paths in encapsulated contexts (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify-type-provider-zod` from 4.0.2 to 6.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/turkerdev/fastify-type-provider-zod/releases\"\u003efastify-type-provider-zod's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSignificantly improved compatibility with OpenAPI 3.0 for specification document population;\u003c/li\u003e\n\u003cli\u003eAutomatically switch between OpenAPI 3.0 and 3.1 modes based on the version in the \u003ccode\u003eopenapi\u003c/code\u003e field of the specification document root.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix exports\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.0.0\u003c/h2\u003e\n\u003cp\u003eBreaking changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSwitch to zod v4 API;\u003c/li\u003e\n\u003cli\u003eError response structure revised to reduce duplication\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/turkerdev/fastify-type-provider-zod/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/guiloklex-hub/mm-metricas-unifi/pull/16","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/guiloklex-hub%2Fmm-metricas-unifi/issues/16","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/16/packages"}},{"old_version":"9.0.0","new_version":"9.1.3","update_type":"minor","path":null,"pr_created_at":"2026-05-18T04:35:45.000Z","version_change":"9.0.0 → 9.1.3","issue":{"uuid":"4466292410","node_id":"PR_kwDOQ1PoDs7cgcUn","number":98,"state":"closed","title":"chore(deps): bump the npm-dependencies group across 1 directory with 15 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-25T04:28:52.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-18T04:35:45.000Z","updated_at":"2026-05-25T04:28:54.000Z","time_to_close":604387,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm-dependencies","update_count":15,"packages":[{"name":"@playwright/test","old_version":"1.58.2","new_version":"1.60.0","repository_url":"https://github.com/microsoft/playwright"},{"name":"@types/pg","old_version":"8.18.0","new_version":"8.20.0","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"@fastify/static","old_version":"9.0.0","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"},{"name":"@prisma/adapter-pg","old_version":"7.5.0","new_version":"7.8.0","repository_url":"https://github.com/prisma/prisma"},{"name":"@prisma/client","old_version":"7.5.0","new_version":"7.8.0","repository_url":"https://github.com/prisma/prisma"},{"name":"dotenv","old_version":"17.3.1","new_version":"17.4.2","repository_url":"https://github.com/motdotla/dotenv"},{"name":"fastify","old_version":"5.8.2","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"},{"name":"@types/node","old_version":"25.5.0","new_version":"25.8.0","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"prisma","old_version":"7.5.0","new_version":"7.8.0","repository_url":"https://github.com/prisma/prisma"},{"name":"typescript","old_version":"5.9.3","new_version":"6.0.3","repository_url":"https://github.com/microsoft/TypeScript"},{"name":"react","old_version":"19.2.4","new_version":"19.2.6","repository_url":"https://github.com/facebook/react"},{"name":"react-dom","old_version":"19.2.4","new_version":"19.2.6","repository_url":"https://github.com/facebook/react"},{"name":"@vitejs/plugin-react","old_version":"6.0.1","new_version":"6.0.2","repository_url":"https://github.com/vitejs/vite-plugin-react"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm-dependencies group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@playwright/test](https://github.com/microsoft/playwright) | `1.58.2` | `1.60.0` |\n| [@types/pg](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/pg) | `8.18.0` | `8.20.0` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `9.0.0` | `9.1.3` |\n| [@prisma/adapter-pg](https://github.com/prisma/prisma/tree/HEAD/packages/adapter-pg) | `7.5.0` | `7.8.0` |\n| [@prisma/client](https://github.com/prisma/prisma/tree/HEAD/packages/client) | `7.5.0` | `7.8.0` |\n| [dotenv](https://github.com/motdotla/dotenv) | `17.3.1` | `17.4.2` |\n| [fastify](https://github.com/fastify/fastify) | `5.8.2` | `5.8.5` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.5.0` | `25.8.0` |\n| [prisma](https://github.com/prisma/prisma/tree/HEAD/packages/cli) | `7.5.0` | `7.8.0` |\n| [typescript](https://github.com/microsoft/TypeScript) | `5.9.3` | `6.0.3` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.4` | `19.2.6` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.4` | `19.2.6` |\n| [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) | `6.0.1` | `6.0.2` |\n\n\nUpdates `@playwright/test` from 1.58.2 to 1.60.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/microsoft/playwright/releases\"\u003e@​playwright/test's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.60.0\u003c/h2\u003e\n\u003ch2\u003e🌐 HAR recording on Tracing\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://playwright.dev/docs/api/class-tracing#tracing-start-har\"\u003etracing.startHar()\u003c/a\u003e / \u003ca href=\"https://playwright.dev/docs/api/class-tracing#tracing-stop-har\"\u003etracing.stopHar()\u003c/a\u003e expose HAR recording as a first-class tracing API, with the same \u003ccode\u003econtent\u003c/code\u003e, \u003ccode\u003emode\u003c/code\u003e and \u003ccode\u003eurlFilter\u003c/code\u003e options as \u003ccode\u003erecordHar\u003c/code\u003e. The returned \u003ca href=\"https://playwright.dev/docs/api/class-disposable\"\u003eDisposable\u003c/a\u003e makes it easy to scope a recording with \u003ccode\u003eawait using\u003c/code\u003e:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait using har = await context.tracing.startHar('trace.har');\r\nconst page = await context.newPage();\r\nawait page.goto('https://playwright.dev');\r\n// HAR is finalized when `har` goes out of scope.\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003e🪝 Drop API\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-locator#locator-drop\"\u003elocator.drop()\u003c/a\u003e simulates an external drag-and-drop of files or clipboard-like data onto an element. Playwright dispatches \u003ccode\u003edragenter\u003c/code\u003e, \u003ccode\u003edragover\u003c/code\u003e, and \u003ccode\u003edrop\u003c/code\u003e with a synthetic [DataTransfer] in the page context — works cross-browser and is great for testing upload zones:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait page.locator('#dropzone').drop({\r\n  files: { name: 'note.txt', mimeType: 'text/plain', buffer: Buffer.from('hello') },\r\n});\r\n\u003cp\u003eawait page.locator('#dropzone').drop({\ndata: {\n'text/plain': 'hello world',\n'text/uri-list': '\u003ca href=\"https://example.com\"\u003ehttps://example.com\u003c/a\u003e',\n},\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003ch2\u003e🎯 Aria snapshots\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://playwright.dev/docs/api/class-pageassertions#page-assertions-to-match-aria-snapshot\"\u003eexpect(page).toMatchAriaSnapshot()\u003c/a\u003e now works on a \u003ca href=\"https://playwright.dev/docs/api/class-page\"\u003ePage\u003c/a\u003e, in addition to a \u003ca href=\"https://playwright.dev/docs/api/class-locator\"\u003eLocator\u003c/a\u003e — equivalent to asserting against \u003ccode\u003epage.locator('body')\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eNew \u003ccode\u003eboxes\u003c/code\u003e option on \u003ca href=\"https://playwright.dev/docs/api/class-locator#locator-aria-snapshot\"\u003elocator.ariaSnapshot()\u003c/a\u003e / \u003ca href=\"https://playwright.dev/docs/api/class-page#page-aria-snapshot\"\u003epage.ariaSnapshot()\u003c/a\u003e appends each element's bounding box as \u003ccode\u003e[box=x,y,width,height]\u003c/code\u003e, useful for AI consumption.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🛑 test.abort()\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-test#test-abort\"\u003etest.abort()\u003c/a\u003e aborts the currently running test from a fixture, hook, or route handler with an optional message. Use it when you have detected an unrecoverable misuse and want to fail the test right away:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003etest('does not publish to the shared page', async ({ page }) =\u0026gt; {\r\n  await page.route('**/publish', route =\u0026gt; {\r\n    test.abort('Tests must not publish to the shared page. Use the `clone` option.');\r\n    return route.abort();\r\n  });\r\n  // ...\r\n});\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eNew APIs\u003c/h2\u003e\n\u003ch3\u003eBrowser, Context and Page\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/87bb9ddbd78f329df18c2b24847bc9409240cd07\"\u003e\u003ccode\u003e87bb9dd\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40747\"\u003e#40747\u003c/a\u003e): fix(yauzl): vendor yauzl with destroy-lifecycle fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9a9c51cb7d1b39fab51ca288e59f8ca38fd19910\"\u003e\u003ccode\u003e9a9c51c\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40733\"\u003e#40733\u003c/a\u003e): chore(electron): revert \u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40184\"\u003e#40184\u003c/a\u003e (move Electron API to a s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/4b3b628663031bcaaeca907e337892263524634d\"\u003e\u003ccode\u003e4b3b628\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40736\"\u003e#40736\u003c/a\u003e): Revert \u0026quot;feat(electron): add timeout option to electronAp...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/f869f96bbe6607cc3b88b4ca96fd82f17b301b50\"\u003e\u003ccode\u003ef869f96\u003c/code\u003e\u003c/a\u003e chore: bump version to v1.60.0 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40714\"\u003e#40714\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/7eb6918afadfb0dd5c7e94ca9ffbddd84d8fbb39\"\u003e\u003ccode\u003e7eb6918\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40710\"\u003e#40710\u003c/a\u003e): docs: release notes v1.60\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/118d2aa6076d82840decca15d96b48611b08e392\"\u003e\u003ccode\u003e118d2aa\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40693\"\u003e#40693\u003c/a\u003e): chore(python): formdata path type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/54012f5dcc586da2e5d6cccd75f13ca367b94579\"\u003e\u003ccode\u003e54012f5\u003c/code\u003e\u003c/a\u003e chore(deps): bump ip-address and express-rate-limit (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40680\"\u003e#40680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9fa531da5677a3807d6e1dccd22c5137339a44f7\"\u003e\u003ccode\u003e9fa531d\u003c/code\u003e\u003c/a\u003e fix(screencast): unblock frame ack when an async client disconnects (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40674\"\u003e#40674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/3649db560ff943e724185784d34f7db131a11961\"\u003e\u003ccode\u003e3649db5\u003c/code\u003e\u003c/a\u003e chore(mcp): bump default extension protocol to v2 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40678\"\u003e#40678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/bb6c00957f47ba04caad7fca75d426309a2d32d4\"\u003e\u003ccode\u003ebb6c009\u003c/code\u003e\u003c/a\u003e chore(extension): mark 0.2.1 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40679\"\u003e#40679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/playwright/compare/v1.58.2...v1.60.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/pg` from 8.18.0 to 8.20.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/pg\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `playwright` from 1.58.2 to 1.60.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/microsoft/playwright/releases\"\u003eplaywright's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.60.0\u003c/h2\u003e\n\u003ch2\u003e🌐 HAR recording on Tracing\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://playwright.dev/docs/api/class-tracing#tracing-start-har\"\u003etracing.startHar()\u003c/a\u003e / \u003ca href=\"https://playwright.dev/docs/api/class-tracing#tracing-stop-har\"\u003etracing.stopHar()\u003c/a\u003e expose HAR recording as a first-class tracing API, with the same \u003ccode\u003econtent\u003c/code\u003e, \u003ccode\u003emode\u003c/code\u003e and \u003ccode\u003eurlFilter\u003c/code\u003e options as \u003ccode\u003erecordHar\u003c/code\u003e. The returned \u003ca href=\"https://playwright.dev/docs/api/class-disposable\"\u003eDisposable\u003c/a\u003e makes it easy to scope a recording with \u003ccode\u003eawait using\u003c/code\u003e:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait using har = await context.tracing.startHar('trace.har');\r\nconst page = await context.newPage();\r\nawait page.goto('https://playwright.dev');\r\n// HAR is finalized when `har` goes out of scope.\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003e🪝 Drop API\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-locator#locator-drop\"\u003elocator.drop()\u003c/a\u003e simulates an external drag-and-drop of files or clipboard-like data onto an element. Playwright dispatches \u003ccode\u003edragenter\u003c/code\u003e, \u003ccode\u003edragover\u003c/code\u003e, and \u003ccode\u003edrop\u003c/code\u003e with a synthetic [DataTransfer] in the page context — works cross-browser and is great for testing upload zones:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait page.locator('#dropzone').drop({\r\n  files: { name: 'note.txt', mimeType: 'text/plain', buffer: Buffer.from('hello') },\r\n});\r\n\u003cp\u003eawait page.locator('#dropzone').drop({\ndata: {\n'text/plain': 'hello world',\n'text/uri-list': '\u003ca href=\"https://example.com\"\u003ehttps://example.com\u003c/a\u003e',\n},\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003ch2\u003e🎯 Aria snapshots\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://playwright.dev/docs/api/class-pageassertions#page-assertions-to-match-aria-snapshot\"\u003eexpect(page).toMatchAriaSnapshot()\u003c/a\u003e now works on a \u003ca href=\"https://playwright.dev/docs/api/class-page\"\u003ePage\u003c/a\u003e, in addition to a \u003ca href=\"https://playwright.dev/docs/api/class-locator\"\u003eLocator\u003c/a\u003e — equivalent to asserting against \u003ccode\u003epage.locator('body')\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eNew \u003ccode\u003eboxes\u003c/code\u003e option on \u003ca href=\"https://playwright.dev/docs/api/class-locator#locator-aria-snapshot\"\u003elocator.ariaSnapshot()\u003c/a\u003e / \u003ca href=\"https://playwright.dev/docs/api/class-page#page-aria-snapshot\"\u003epage.ariaSnapshot()\u003c/a\u003e appends each element's bounding box as \u003ccode\u003e[box=x,y,width,height]\u003c/code\u003e, useful for AI consumption.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🛑 test.abort()\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-test#test-abort\"\u003etest.abort()\u003c/a\u003e aborts the currently running test from a fixture, hook, or route handler with an optional message. Use it when you have detected an unrecoverable misuse and want to fail the test right away:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003etest('does not publish to the shared page', async ({ page }) =\u0026gt; {\r\n  await page.route('**/publish', route =\u0026gt; {\r\n    test.abort('Tests must not publish to the shared page. Use the `clone` option.');\r\n    return route.abort();\r\n  });\r\n  // ...\r\n});\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eNew APIs\u003c/h2\u003e\n\u003ch3\u003eBrowser, Context and Page\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/87bb9ddbd78f329df18c2b24847bc9409240cd07\"\u003e\u003ccode\u003e87bb9dd\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40747\"\u003e#40747\u003c/a\u003e): fix(yauzl): vendor yauzl with destroy-lifecycle fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9a9c51cb7d1b39fab51ca288e59f8ca38fd19910\"\u003e\u003ccode\u003e9a9c51c\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40733\"\u003e#40733\u003c/a\u003e): chore(electron): revert \u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40184\"\u003e#40184\u003c/a\u003e (move Electron API to a s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/4b3b628663031bcaaeca907e337892263524634d\"\u003e\u003ccode\u003e4b3b628\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40736\"\u003e#40736\u003c/a\u003e): Revert \u0026quot;feat(electron): add timeout option to electronAp...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/f869f96bbe6607cc3b88b4ca96fd82f17b301b50\"\u003e\u003ccode\u003ef869f96\u003c/code\u003e\u003c/a\u003e chore: bump version to v1.60.0 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40714\"\u003e#40714\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/7eb6918afadfb0dd5c7e94ca9ffbddd84d8fbb39\"\u003e\u003ccode\u003e7eb6918\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40710\"\u003e#40710\u003c/a\u003e): docs: release notes v1.60\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/118d2aa6076d82840decca15d96b48611b08e392\"\u003e\u003ccode\u003e118d2aa\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40693\"\u003e#40693\u003c/a\u003e): chore(python): formdata path type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/54012f5dcc586da2e5d6cccd75f13ca367b94579\"\u003e\u003ccode\u003e54012f5\u003c/code\u003e\u003c/a\u003e chore(deps): bump ip-address and express-rate-limit (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40680\"\u003e#40680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9fa531da5677a3807d6e1dccd22c5137339a44f7\"\u003e\u003ccode\u003e9fa531d\u003c/code\u003e\u003c/a\u003e fix(screencast): unblock frame ack when an async client disconnects (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40674\"\u003e#40674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/3649db560ff943e724185784d34f7db131a11961\"\u003e\u003ccode\u003e3649db5\u003c/code\u003e\u003c/a\u003e chore(mcp): bump default extension protocol to v2 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40678\"\u003e#40678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/bb6c00957f47ba04caad7fca75d426309a2d32d4\"\u003e\u003ccode\u003ebb6c009\u003c/code\u003e\u003c/a\u003e chore(extension): mark 0.2.1 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40679\"\u003e#40679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/playwright/compare/v1.58.2...v1.60.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fastify/static` from 9.0.0 to 9.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: support wildcard prefixes with route params by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/576\"\u003efastify/fastify-static#576\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: resolve wildcard paths in encapsulated contexts by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/574\"\u003efastify/fastify-static#574\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6410 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\u003c/a\u003e.\nThis fixes CVE CVE-2026-6414 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/570\"\u003efastify/fastify-static#570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/552\"\u003efastify/fastify-static#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move ignoreTrailingSlash under routerOptions by \u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/543\"\u003efastify/fastify-static#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump pino and borp dependencies, delete stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update syntax typescript by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/558\"\u003efastify/fastify-static#558\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/560\"\u003efastify/fastify-static#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: sendFile ignoring option overrides in some cases by \u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade c8 to v11.0.0 and improvements test by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/564\"\u003efastify/fastify-static#564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/566\"\u003efastify/fastify-static#566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/880c1a6c9118c7ff7c74a5727e5697237183d5cf\"\u003e\u003ccode\u003e880c1a6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/7f92da5bf2366ccd2e0082e77d5222a7cb47d152\"\u003e\u003ccode\u003e7f92da5\u003c/code\u003e\u003c/a\u003e fix: support wildcard prefixes with route params (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/b0a66d5270a1ee1535e0c786d9beac2c7c7619c6\"\u003e\u003ccode\u003eb0a66d5\u003c/code\u003e\u003c/a\u003e Bumped v9.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/32af86372ab45d3799408d5b56fc7f7d3003e5de\"\u003e\u003ccode\u003e32af863\u003c/code\u003e\u003c/a\u003e fix: resolve wildcard paths in encapsulated contexts (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/48b136f5d8da0efea328f49f6202ab3edabf608b\"\u003e\u003ccode\u003e48b136f\u003c/code\u003e\u003c/a\u003e Bumped v9.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/cc7b7f7e00a5f028599ba17392b831afd0c651aa\"\u003e\u003ccode\u003ecc7b7f7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/9921faa7ffe4931f4bbd2d1a8b6d90e720081856\"\u003e\u003ccode\u003e9921faa\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/4183d2d8dd52b11c27f7adc22abb8d2531ad4a02\"\u003e\u003ccode\u003e4183d2d\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/a3a8cd6c7a5b0937d7ad939564991c284f09754a\"\u003e\u003ccode\u003ea3a8cd6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/8423c80016917b40a3e42c38fd55070a89d1b9b8\"\u003e\u003ccode\u003e8423c80\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@prisma/adapter-pg` from 7.5.0 to 7.8.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prisma/prisma/releases\"\u003e@​prisma/adapter-pg's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.8.0\u003c/h2\u003e\n\u003cp\u003eToday, we are excited to share the \u003ccode\u003e7.8.0\u003c/code\u003e stable release 🎉\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e🌟 Star this repo for notifications about new releases, bug fixes \u0026amp; features — or \u003ca href=\"https://pris.ly/x\"\u003efollow us on X\u003c/a\u003e!\u003c/strong\u003e\u003c/p\u003e\n\u003ch1\u003eHighlights\u003c/h1\u003e\n\u003ch2\u003eORM\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003ePrisma Client\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded a \u003ccode\u003equeryPlanCacheMaxSize\u003c/code\u003e option to the \u003ccode\u003ePrismaClient\u003c/code\u003e constructor for fine-grained control over the query plan cache. Pass \u003ccode\u003e0\u003c/code\u003e to disable the cache entirely, or omit it to use the default cache size. A larger value can improve performance in applications that execute many unique queries, while a smaller one can reduce memory usage. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/adapter-pg/issues/29503\"\u003e#29503\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003ePrisma Client\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an equality filter panic and incorrect \u003ccode\u003e::jsonb\u003c/code\u003e cast when filtering on PostgreSQL JSON list columns. Queries using \u003ccode\u003ewhere: { jsonListField: { equals: [...] } }\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5804\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed case-insensitive JSON field filtering (\u003ccode\u003emode: insensitive\u003c/code\u003e), allowing \u003ccode\u003ewhere: { jsonField: { equals: \u0026quot;...\u0026quot;, mode: \u0026quot;insensitive\u0026quot; } }\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5806\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed incorrect parameterization of enum values that have a custom database name set via \u003ccode\u003e@map\u003c/code\u003e. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/adapter-pg/issues/29422\"\u003e#29422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a database parameter limit check (\u003ccode\u003eP2029\u003c/code\u003e), which could incorrectly reject or miss over-limit queries. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/adapter-pg/issues/29422\"\u003e#29422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a regression that caused missing SQL Server \u003ccode\u003eVARCHAR\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5801\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSchema Engine\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a misleading error message in \u003ccode\u003eprisma migrate diff\u003c/code\u003e that referenced the \u003ccode\u003e--shadow-database-url\u003c/code\u003e CLI flag, which was removed in Prisma 7. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/adapter-pg/issues/29455\"\u003e#29455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eprisma migrate dev\u003c/code\u003e (and shadow database migration replay in general) failing with \u003ccode\u003eCREATE INDEX CONCURRENTLY cannot run inside a transaction block\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5799\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed PostgreSQL introspection silently dropping sequence defaults when the database returns the schema-qualified form \u003ccode\u003epg_catalog.nextval('sequence_name'::regclass)\u003c/code\u003e instead of the bare \u003ccode\u003enextval(...)\u003c/code\u003e. Columns backed by sequences now correctly appear as \u003ccode\u003e@default(autoincrement())\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5802\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDriver Adapters\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003e@​prisma/adapter-d1\u003c/code\u003e\u003c/strong\u003e: Savepoint operations (\u003ccode\u003ecreateSavepoint\u003c/code\u003e, \u003ccode\u003erollbackToSavepoint\u003c/code\u003e, \u003ccode\u003ereleaseSavepoint\u003c/code\u003e) now silently no-op with debug logging instead of executing SQL statements, consistent with how the D1 adapter already treats top-level transactions. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/adapter-pg/issues/29499\"\u003e#29499\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOpen roles at Prisma\u003c/h2\u003e\n\u003cp\u003eInterested in joining Prisma? We're growing and have several exciting opportunities across the company for developers who are passionate about building with Prisma. Explore our open positions on our \u003ca href=\"https://www.prisma.io/careers#current\"\u003eCareers page\u003c/a\u003e and find the role that's right for you.\u003c/p\u003e\n\u003ch2\u003eEnterprise support\u003c/h2\u003e\n\u003cp\u003eThousands of teams use Prisma and many of them already tap into our Enterprise \u0026amp; Agency Support Program for hands-on help with everything from schema integrations and performance tuning to security and compliance.\u003c/p\u003e\n\u003cp\u003eWith this program you also get priority issue triage and bug fixes, expert scalability advice, and custom training so that your Prisma-powered apps stay rock-solid at any scale. Learn more or join: \u003ca href=\"https://prisma.io/enterprise\"\u003ehttps://prisma.io/enterprise\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e7.7.0\u003c/h2\u003e\n\u003cp\u003eToday, we are excited to share the \u003ccode\u003e7.7.0\u003c/code\u003e stable release 🎉\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e🌟 Star this repo for notifications about new releases, bug fixes \u0026amp; features — or \u003ca href=\"https://pris.ly/x\"\u003efollow us on X\u003c/a\u003e!\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/f2ca67e71d82a57dc5324a8cb5e6ed0d903c996a\"\u003e\u003ccode\u003ef2ca67e\u003c/code\u003e\u003c/a\u003e feat: pg statement name generator (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/adapter-pg/issues/29395\"\u003e#29395\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/4131568160a0efe49285991ced9bb2fa4133f50a\"\u003e\u003ccode\u003e4131568\u003c/code\u003e\u003c/a\u003e fix: set \u003ccode\u003e@​types/pg\u003c/code\u003e to ^8.16.0 (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/adapter-pg/issues/29390\"\u003e#29390\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/33667c373c0ae84ad37c7aed2497b99452da589c\"\u003e\u003ccode\u003e33667c3\u003c/code\u003e\u003c/a\u003e fix(adapter-pg): handle both quoted/unquoted column names in ColumnNotFound e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/e97b3e0401b234912490852cc10529ff1f83c44b\"\u003e\u003ccode\u003ee97b3e0\u003c/code\u003e\u003c/a\u003e feat(adapter-pg): accept connection string URL in PrismaPg constructor (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/adapter-pg/issues/29287\"\u003e#29287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/prisma/prisma/commits/7.8.0/packages/adapter-pg\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@prisma/client` from 7.5.0 to 7.8.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prisma/prisma/releases\"\u003e@​prisma/client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.8.0\u003c/h2\u003e\n\u003cp\u003eToday, we are excited to share the \u003ccode\u003e7.8.0\u003c/code\u003e stable release 🎉\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e🌟 Star this repo for notifications about new releases, bug fixes \u0026amp; features — or \u003ca href=\"https://pris.ly/x\"\u003efollow us on X\u003c/a\u003e!\u003c/strong\u003e\u003c/p\u003e\n\u003ch1\u003eHighlights\u003c/h1\u003e\n\u003ch2\u003eORM\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003ePrisma Client\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded a \u003ccode\u003equeryPlanCacheMaxSize\u003c/code\u003e option to the \u003ccode\u003ePrismaClient\u003c/code\u003e constructor for fine-grained control over the query plan cache. Pass \u003ccode\u003e0\u003c/code\u003e to disable the cache entirely, or omit it to use the default cache size. A larger value can improve performance in applications that execute many unique queries, while a smaller one can reduce memory usage. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/client/issues/29503\"\u003e#29503\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003ePrisma Client\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an equality filter panic and incorrect \u003ccode\u003e::jsonb\u003c/code\u003e cast when filtering on PostgreSQL JSON list columns. Queries using \u003ccode\u003ewhere: { jsonListField: { equals: [...] } }\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5804\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed case-insensitive JSON field filtering (\u003ccode\u003emode: insensitive\u003c/code\u003e), allowing \u003ccode\u003ewhere: { jsonField: { equals: \u0026quot;...\u0026quot;, mode: \u0026quot;insensitive\u0026quot; } }\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5806\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed incorrect parameterization of enum values that have a custom database name set via \u003ccode\u003e@map\u003c/code\u003e. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/client/issues/29422\"\u003e#29422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a database parameter limit check (\u003ccode\u003eP2029\u003c/code\u003e), which could incorrectly reject or miss over-limit queries. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/client/issues/29422\"\u003e#29422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a regression that caused missing SQL Server \u003ccode\u003eVARCHAR\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5801\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSchema Engine\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a misleading error message in \u003ccode\u003eprisma migrate diff\u003c/code\u003e that referenced the \u003ccode\u003e--shadow-database-url\u003c/code\u003e CLI flag, which was removed in Prisma 7. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/client/issues/29455\"\u003e#29455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eprisma migrate dev\u003c/code\u003e (and shadow database migration replay in general) failing with \u003ccode\u003eCREATE INDEX CONCURRENTLY cannot run inside a transaction block\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5799\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed PostgreSQL introspection silently dropping sequence defaults when the database returns the schema-qualified form \u003ccode\u003epg_catalog.nextval('sequence_name'::regclass)\u003c/code\u003e instead of the bare \u003ccode\u003enextval(...)\u003c/code\u003e. Columns backed by sequences now correctly appear as \u003ccode\u003e@default(autoincrement())\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5802\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDriver Adapters\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003e@​prisma/adapter-d1\u003c/code\u003e\u003c/strong\u003e: Savepoint operations (\u003ccode\u003ecreateSavepoint\u003c/code\u003e, \u003ccode\u003erollbackToSavepoint\u003c/code\u003e, \u003ccode\u003ereleaseSavepoint\u003c/code\u003e) now silently no-op with debug logging instead of executing SQL statements, consistent with how the D1 adapter already treats top-level transactions. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/client/issues/29499\"\u003e#29499\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOpen roles at Prisma\u003c/h2\u003e\n\u003cp\u003eInterested in joining Prisma? We're growing and have several exciting opportunities across the company for developers who are passionate about building with Prisma. Explore our open positions on our \u003ca href=\"https://www.prisma.io/careers#current\"\u003eCareers page\u003c/a\u003e and find the role that's right for you.\u003c/p\u003e\n\u003ch2\u003eEnterprise support\u003c/h2\u003e\n\u003cp\u003eThousands of teams use Prisma and many of them already tap into our Enterprise \u0026amp; Agency Support Program for hands-on help with everything from schema integrations and performance tuning to security and compliance.\u003c/p\u003e\n\u003cp\u003eWith this program you also get priority issue triage and bug fixes, expert scalability advice, and custom training so that your Prisma-powered apps stay rock-solid at any scale. Learn more or join: \u003ca href=\"https://prisma.io/enterprise\"\u003ehttps://prisma.io/enterprise\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e7.7.0\u003c/h2\u003e\n\u003cp\u003eToday, we are excited to share the \u003ccode\u003e7.7.0\u003c/code\u003e stable release 🎉\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e🌟 Star this repo for notifications about new releases, bug fixes \u0026amp; features — or \u003ca href=\"https://pris.ly/x\"\u003efollow us on X\u003c/a\u003e!\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/62b44ac01aafbe101dad63abaab7da9747f62839\"\u003e\u003ccode\u003e62b44ac\u003c/code\u003e\u003c/a\u003e chore(deps): update engines to 7.8.0-5.e96eae70cf4ade6a15d7e6064d5b0b4f7d835d...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/4104864e3fdcf0805562a6e95e318c28f302fd7b\"\u003e\u003ccode\u003e4104864\u003c/code\u003e\u003c/a\u003e feat: add a query plan cache size parameter (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/client/issues/29503\"\u003e#29503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/723ba7b1abda24cc29f535560eaf13087bfd20bc\"\u003e\u003ccode\u003e723ba7b\u003c/code\u003e\u003c/a\u003e chore(deps): update engines to 7.8.0-4.8c287008617e9b12f313df99e2c821ae61ea9a...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/cadbafe60594b909edbe3aebee7e6af1c1bb6c11\"\u003e\u003ccode\u003ecadbafe\u003c/code\u003e\u003c/a\u003e chore(deps): update engines to 7.8.0-2.3187e3937290320ba3c7dbd5aa94af67942b44...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/f7055337b1d1689af8a0680cc38248cb9af7bee2\"\u003e\u003ccode\u003ef705533\u003c/code\u003e\u003c/a\u003e chore(deps): update engines to 7.8.0-1.7b80cc56c645c6e03c7541474e6a7c8d91b70d...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/fbab4e8ec0359540d8e1bd8b8780ed48ee58cf54\"\u003e\u003ccode\u003efbab4e8\u003c/code\u003e\u003c/a\u003e Fix 29271 (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/client/issues/29303\"\u003e#29303\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/6a3c3ccf9cc2db7f27bbbf6df9f050fc112dc66e\"\u003e\u003ccode\u003e6a3c3cc\u003c/code\u003e\u003c/a\u003e chore: extract parameterization to client-engine-runtime (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/client/issues/29422\"\u003e#29422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/5b420f897bf7f98b1b826f55ebae334114d70eb7\"\u003e\u003ccode\u003e5b420f8\u003c/code\u003e\u003c/a\u003e fix(client): prevent caching of createMany queries to avoid cache bloat and p...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/30f0af635578207b29d8409d7d0cbcdcea264a07\"\u003e\u003ccode\u003e30f0af6\u003c/code\u003e\u003c/a\u003e feat: dmmf streaming with an E2E test (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/client/issues/29377\"\u003e#29377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/14c3c2eb02173048d5ac3a908598a8d7f2244598\"\u003e\u003ccode\u003e14c3c2e\u003c/code\u003e\u003c/a\u003e fix: pin E2E typescript to prevent 6 upgrade (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/client/issues/29383\"\u003e#29383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/prisma/prisma/commits/7.8.0/packages/client\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dotenv` from 17.3.1 to 17.4.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md\"\u003edotenv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/motdotla/dotenv/compare/v17.4.1...v17.4.2\"\u003e17.4.2\u003c/a\u003e (2026-04-12)\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImproved skill files - tightened up details (\u003ca href=\"https://redirect.github.com/motdotla/dotenv/pull/1009\"\u003e#1009\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/motdotla/dotenv/compare/v17.4.0...v17.4.1\"\u003e17.4.1\u003c/a\u003e (2026-04-05)\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eChange text \u003ccode\u003einjecting\u003c/code\u003e to \u003ccode\u003einjected\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/motdotla/dotenv/pull/1005\"\u003e#1005\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/motdotla/dotenv/compare/v17.3.1...v17.4.0\"\u003e17.4.0\u003c/a\u003e (2026-04-01)\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eskills/\u003c/code\u003e folder with focused agent skills: \u003ccode\u003eskills/dotenv/SKILL.md\u003c/code\u003e (core usage) and \u003ccode\u003eskills/dotenvx/SKILL.md\u003c/code\u003e (encryption, multiple environments, variable expansion) for AI coding agent discovery via the skills.sh ecosystem (\u003ccode\u003enpx skills add motdotla/dotenv\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTighten up logs: \u003ccode\u003e◇ injecting env (14) from .env\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/motdotla/dotenv/pull/1003\"\u003e#1003\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motdotla/dotenv/commit/f116f70310abab44fbfddbaeb833698b5bf84a9b\"\u003e\u003ccode\u003ef116f70\u003c/code\u003e\u003c/a\u003e 17.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motdotla/dotenv/commit/3a8161274fdd745239b86e604f4a7e972a1d3902\"\u003e\u003ccode\u003e3a81612\u003c/code\u003e\u003c/a\u003e fix visual order of faq\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motdotla/dotenv/commit/13f55a89e136b2024e68d277b836dd5260fc16cf\"\u003e\u003ccode\u003e13f55a8\u003c/code\u003e\u003c/a\u003e Merge branch 'skill'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motdotla/dotenv/commit/4bbbf73f0906bd69975c48bf310a84b686e5b1b4\"\u003e\u003ccode\u003e4bbbf73\u003c/code\u003e\u003c/a\u003e reorganize faq\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motdotla/dotenv/commit/c3da64bb2ba1d0e02f8b9b2b7ccb7e6f7a51d56c\"\u003e\u003ccode\u003ec3da64b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/motdotla/dotenv/issues/1009\"\u003e#1009\u003c/a\u003e from motdotla/skill\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motdotla/dotenv/commit/6f743b173fbd6c26f7eab7040d251f9a6c8b977d\"\u003e\u003ccode\u003e6f743b1\u003c/code\u003e\u003c/a\u003e update source\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motdotla/dotenv/commit/fc2c6247e858a32d4024cb06a5b0c79aa35851f5\"\u003e\u003ccode\u003efc2c624\u003c/code\u003e\u003c/a\u003e update skill\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motdotla/dotenv/commit/972315ba74bb2bbba4483d112e853fd26006ef8a\"\u003e\u003ccode\u003e972315b\u003c/code\u003e\u003c/a\u003e Tighten up skill\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motdotla/dotenv/commit/2795fce3d1ed07b4c570f1e06ab1c0d533c86997\"\u003e\u003ccode\u003e2795fce\u003c/code\u003e\u003c/a\u003e reorganize faq\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motdotla/dotenv/commit/d5495d4ae8e4e41ef9a682c9e00c81552794274e\"\u003e\u003ccode\u003ed5495d4\u003c/code\u003e\u003c/a\u003e adjust skill\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/motdotla/dotenv/compare/v17.3.1...v17.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.8.2 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.3\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-3635 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(readme): add \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e to plugin team by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6565\"\u003efastify/fastify#6565\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated Plugins-Guide.md; Changed \u0026quot;fastify\u0026quot; to \u0026quot;instance\u0026quot; during plugin registration to showcase that it's added as a child by \u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: use fastify.test in test case by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6568\"\u003efastify/fastify#6568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use fastify.example in documentation by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6567\"\u003efastify/fastify#6567\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add common performance degradation guidance by \u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(server): fix camelCase anchor links in TOC by \u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(link-checker): fix root-relative links resolution by \u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update syntax markdown, absolute paths and links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6569\"\u003efastify/fastify#6569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify content-type parser/schema mismatch is outside threat model by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6537\"\u003efastify/fastify#6537\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix incorrect code examples in Reply and Request reference by \u003ca href=\"https://github.com/mahmoodhamdi\"\u003e\u003ccode\u003e@​mahmoodhamdi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6582\"\u003efastify/fastify#6582\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: replace redirected npm.im http-errors link by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6588\"\u003efastify/fastify#6588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: Allow port to be null in request type definition by \u003ca href=\"https://github.com/TristanBarlow\"\u003e\u003ccode\u003e@​TristanBarlow\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6589\"\u003efastify/fastify#6589\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6593\"\u003efastify/fastify#6593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(lock-threads): use shared lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6592\"\u003efastify/fastify#6592\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3983cce8124714242099e8756a7a9a80a0ba0aea\"\u003e\u003ccode\u003e3983cce\u003c/code\u003e\u003c/a\u003e Bumped v5.8.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3ce3ae6752dbed672759856081af9cb1e2733105\"\u003e\u003ccode\u003e3ce3ae6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/b06a196b694c0c7aed53976cd77456f1ad7d4c9f\"\u003e\u003ccode\u003eb06a196\u003c/code\u003e\u003c/a\u003e docs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6610\"\u003e#6610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/909c5d5329536b0acc004da7649b3da8af9273b2\"\u003e\u003ccode\u003e909c5d5\u003c/code\u003e\u003c/a\u003e chore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6630\"\u003e#6630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/4db21a36ddb588acaebf5a4472ccb3b0d5fc9db0\"\u003e\u003ccode\u003e4db21a3\u003c/code\u003e\u003c/a\u003e chore: Bump borp from 0.21.0 to 1.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6633\"\u003e#6633\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/0f4e544c8acd7c42df347936e613a73cecc4f3fe\"\u003e\u003ccode\u003e0f4e544\u003c/code\u003e\u003c/a\u003e chore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6632\"\u003e#6632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/33a2fcd39de584713495bf4b3bd864137746f224\"\u003e\u003ccode\u003e33a2fcd\u003c/code\u003e\u003c/a\u003e chore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6629\"\u003e#6629\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/fd35d829a8cd496a3c1170c0c1c021130e3ca0e8\"\u003e\u003ccode\u003efd35d82\u003c/code\u003e\u003c/a\u003e ci: reduce cron schedules from daily/weekly to monthly (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6623\"\u003e#6623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/8dee9be05ebf683cd212aeff1d294f6ea1ec405c\"\u003e\u003ccode\u003e8dee9be\u003c/code\u003e\u003c/a\u003e fix: restore trustProxy function for number and string types, add null check ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/d457aeda8611777389c7e4713a288eb7ddb9a389\"\u003e\u003ccode\u003ed457aed\u003c/code\u003e\u003c/a\u003e chore: upgrade to typescript v6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6605\"\u003e#6605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.2...v5.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 25.5.0 to 25.8.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `prisma` from 7.5.0 to 7.8.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prisma/prisma/releases\"\u003eprisma's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.8.0\u003c/h2\u003e\n\u003cp\u003eToday, we are excited to share the \u003ccode\u003e7.8.0\u003c/code\u003e stable release 🎉\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e🌟 Star this repo for notifications about new releases, bug fixes \u0026amp; features — or \u003ca href=\"https://pris.ly/x\"\u003efollow us on X\u003c/a\u003e!\u003c/strong\u003e\u003c/p\u003e\n\u003ch1\u003eHighlights\u003c/h1\u003e\n\u003ch2\u003eORM\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003ePrisma Client\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded a \u003ccode\u003equeryPlanCacheMaxSize\u003c/code\u003e option to the \u003ccode\u003ePrismaClient\u003c/code\u003e constructor for fine-grained control over the query plan cache. Pass \u003ccode\u003e0\u003c/code\u003e to disable the cache entirely, or omit it to use the default cache size. A larger value can improve performance in applications that execute many unique queries, while a smaller one can reduce memory usage. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29503\"\u003e#29503\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003ePrisma Client\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an equality filter panic and incorrect \u003ccode\u003e::jsonb\u003c/code\u003e cast when filtering on PostgreSQL JSON list columns. Queries using \u003ccode\u003ewhere: { jsonListField: { equals: [...] } }\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5804\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed case-insensitive JSON field filtering (\u003ccode\u003emode: insensitive\u003c/code\u003e), allowing \u003ccode\u003ewhere: { jsonField: { equals: \u0026quot;...\u0026quot;, mode: \u0026quot;insensitive\u0026quot; } }\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5806\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed incorrect parameterization of enum values that have a custom database name set via \u003ccode\u003e@map\u003c/code\u003e. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29422\"\u003e#29422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a database parameter limit check (\u003ccode\u003eP2029\u003c/code\u003e), which could incorrectly reject or miss over-limit queries. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29422\"\u003e#29422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a regression that caused missing SQL Server \u003ccode\u003eVARCHAR\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5801\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSchema Engine\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a misleading error message in \u003ccode\u003eprisma migrate diff\u003c/code\u003e that referenced the \u003ccode\u003e--shadow-database-url\u003c/code\u003e CLI flag, which was removed in Prisma 7. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29455\"\u003e#29455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eprisma migrate dev\u003c/code\u003e (and shadow database migration replay in general) failing with \u003ccode\u003eCREATE INDEX CONCURRENTLY cannot run inside a transaction block\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5799\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed PostgreSQL introspection silently dropping sequence defaults when the database returns the schema-qualified form \u003ccode\u003epg_catalog.nextval('sequence_name'::regclass)\u003c/code\u003e instead of the bare \u003ccode\u003enextval(...)\u003c/code\u003e. Columns backed by sequences now correctly appear as \u003ccode\u003e@default(autoincrement())\u003c/code\u003e\u003ccode\u003eprisma/prisma-engines#5802\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDriver Adapters\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003e@​prisma/adapter-d1\u003c/code\u003e\u003c/strong\u003e: Savepoint operations (\u003ccode\u003ecreateSavepoint\u003c/code\u003e, \u003ccode\u003erollbackToSavepoint\u003c/code\u003e, \u003ccode\u003ereleaseSavepoint\u003c/code\u003e) now silently no-op with debug logging instead of executing SQL statements, consistent with how the D1 adapter already treats top-level transactions. (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29499\"\u003e#29499\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOpen roles at Prisma\u003c/h2\u003e\n\u003cp\u003eInterested in joining Prisma? We're growing and have several exciting opportunities across the company for developers who are passionate about building with Prisma. Explore our open positions on our \u003ca href=\"https://www.prisma.io/careers#current\"\u003eCareers page\u003c/a\u003e and find the role that's right for you.\u003c/p\u003e\n\u003ch2\u003eEnterprise support\u003c/h2\u003e\n\u003cp\u003eThousands of teams use Prisma and many of them already tap into our Enterprise \u0026amp; Agency Support Program for hands-on help with everything from schema integrations and performance tuning to security and compliance.\u003c/p\u003e\n\u003cp\u003eWith this program you also get priority issue triage and bug fixes, expert scalability advice, and custom training so that your Prisma-powered apps stay rock-solid at any scale. Learn more or join: \u003ca href=\"https://prisma.io/enterprise\"\u003ehttps://prisma.io/enterprise\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e7.7.0\u003c/h2\u003e\n\u003cp\u003eToday, we are excited to share the \u003ccode\u003e7.7.0\u003c/code\u003e stable release 🎉\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e🌟 Star this repo for notifications about new releases, bug fixes \u0026amp; features — or \u003ca href=\"https://pris.ly/x\"\u003efollow us on X\u003c/a\u003e!\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/572340698b1b81bbe22ef9793e72d13113c11d4c\"\u003e\u003ccode\u003e5723406\u003c/code\u003e\u003c/a\u003e fix(cli): route bootstrap telemetry to Prisma Web Properties project (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29473\"\u003e#29473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/8e71aa7b8de5d897ff4e8dbc92fa85a5ee91469f\"\u003e\u003ccode\u003e8e71aa7\u003c/code\u003e\u003c/a\u003e fix(cli): install missing \u003ccode\u003e@prisma/client\u003c/code\u003e in \u003ccode\u003eprisma bootstrap\u003c/code\u003e (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29444\"\u003e#29444\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/ada077ba32b5801d00d32f1434a45aaae7bc09a9\"\u003e\u003ccode\u003eada077b\u003c/code\u003e\u003c/a\u003e fix(cli): bootstrap UX — auto-install deps, resumable flow, timeout handling ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/9b0b7f5d59f4f9d0dca4d558f4e537e83da18203\"\u003e\u003ccode\u003e9b0b7f5\u003c/code\u003e\u003c/a\u003e feat(cli): add prisma bootstrap command (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29374\"\u003e#29374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/5fece0a97ca3f7a05a7ae6691d49728d19b795a4\"\u003e\u003ccode\u003e5fece0a\u003c/code\u003e\u003c/a\u003e chore: bump \u003ccode\u003e@​prisma/dev\u003c/code\u003e to 0.24.3 (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29396\"\u003e#29396\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/45d7e0f0d595df3ee4ca1e469e3d7381b5247ccf\"\u003e\u003ccode\u003e45d7e0f\u003c/code\u003e\u003c/a\u003e feat(cli): add \u003ccode\u003eprisma postgres link\u003c/code\u003e command (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29352\"\u003e#29352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/adbdf15a2418358c93cca2615bf7eafeff5b5391\"\u003e\u003ccode\u003eadbdf15\u003c/code\u003e\u003c/a\u003e Pre-bundle Studio frontend assets and replace Hono (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29389\"\u003e#29389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/f8258ad65bf4fcd2599ffc8da18ee88e800bd2c5\"\u003e\u003ccode\u003ef8258ad\u003c/code\u003e\u003c/a\u003e chore: bump effect to fix vulnerability (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29384\"\u003e#29384\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/74839a9078e233c8bf8f7fe7416832d3bd6e4175\"\u003e\u003ccode\u003e74839a9\u003c/code\u003e\u003c/a\u003e feat(cli): update bundled \u003ccode\u003e@​prisma/studio-core\u003c/code\u003e to 0.27.3 (\u003ca href=\"https://github.com/prisma/prisma/tree/HEAD/packages/cli/issues/29376\"\u003e#29376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prisma/prisma/commit/309b4bccd632d8b40246eab131f3ada578fb4c23\"\u003e\u003ccode\u003e309b4bc\u003c/code\u003e\u003c/a\u003e refactor: extract 'prisma-client-js' into PRISMA_CLIENT_JS_PROVIDER constant ...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/prisma/prisma/commits/7.8.0/packages/cli\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `typescript` from 5.9.3 to 6.0.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/microsoft/TypeScript/releases\"\u003etypescript's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTypeScript 6.0.3\u003c/h2\u003e\n\u003cp\u003eFor release notes, check out the \u003ca href=\"https://devblogs.microsoft.com/typescript/announcing-typescript-6-0/\"\u003erelease announcement blog post\u003c/a\u003e.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93\u0026amp;q=milestone%3A%22TypeScript+6.0.0%22\"\u003efixed issues query for TypeScript 6.0.0 (Beta)\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93\u0026amp;q=milestone%3A%22TypeScript+6.0.1%22\"\u003efixed issues query for TypeScript 6.0.1 (RC)\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93\u0026amp;q=milestone%3A%22TypeScript+6.0.2%22\"\u003efixed issues query for TypeScript 6.0.2 (Stable)\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93\u0026amp;q=milestone%3A%22TypeScript+6.0.3%22\"\u003efixed issues query for TypeScript 6.0.3 (Stable)\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDownloads are available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/typescript\"\u003enpm\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eTypeScript 6.0\u003c/h2\u003e\n\u003cp\u003eFor release notes, check out the \u003ca href=\"https://devblogs.microsoft.com/typescript/announcing-typescript-6-0/\"\u003erelease announcement blog post\u003c/a\u003e.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93\u0026amp;q=milestone%3A%22TypeScript+6.0.0%22\"\u003efixed issues query for TypeScript 6.0.0 (Beta)\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93\u0026amp;q=milestone%3A%22TypeScript+6.0.1%22\"\u003efixed issues query for TypeScript 6.0.1 (RC)\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93\u0026amp;q=milestone%3A%22TypeScript+6.0.2%22\"\u003efixed issues query for TypeScript 6.0.2 (Stable)\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDownloads are available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/typescript\"\u003enpm\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eTypeScript 6.0 Beta\u003c/h2\u003e\n\u003cp\u003eFor release notes, check out the \u003ca href=\"https://devblogs.microsoft.com/typescript/announcing-typescript-6-0-beta/\"\u003erelease announcement\u003c/a\u003e.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93\u0026amp;q=milestone%3A%22TypeScript+6.0.0%22+is%3Aclosed+\"\u003efixed issues query for Typescript 6.0.0 (Beta)\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDownloads are available on:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/typescript\"\u003enpm\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/TypeScript/commit/050880ce59e30b356b686bd3144efe24f875ebc8\"\u003e\u003ccode\u003e050880c\u003c/code\u003e\u003c/a\u003e Bump version to 6.0.3 and LKG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/TypeScript/commit/eeae9dd0f17aa494658e4ec079dc002e02dd625e\"\u003e\u003ccode\u003eeeae9dd\u003c/code\u003e\u003c/a\u003e 🤖 Pick PR \u003ca href=\"https://redirect.github.com/microsoft/TypeScript/issues/63401\"\u003e#63401\u003c/a\u003e (Also check package name validity in...) into release-6.0 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/TypeScript/commit/ad1c695fada682764bb510dd680e8f175ae54094\"\u003e\u003ccode\u003ead1c695\u003c/code\u003e\u003c/a\u003e 🤖 Pick PR \u003ca href=\"https://redirect.github.com/microsoft/TypeScript/issues/63368\"\u003e#63368\u003c/a\u003e (Harden ATA package name filtering) into release-6.0 (\u003ca href=\"https://redirect.github.com/microsoft/TypeScript/issues/63372\"\u003e#63372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/TypeScript/commit/0725fb4664a1d5ec94040b6d94db77dc1cc354e4\"\u003e\u003ccode\u003e0725fb4\u003c/code\u003e\u003c/a\u003e 🤖 Pick PR \u003ca href=\"https://redirect.github.com/microsoft/TypeScript/issues/63310\"\u003e#63310\u003c/a\u003e (Mark class property initializers as...) into release-6.0 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/TypeScript/commit/607a22a90d1a5a1b507ce01bb8cd7ec020f954e7\"\u003e\u003ccode\u003e607a22a\u003c/code\u003e\u003c/a\u003e Bump version to 6.0.2 and LKG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/TypeScript/commit/9e72ab71b575e26795d0d9eac3d2d9957beed17c\"\u003e\u003ccode\u003e9e72ab7\u003c/code\u003e\u003c/a\u003e 🤖 Pick PR \u003ca href=\"https://redirect.github.com/microsoft/TypeScript/issues/63239\"\u003e#63239\u003c/a\u003e (Fix missing lib files in reused pro...) into release-6.0 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/TypeScript/commit/35ff23d4b0cc715691323ebe54f523c16fe6e3a5\"\u003e\u003ccode\u003e35ff23d\u003c/code\u003e\u003c/a\u003e 🤖 Pick PR \u003ca href=\"https://redirect.github.com/microsoft/TypeScript/issues/63163\"\u003e#63163\u003c/a\u003e (Port anyFunctionType subtype fix an...) into release-6.0 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/TypeScript/commit/e175b69138038953d4e85bf6529afe88d56d8fbe\"\u003e\u003ccode\u003ee175b69\u003c/code\u003e\u003c/a\u003e Bump version to 6.0.1-rc and LKG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/TypeScript/commit/af4caac0e91e838c46b3fdc1c9afacad68800f89\"\u003e\u003ccode\u003eaf4caac\u003c/code\u003e\u003c/a\u003e Update LKG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/TypeScript/commit/8efd7e8544d8b35c9b33bca44a3124aa2613bf09\"\u003e\u003ccode\u003e8efd7e8\u003c/code\u003e\u003c/a\u003e Merge remote-tracking branch 'origin/main' into release-6.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/TypeScript/compare/v5.9.3...v6.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react` from 19.2.4 to 19.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/releases\"\u003ereact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.6 (May 6th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eType hardening and performance improvements\n(\u003ca href=\"https://redirect.github.com/facebook/react/pull/36425\"\u003e#36425\u003c/a\u003e by \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.5 (April 8th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd more cycle protections (\u003ca href=\"https://redirect.github.com/facebook/react/pull/36236\"\u003e#36236\u003c/a\u003e by \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/eaf3e95ca92be7a23d3c9cc8ffd6f199a40be401\"\u003e\u003ccode\u003eeaf3e95\u003c/code\u003e\u003c/a\u003e Version 19.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/23f4f9f30da9e9af2108c18bb197bae75ab584ea\"\u003e\u003ccode\u003e23f4f9f\u003c/code\u003e\u003c/a\u003e 19.2.5\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/facebook/react/commits/v19.2.6/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-dom` from 19.2.4 to 19.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/releases\"\u003ereact-dom's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.6 (May 6th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eType hardening and performance improvements\n(\u003ca href=\"https://redirect.github.com/facebook/react/pull/36425\"\u003e#36425\u003c/a\u003e by \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.5 (April 8th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd more cycle protections (\u003ca href=\"https://redirect.github.com/facebook/react/pull/36236\"\u003e#36236\u003c/a\u003e by \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/eaf3e95ca92be7a23d3c9cc8ffd6f199a40be401\"\u003e\u003ccode\u003eeaf3e95\u003c/code\u003e\u003c/a\u003e Version 19.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/23f4f9f30da9e9af2108c18bb197bae75ab584ea\"\u003e\u003ccode\u003e23f4f9f\u003c/code\u003e\u003c/a\u003e 19.2.5\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/facebook/react/commits/v19.2.6/packages/react-dom\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@vitejs/plugin-react` from 6.0.1 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite-plugin-react/releases\"\u003e@​vitejs/plugin-react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eplugin-react@6.0.2\u003c/h2\u003e\n\u003ch3\u003eAllow all options in reactCompilerPreset (\u003ca href=\"https://redirect.github.com/vitejs/vite-plugin-react/pull/1189\"\u003e#1189\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003eThis is a type only change. Only \u003ccode\u003ecompilationMode\u003c/code\u003e and \u003ccode\u003etarget\u003c/code\u003e options were available for \u003ccode\u003ereactCompilerPreset\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md\"\u003e@​vitejs/plugin-react's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.0.2 (2026-05-14)\u003c/h2\u003e\n\u003ch3\u003eAllow all options in reactCompilerPreset (\u003ca href=\"https://redirect.github.com/vitejs/vite-plugin-react/pull/1189\"\u003e#1189\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003eThis is a type only change. Only \u003ccode\u003ecompilationMode\u003c/code\u003e and \u003ccode\u003etarget\u003c/code\u003e options were available for \u003ccode\u003ereactCompilerPreset\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/6535b55e956b425e6650ffc2cc98fd23cca1d231\"\u003e\u003ccode\u003e6535b55\u003c/code\u003e\u003c/a\u003e release: plugin-react@6.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/bf0e43b756e3be81f8572d59727c218311f431ef\"\u003e\u003ccode\u003ebf0e43b\u003c/code\u003e\u003c/a\u003e feat(react): whitelist debugging-options (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1189\"\u003e#1189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/3bd1f08ae0b82ee0e96feb2ff265e61c6fe74b54\"\u003e\u003ccode\u003e3bd1f08\u003c/code\u003e\u003c/a\u003e feat: use carets for rolldown versions (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1216\"\u003e#1216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/2b8df67323265d1ff5ddf47b2db9ab0b9de5c688\"\u003e\u003ccode\u003e2b8df67\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1218\"\u003e#1218\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/8fa9619e1b1f51b079f4c1df6b...\n\n_Description has been truncated_","html_url":"https://github.com/macel94/ip-geo-analytics/pull/98","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/macel94%2Fip-geo-analytics/issues/98","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/98/packages"}},{"old_version":"8.2.0","new_version":"9.1.3","update_type":"major","path":null,"pr_created_at":"2026-05-11T10:47:07.000Z","version_change":"8.2.0 → 9.1.3","issue":{"uuid":"4420153633","node_id":"PR_kwDOSZ_ZV87aNomo","number":15,"state":"open","title":"chore: bump @fastify/static from 8.2.0 to 9.1.3","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-11T10:47:07.000Z","updated_at":"2026-05-11T10:47:08.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore","packages":[{"name":"@fastify/static","old_version":"8.2.0","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"}],"path":null,"ecosystem":"npm"},"body":"Bumps [@fastify/static](https://github.com/fastify/fastify-static) from 8.2.0 to 9.1.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: support wildcard prefixes with route params by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/576\"\u003efastify/fastify-static#576\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: resolve wildcard paths in encapsulated contexts by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/574\"\u003efastify/fastify-static#574\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6410 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\u003c/a\u003e.\nThis fixes CVE CVE-2026-6414 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/570\"\u003efastify/fastify-static#570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/552\"\u003efastify/fastify-static#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move ignoreTrailingSlash under routerOptions by \u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/543\"\u003efastify/fastify-static#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump pino and borp dependencies, delete stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update syntax typescript by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/558\"\u003efastify/fastify-static#558\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/560\"\u003efastify/fastify-static#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: sendFile ignoring option overrides in some cases by \u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade c8 to v11.0.0 and improvements test by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/564\"\u003efastify/fastify-static#564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/566\"\u003efastify/fastify-static#566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump content-disposition from 0.5.4 to 1.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/547\"\u003efastify/fastify-static#547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate glob@13 by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/550\"\u003efastify/fastify-static#550\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/880c1a6c9118c7ff7c74a5727e5697237183d5cf\"\u003e\u003ccode\u003e880c1a6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/7f92da5bf2366ccd2e0082e77d5222a7cb47d152\"\u003e\u003ccode\u003e7f92da5\u003c/code\u003e\u003c/a\u003e fix: support wildcard prefixes with route params (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/b0a66d5270a1ee1535e0c786d9beac2c7c7619c6\"\u003e\u003ccode\u003eb0a66d5\u003c/code\u003e\u003c/a\u003e Bumped v9.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/32af86372ab45d3799408d5b56fc7f7d3003e5de\"\u003e\u003ccode\u003e32af863\u003c/code\u003e\u003c/a\u003e fix: resolve wildcard paths in encapsulated contexts (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/48b136f5d8da0efea328f49f6202ab3edabf608b\"\u003e\u003ccode\u003e48b136f\u003c/code\u003e\u003c/a\u003e Bumped v9.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/cc7b7f7e00a5f028599ba17392b831afd0c651aa\"\u003e\u003ccode\u003ecc7b7f7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/9921faa7ffe4931f4bbd2d1a8b6d90e720081856\"\u003e\u003ccode\u003e9921faa\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/4183d2d8dd52b11c27f7adc22abb8d2531ad4a02\"\u003e\u003ccode\u003e4183d2d\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/a3a8cd6c7a5b0937d7ad939564991c284f09754a\"\u003e\u003ccode\u003ea3a8cd6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/8423c80016917b40a3e42c38fd55070a89d1b9b8\"\u003e\u003ccode\u003e8423c80\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.2.0...v9.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@fastify/static\u0026package-manager=npm_and_yarn\u0026previous-version=8.2.0\u0026new-version=9.1.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/can4hou6joeng4/mall-saas/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/can4hou6joeng4%2Fmall-saas/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"}},{"old_version":"9.0.0","new_version":"9.1.1","update_type":"minor","path":null,"pr_created_at":"2026-05-08T21:09:45.000Z","version_change":"9.0.0 → 9.1.1","issue":{"uuid":"4409416824","node_id":"PR_kwDOQPGo0c7ZsC7w","number":2,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 8 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-09T03:36:40.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-08T21:09:45.000Z","updated_at":"2026-05-09T03:36:42.000Z","time_to_close":23215,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":8,"packages":[{"name":"vite","old_version":"7.3.1","new_version":"7.3.2","repository_url":"https://github.com/vitejs/vite"},{"name":"fast-xml-parser","old_version":"5.5.7","new_version":"5.7.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"drizzle-orm","old_version":"0.42.0","new_version":"0.45.2","repository_url":"https://github.com/drizzle-team/drizzle-orm"},{"name":"postcss","old_version":"8.5.8","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"@fastify/middie","old_version":"9.1.0","new_version":"9.3.2","repository_url":"https://github.com/fastify/middie"},{"name":"@fastify/static","old_version":"9.0.0","new_version":"9.1.1","repository_url":"https://github.com/fastify/fastify-static"},{"name":"fastify","old_version":"5.8.3","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `7.3.1` | `7.3.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.5.7` | `5.7.0` |\n| [drizzle-orm](https://github.com/drizzle-team/drizzle-orm) | `0.42.0` | `0.45.2` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.8` | `8.5.10` |\n| [@fastify/middie](https://github.com/fastify/middie) | `9.1.0` | `9.3.2` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `9.0.0` | `9.1.1` |\n| [fastify](https://github.com/fastify/fastify) | `5.8.3` | `5.8.5` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/db directory: [drizzle-orm](https://github.com/drizzle-team/drizzle-orm).\n\nUpdates `vite` from 7.3.1 to 7.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.1...v7.3.2\"\u003e7.3.2\u003c/a\u003e (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e09d8c90\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebackport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22162\"\u003e#22162\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e19db0f2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echeck \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22160\"\u003e#22160\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003ef8103cc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cc383e07b66d4c5a9768fcb570e0af812cb8d999\"\u003e\u003ccode\u003ecc383e0\u003c/code\u003e\u003c/a\u003e release: v7.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e\u003ccode\u003e09d8c90\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003e\u003ccode\u003ef8103cc\u003c/code\u003e\u003c/a\u003e fix: check \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22160\"\u003e#22160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e\u003ccode\u003e19db0f2\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22162\"\u003e#22162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vitejs/vite/commits/v7.3.2/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 5.5.7 to 5.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003euse \u003ccode\u003e@​nodable/entities\u003c/code\u003e to replace entities\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo API change\u003c/li\u003e\n\u003cli\u003eNo change in performance for basic usage\u003c/li\u003e\n\u003cli\u003eNo typing change\u003c/li\u003e\n\u003cli\u003eNo config change\u003c/li\u003e\n\u003cli\u003enew dependency\u003c/li\u003e\n\u003cli\u003ebreaking: error messages for entities might have been changed.\u003c/li\u003e\n\u003cli\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.12...v5.6.0\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.12...v5.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eperformance improvment, increase entity expansion default limit\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eincrease default entity explansion limit as many projects demand for that\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre\u003e\u003ccode\u003emaxEntitySize: 10000,\r\nmaxExpansionDepth: 10000,\r\nmaxTotalExpansions: Infinity,\r\nmaxExpandedLength: 100000,\r\nmaxEntityCount: 1000,\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cul\u003e\n\u003cli\u003eperformance improvement\n\u003cul\u003e\n\u003cli\u003ereduce calls to toString\u003c/li\u003e\n\u003cli\u003eearly return when entities are not present\u003c/li\u003e\n\u003cli\u003eprepare rawAttrsForMatcher only if user sets \u003ccode\u003ejPath: false\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.9...v5.5.10\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.9...v5.5.10\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003efix typins and matcher instance in callbacks\u003c/h2\u003e\n\u003cp\u003ecombine typings file to avoid configuration changes\npass readonly instance of matcher to the call backs to avoid accidental push/pop call\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003efast-xml-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003eNote: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003cp\u003eNote: Due to some last quick changes on v4, detail of v4.5.3 \u0026amp; v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.3 / 2006-05-05\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: alwaysCreateTextNode should create text node when attributes are present for self closing node\u003c/li\u003e\n\u003cli\u003efix stop node expression when ns prefix is removed (found by \u003ca href=\"https://github.com/iruizsalinas\"\u003eiruizsalinas\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate XML Builder to 1.1.7\u003c/li\u003e\n\u003cli\u003emark addEntity deprecated\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.2 / 2026-04-25\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eallow numerical external entity for backward compatibility\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/705\"\u003e#705\u003c/a\u003e: attributesGroupName working with preserveOrder\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/817\"\u003e#817\u003c/a\u003e: stackoverflow when tag expression is very long\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.1 / 2026-04-20\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix typo in CJS typing file\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.0 / 2026-04-17\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse \u003ccode\u003e@nodable/entities\u003c/code\u003e v2.1.0\n\u003cul\u003e\n\u003cli\u003ebreaking changes\n\u003cul\u003e\n\u003cli\u003esingle entity scan. You're not allowed to user entity value to form another entity name.\u003c/li\u003e\n\u003cli\u003eyou cant add numeric external entity\u003c/li\u003e\n\u003cli\u003eentity error message when expantion limit is crossed might change\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003etypings are updated for new options related to process entity\u003c/li\u003e\n\u003cli\u003eplease follow documentation of \u003ccode\u003e@nodable/entities\u003c/code\u003e for more detail.\u003c/li\u003e\n\u003cli\u003eperformance\n\u003cul\u003e\n\u003cli\u003eif processEntities is false, then there should not be impact on performance.\u003c/li\u003e\n\u003cli\u003eif processEntities is true, but you dont pass entity decoder separately then performance may degrade by approx 8-10%\u003c/li\u003e\n\u003cli\u003eif processEntities is true, and you pass entity decoder separately\n\u003cul\u003e\n\u003cli\u003eif no entity then performance should be same as before\u003c/li\u003e\n\u003cli\u003eif there are entities then performance should be increased from past versions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eignoreAttributes is not required to be set to set xml version for NCR entity value\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eupdate 'fast-xml-builder' to sanitize malicious CDATA and comment's content\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.6.0 / 2026-04-15\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: entity replacement for numeric entities\u003c/li\u003e\n\u003cli\u003euse \u003ccode\u003e@​nodable/entities\u003c/code\u003e to replace entities\n\u003cul\u003e\n\u003cli\u003ethis may change some error messages related to entities expansion limit or inavlid use\u003c/li\u003e\n\u003cli\u003epost check would be exposed in future version\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.12 / 2026-04-13\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePerformance Improvement: update path-expression-matcher\n\u003cul\u003e\n\u003cli\u003euse proxy pattern than Proxy class\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.11 / 2026-04-08\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePerformance Improvement\n\u003cul\u003e\n\u003cli\u003eintegrate ExpressionSet for stopNodes\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f529642d760ef53bb9115ad4798af5dc77ac22c4\"\u003e\u003ccode\u003ef529642\u003c/code\u003e\u003c/a\u003e update to release v5.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/52a8583465d6a67ad19e86fe34714879a981c18e\"\u003e\u003ccode\u003e52a8583\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;improve performance of attributes reading\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/8d187f9abaf42ebdd85623a9ae942b08e8ae5d0c\"\u003e\u003ccode\u003e8d187f9\u003c/code\u003e\u003c/a\u003e update builder\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/e174168a72a65a8fccad2c42bde329d2167edf27\"\u003e\u003ccode\u003ee174168\u003c/code\u003e\u003c/a\u003e improve performance of attributes reading\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/79a8dde50cebaeeda75cc1ad5b97c328da106316\"\u003e\u003ccode\u003e79a8dde\u003c/code\u003e\u003c/a\u003e update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f5cd5a595f313ed7b0820cabfa82ebdaa08651f7\"\u003e\u003ccode\u003ef5cd5a5\u003c/code\u003e\u003c/a\u003e set xml version to decoder even if attributes are ignored\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f44b9236f4bee07bba75f0549fe86c981b1aeeef\"\u003e\u003ccode\u003ef44b923\u003c/code\u003e\u003c/a\u003e remove unwanted tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/869ec8b3588304a3a6aa9f22e38445e06d4547c8\"\u003e\u003ccode\u003e869ec8b\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003e@​nodable/entities\u003c/code\u003e v2.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/7cb49e51cd060caecf296fbf718a98d8c044c8c5\"\u003e\u003ccode\u003e7cb49e5\u003c/code\u003e\u003c/a\u003e update release detail\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/1b14fa7e2a957ea4eae7bbf144534737a19d4527\"\u003e\u003ccode\u003e1b14fa7\u003c/code\u003e\u003c/a\u003e include currency entities in default list\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.7...v5.7.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `drizzle-orm` from 0.42.0 to 0.45.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/drizzle-team/drizzle-orm/releases\"\u003edrizzle-orm's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.45.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003esql.identifier()\u003c/code\u003e, \u003ccode\u003esql.as()\u003c/code\u003e escaping issues. Previously all the values passed to this functions were not properly escaped\ncausing a possible SQL Injection (CWE-89) vulnerability\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/EthanKim88\"\u003e\u003ccode\u003e@​EthanKim88\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/0x90sh\"\u003e\u003ccode\u003e@​0x90sh\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/wgoodall01\"\u003e\u003ccode\u003e@​wgoodall01\u003c/code\u003e\u003c/a\u003e for reaching out to us with a reproduction and suggested fix\u003c/p\u003e\n\u003ch2\u003e0.45.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed pg-native Pool detection in node-postgres transactions breaking in environments with forbidden \u003ccode\u003erequire()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5107\"\u003e#5107\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.45.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed pg-native Pool detection in node-postgres transactions\u003c/li\u003e\n\u003cli\u003eAllowed subqueries in select fields\u003c/li\u003e\n\u003cli\u003eUpdated typo algorythm =\u0026gt; algorithm\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003e$onUpdate\u003c/code\u003e not handling \u003ccode\u003eSQL\u003c/code\u003e values (fixes \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/2388\"\u003e#2388\u003c/a\u003e, tests implemented by \u003ca href=\"https://github.com/L-Mario564\"\u003eL-Mario564\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/pull/2911\"\u003e#2911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003epg\u003c/code\u003e mappers not handling \u003ccode\u003eDate\u003c/code\u003e instances in \u003ccode\u003ebun-sql:postgresql\u003c/code\u003e driver responses for \u003ccode\u003edate\u003c/code\u003e, \u003ccode\u003etimestamp\u003c/code\u003e types (fixes \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/4493\"\u003e#4493\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix durable sqlite transaction return value \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/3746\"\u003e#3746\u003c/a\u003e - thanks \u003ca href=\"https://github.com/joaocstro\"\u003e\u003ccode\u003e@​joaocstro\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add $replicas reference \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/4874\"\u003e#4874\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed invalid usage of \u003ccode\u003e.one()\u003c/code\u003e in \u003ccode\u003edurable-sqlite\u003c/code\u003e session\u003c/li\u003e\n\u003cli\u003eFixed spread operator related crash in sqlite \u003ccode\u003eblob\u003c/code\u003e columns\u003c/li\u003e\n\u003cli\u003eBetter browser support for sqlite \u003ccode\u003eblob\u003c/code\u003e columns\u003c/li\u003e\n\u003cli\u003eImproved sqlite \u003ccode\u003eblob\u003c/code\u003e mapping\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix wrong DrizzleQueryError export. thanks \u003ca href=\"https://github.com/nathankleyn\"\u003e\u003ccode\u003e@​nathankleyn\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed types of \u003ccode\u003e$client\u003c/code\u003e for clients created by drizzle function\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003eawait db.$client.[...]\n\u003c/code\u003e\u003c/pre\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eupdated_at\u003c/code\u003e column to the \u003ccode\u003eneon_auth.users_sync\u003c/code\u003e table definition.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[BUG]: Fixed type issues with joins with certain variations of \u003ccode\u003etsconfig\u003c/code\u003e: \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/4535\"\u003e#4535\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/4457\"\u003e#4457\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/4586\"\u003e[BUG]: Drizzle can no longer run on Durable Objects\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.0\u003c/h2\u003e\n\u003ch2\u003eError handling\u003c/h2\u003e\n\u003cp\u003eStarting from this version, we’ve introduced a new \u003ccode\u003eDrizzleQueryError\u003c/code\u003e that wraps all errors from database drivers and provides a set of useful information:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/273c78071d4841b497f5144734b38294df7ec64b\"\u003e\u003ccode\u003e273c780\u003c/code\u003e\u003c/a\u003e + 0.45.2 (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5534\"\u003e#5534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/4aa6ecfee4b4728dadf6f77f071a149878a3c6c0\"\u003e\u003ccode\u003e4aa6ecf\u003c/code\u003e\u003c/a\u003e Kit updates (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5490\"\u003e#5490\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/e8e6edfef5ca69c6188d320388ad440265911057\"\u003e\u003ccode\u003ee8e6edf\u003c/code\u003e\u003c/a\u003e feat(drizzle-kit): support d1 via binding (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5302\"\u003e#5302\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/a086f59fba7f46f3a077893ba912c99e91eaa760\"\u003e\u003ccode\u003ea086f59\u003c/code\u003e\u003c/a\u003e Fixed pg-native Pool detection in node-postgres transactions breaking in envi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/c445637df39366bcf47b12601896ce851771c1c2\"\u003e\u003ccode\u003ec445637\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5095\"\u003e#5095\u003c/a\u003e from drizzle-team/main-workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/e7b3aaa26456b88cd23a7843ebc95b3bddde1ba4\"\u003e\u003ccode\u003ee7b3aaa\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into main-workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/0d885a54ddafd8717f8610cf3d2899f3eef61e65\"\u003e\u003ccode\u003e0d885a5\u003c/code\u003e\u003c/a\u003e refactor: Update condition for run-feature job to improve clarity and functio...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/45a1ffbcbfdd96772d0aba7d9e43744db2dce471\"\u003e\u003ccode\u003e45a1ffb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5087\"\u003e#5087\u003c/a\u003e from drizzle-team/main-workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/6357645bd33b1f444e1d081769dd4b71c3de31f8\"\u003e\u003ccode\u003e6357645\u003c/code\u003e\u003c/a\u003e chore: Comment out NEON_HTTP_CONNECTION_STRING requirement in release workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/53dec98a936f549d0cc2e668f19db3a2df842f51\"\u003e\u003ccode\u003e53dec98\u003c/code\u003e\u003c/a\u003e refactor: Simplify release router workflow by removing unnecessary switch job...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/drizzle-team/drizzle-orm/compare/0.42.0...0.45.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for drizzle-orm since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.5.8 to 8.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986\"\u003e\u003ccode\u003e33b9790\u003c/code\u003e\u003c/a\u003e Release 8.5.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b\"\u003e\u003ccode\u003e536c79e\u003c/code\u003e\u003c/a\u003e Escape \u0026lt;/style\u0026gt; in CSS output (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2074\"\u003e#2074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4\"\u003e\u003ccode\u003eafa96b2\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2073\"\u003e#2073\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d\"\u003e\u003ccode\u003eeffe88b\u003c/code\u003e\u003c/a\u003e Typo (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2072\"\u003e#2072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad\"\u003e\u003ccode\u003e3ee79a2\u003c/code\u003e\u003c/a\u003e Thread model (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01\"\u003e\u003ccode\u003e2e0683d\u003c/code\u003e\u003c/a\u003e Create incident response docs (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/fe88ac29c06b7b218be32994cdc6ca1525bdf2c9\"\u003e\u003ccode\u003efe88ac2\u003c/code\u003e\u003c/a\u003e Release 8.5.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/c551632496b87ab3f1965bfda5dc386b6c71963e\"\u003e\u003ccode\u003ec551632\u003c/code\u003e\u003c/a\u003e Avoid RegExp when we can use simple JS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/89a6b744060eb8dee743351c785a9fbe37d4525a\"\u003e\u003ccode\u003e89a6b74\u003c/code\u003e\u003c/a\u003e Move SECURITY.txt for docs folder to keep GitHub page cleaner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/6ceb8a46af9f9de821faee98f861bdf84617347b\"\u003e\u003ccode\u003e6ceb8a4\u003c/code\u003e\u003c/a\u003e Create SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.5.8...8.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fastify/middie` from 9.1.0 to 9.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/middie/releases\"\u003e@​fastify/middie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.3.2\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6270 \u003ca href=\"https://github.com/fastify/middie/security/advisories/GHSA-72c6-fx6q-fr5w\"\u003ehttps://github.com/fastify/middie/security/advisories/GHSA-72c6-fx6q-fr5w\u003c/a\u003e.\nThis fixes CVE CVE-2026-33804 \u003ca href=\"https://github.com/fastify/middie/security/advisories/GHSA-v9ww-2j6r-98q6\"\u003ehttps://github.com/fastify/middie/security/advisories/GHSA-v9ww-2j6r-98q6\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/middie/pull/256\"\u003efastify/middie#256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/middie/pull/258\"\u003efastify/middie#258\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/middie/pull/259\"\u003efastify/middie#259\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/middie/compare/v9.3.1...v9.3.2\"\u003ehttps://github.com/fastify/middie/compare/v9.3.1...v9.3.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: preserve percent-encoding in prefix stripping by \u003ca href=\"https://github.com/panva\"\u003e\u003ccode\u003e@​panva\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/middie/pull/255\"\u003efastify/middie#255\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/middie/compare/v9.3.0...v9.3.1\"\u003ehttps://github.com/fastify/middie/compare/v9.3.0...v9.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/middie/pull/250\"\u003efastify/middie#250\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: preserve query string when stripping path prefix by \u003ca href=\"https://github.com/panva\"\u003e\u003ccode\u003e@​panva\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/middie/pull/249\"\u003efastify/middie#249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump c8 from 10.1.3 to 11.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/middie/pull/253\"\u003efastify/middie#253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/panva\"\u003e\u003ccode\u003e@​panva\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/middie/pull/249\"\u003efastify/middie#249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/middie/compare/v9.2.0...v9.3.0\"\u003ehttps://github.com/fastify/middie/compare/v9.2.0...v9.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.2.0\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eFixes \u003ca href=\"https://github.com/fastify/middie/security/advisories/GHSA-8p85-9qpw-fwgw\"\u003ehttps://github.com/fastify/middie/security/advisories/GHSA-8p85-9qpw-fwgw\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: remove stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/middie/pull/247\"\u003efastify/middie#247\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/middie/pull/247\"\u003efastify/middie#247\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/middie/compare/v9.1.0...v9.2.0\"\u003ehttps://github.com/fastify/middie/compare/v9.1.0...v9.2.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/middie/commit/792d2f46ae68516d3122c9a4468a5748a34efb47\"\u003e\u003ccode\u003e792d2f4\u003c/code\u003e\u003c/a\u003e Bumped v9.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/middie/commit/ca42dd768f64d4fd7cc827a4c415fec546a2c8bb\"\u003e\u003ccode\u003eca42dd7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/middie/commit/29162c8e3074baaebdf40ca43b4c91c384713eb4\"\u003e\u003ccode\u003e29162c8\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/middie/commit/33c75539a4626e3943c1c86fe378d7c8c4a39790\"\u003e\u003ccode\u003e33c7553\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/middie/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/middie/commit/caf538bb68daa236c34d4709db6ee0dc99943c45\"\u003e\u003ccode\u003ecaf538b\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (\u003ca href=\"https://redirect.github.com/fastify/middie/issues/258\"\u003e#258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/middie/commit/57dd100de57aacea3264f7271ce917f4ad69460a\"\u003e\u003ccode\u003e57dd100\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/middie/issues/256\"\u003e#256\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/middie/commit/fb129379ce05dc0f5400f43c22f178a8b9b09214\"\u003e\u003ccode\u003efb12937\u003c/code\u003e\u003c/a\u003e Bumped v9.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/middie/commit/24aa8d3009e5dd9bdf252e90f23ff89c48748fef\"\u003e\u003ccode\u003e24aa8d3\u003c/code\u003e\u003c/a\u003e fix: preserve percent-encoding in prefix stripping (\u003ca href=\"https://redirect.github.com/fastify/middie/issues/255\"\u003e#255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/middie/commit/f57b37f05b193e504574449a74335aef8f319237\"\u003e\u003ccode\u003ef57b37f\u003c/code\u003e\u003c/a\u003e Bumped v9.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/middie/commit/5b47608efabacfc7e74ac4ec9f0f0f8e1b897ba1\"\u003e\u003ccode\u003e5b47608\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump c8 from 10.1.3 to 11.0.0 (\u003ca href=\"https://redirect.github.com/fastify/middie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/middie/compare/v9.1.0...v9.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fastify/static` from 9.0.0 to 9.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6410 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\u003c/a\u003e.\nThis fixes CVE CVE-2026-6414 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/570\"\u003efastify/fastify-static#570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/552\"\u003efastify/fastify-static#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move ignoreTrailingSlash under routerOptions by \u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/543\"\u003efastify/fastify-static#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump pino and borp dependencies, delete stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update syntax typescript by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/558\"\u003efastify/fastify-static#558\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/560\"\u003efastify/fastify-static#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: sendFile ignoring option overrides in some cases by \u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade c8 to v11.0.0 and improvements test by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/564\"\u003efastify/fastify-static#564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/566\"\u003efastify/fastify-static#566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/48b136f5d8da0efea328f49f6202ab3edabf608b\"\u003e\u003ccode\u003e48b136f\u003c/code\u003e\u003c/a\u003e Bumped v9.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/cc7b7f7e00a5f028599ba17392b831afd0c651aa\"\u003e\u003ccode\u003ecc7b7f7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/9921faa7ffe4931f4bbd2d1a8b6d90e720081856\"\u003e\u003ccode\u003e9921faa\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/4183d2d8dd52b11c27f7adc22abb8d2531ad4a02\"\u003e\u003ccode\u003e4183d2d\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/a3a8cd6c7a5b0937d7ad939564991c284f09754a\"\u003e\u003ccode\u003ea3a8cd6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/8423c80016917b40a3e42c38fd55070a89d1b9b8\"\u003e\u003ccode\u003e8423c80\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/475dce148995ac754a8cb344bad63c8cbd6517d2\"\u003e\u003ccode\u003e475dce1\u003c/code\u003e\u003c/a\u003e chore: upgrade c8 to v11.0.0 and improvements test (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/3ff0f39b94da96f42a88ed57c554abc8381806c3\"\u003e\u003ccode\u003e3ff0f39\u003c/code\u003e\u003c/a\u003e fix: sendFile ignoring option overrides in some cases (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/559\"\u003e#559\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/663baa7da61ff69115995baf59efba6396d814a8\"\u003e\u003ccode\u003e663baa7\u003c/code\u003e\u003c/a\u003e chore(license): standardise license notice (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/560\"\u003e#560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/51bb66e88667850ff5e8f4e9a27ebbf8c5b7bbad\"\u003e\u003ccode\u003e51bb66e\u003c/code\u003e\u003c/a\u003e chore: update syntax typescript (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.8.3 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3983cce8124714242099e8756a7a9a80a0ba0aea\"\u003e\u003ccode\u003e3983cce\u003c/code\u003e\u003c/a\u003e Bumped v5.8.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3ce3ae6752dbed672759856081af9cb1e2733105\"\u003e\u003ccode\u003e3ce3ae6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/b06a196b694c0c7aed53976cd77456f1ad7d4c9f\"\u003e\u003ccode\u003eb06a196\u003c/code\u003e\u003c/a\u003e docs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6610\"\u003e#6610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/909c5d5329536b0acc004da7649b3da8af9273b2\"\u003e\u003ccode\u003e909c5d5\u003c/code\u003e\u003c/a\u003e chore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6630\"\u003e#6630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/4db21a36ddb588acaebf5a4472ccb3b0d5fc9db0\"\u003e\u003ccode\u003e4db21a3\u003c/code\u003e\u003c/a\u003e chore: Bump borp from 0.21.0 to 1.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6633\"\u003e#6633\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/0f4e544c8acd7c42df347936e613a73cecc4f3fe\"\u003e\u003ccode\u003e0f4e544\u003c/code\u003e\u003c/a\u003e chore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6632\"\u003e#6632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/33a2fcd39de584713495bf4b3bd864137746f224\"\u003e\u003ccode\u003e33a2fcd\u003c/code\u003e\u003c/a\u003e chore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6629\"\u003e#6629\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/fd35d829a8cd496a3c1170c0c1c021130e3ca0e8\"\u003e\u003ccode\u003efd35d82\u003c/code\u003e\u003c/a\u003e ci: reduce cron schedules from daily/weekly to monthly (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6623\"\u003e#6623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/8dee9be05ebf683cd212aeff1d294f6ea1ec405c\"\u003e\u003ccode\u003e8dee9be\u003c/code\u003e\u003c/a\u003e fix: restore trustProxy function for number and string types, add null check ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/d457aeda8611777389c7e4713a288eb7ddb9a389\"\u003e\u003ccode\u003ed457aed\u003c/code\u003e\u003c/a\u003e chore: upgrade to typescript v6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6605\"\u003e#6605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.3...v5.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-builder` from 1.1.4 to 1.1.8\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/blob/main/CHANGELOG.md\"\u003efast-xml-builder's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003cstrong\u003e1.2.0\u003c/strong\u003e (2026-05-08)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003esanitizeName\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eSupport xml-naming for validating and sanitizing tag and attribute names\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.9\u003c/strong\u003e (2026-05-06)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: format output for preserve order when indent by is set to empty string\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.8\u003c/strong\u003e (2026-05-05)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: skip text property for PI tags\u003c/li\u003e\n\u003cli\u003eimprove typings\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.7\u003c/strong\u003e (2026--05-04)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix security issues when attribute value contains quotes\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.6\u003c/strong\u003e (2026--05-04)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix security issues related to comment\u003c/li\u003e\n\u003cli\u003eskip comment with null value\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.5\u003c/strong\u003e (2026-04-17)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix security issues related to comment and cdata\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.4\u003c/strong\u003e (2026-03-16)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esupport maxNestedTags option\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.3\u003c/strong\u003e (2026-03-13)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003edeclare Matcher \u0026amp; Expression as unknown so user is not forced to install path-expression-matcher\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.2\u003c/strong\u003e (2026-03-11)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix typings\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.1\u003c/strong\u003e (2026-03-11)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade path-expression-matcher to 1.1.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.0\u003c/strong\u003e (2026-03-10)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntegrate \u003ca href=\"https://github.com/NaturalIntelligence/path-expression-matcher\"\u003epath-expression-matcher\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/15d5668b53777400c8d80b6e21029c1a70888c78\"\u003e\u003ccode\u003e15d5668\u003c/code\u003e\u003c/a\u003e update for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/98774853a696a1aee4dca830dd3eee2759676bd2\"\u003e\u003ccode\u003e9877485\u003c/code\u003e\u003c/a\u003e fix: skip text property for PI tags\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/311a2213a817cf31558bea7c0e0807b0d4441814\"\u003e\u003ccode\u003e311a221\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-builder/issues/5\"\u003e#5\u003c/a\u003e typing import issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/e8fc5b15d9d54b559781961f066de82a55aabcdd\"\u003e\u003ccode\u003ee8fc5b1\u003c/code\u003e\u003c/a\u003e update for releast\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/fddfaf31a1cb25958ca2f573057fb14c9451fad7\"\u003e\u003ccode\u003efddfaf3\u003c/code\u003e\u003c/a\u003e escape quotes in attribute value\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/b74fb4c4037345262fddb44bf28c88395d08ff84\"\u003e\u003ccode\u003eb74fb4c\u003c/code\u003e\u003c/a\u003e update for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/e1ea778d89dada90fe322d4d1c24a3915bf91014\"\u003e\u003ccode\u003ee1ea778\u003c/code\u003e\u003c/a\u003e fix security issue when comment val can have 3 consecutive dashes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/5342696bfc93f93eb4df813fe3787edd86db96e1\"\u003e\u003ccode\u003e5342696\u003c/code\u003e\u003c/a\u003e update version to release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/2dda5746d07068a05228c4c165676e6852167a7c\"\u003e\u003ccode\u003e2dda574\u003c/code\u003e\u003c/a\u003e safely handle cdata and comment content\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/compare/v1.1.4...v1.1.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `drizzle-orm` from 0.42.0 to 0.45.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/drizzle-team/drizzle-orm/releases\"\u003edrizzle-orm's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.45.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003esql.identifier()\u003c/code\u003e, \u003ccode\u003esql.as()\u003c/code\u003e escaping issues. Previously all the values passed to this functions were not properly escaped\ncausing a possible SQL Injection (CWE-89) vulnerability\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/EthanKim88\"\u003e\u003ccode\u003e@​EthanKim88\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/0x90sh\"\u003e\u003ccode\u003e@​0x90sh\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/wgoodall01\"\u003e\u003ccode\u003e@​wgoodall01\u003c/code\u003e\u003c/a\u003e for reaching out to us with a reproduction and suggested fix\u003c/p\u003e\n\u003ch2\u003e0.45.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed pg-native Pool detection in node-postgres transactions breaking in environments with forbidden \u003ccode\u003erequire()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5107\"\u003e#5107\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.45.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed pg-native Pool detection in node-postgres transactions\u003c/li\u003e\n\u003cli\u003eAllowed subqueries in select fields\u003c/li\u003e\n\u003cli\u003eUpdated typo algorythm =\u0026gt; algorithm\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003e$onUpdate\u003c/code\u003e not handling \u003ccode\u003eSQL\u003c/code\u003e values (fixes \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/2388\"\u003e#2388\u003c/a\u003e, tests implemented by \u003ca href=\"https://github.com/L-Mario564\"\u003eL-Mario564\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/pull/2911\"\u003e#2911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003epg\u003c/code\u003e mappers not handling \u003ccode\u003eDate\u003c/code\u003e instances in \u003ccode\u003ebun-sql:postgresql\u003c/code\u003e driver responses for \u003ccode\u003edate\u003c/code\u003e, \u003ccode\u003etimestamp\u003c/code\u003e types (fixes \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/4493\"\u003e#4493\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix durable sqlite transaction return value \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/3746\"\u003e#3746\u003c/a\u003e - thanks \u003ca href=\"https://github.com/joaocstro\"\u003e\u003ccode\u003e@​joaocstro\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add $replicas reference \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/4874\"\u003e#4874\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed invalid usage of \u003ccode\u003e.one()\u003c/code\u003e in \u003ccode\u003edurable-sqlite\u003c/code\u003e session\u003c/li\u003e\n\u003cli\u003eFixed spread operator related crash in sqlite \u003ccode\u003eblob\u003c/code\u003e columns\u003c/li\u003e\n\u003cli\u003eBetter browser support for sqlite \u003ccode\u003eblob\u003c/code\u003e columns\u003c/li\u003e\n\u003cli\u003eImproved sqlite \u003ccode\u003eblob\u003c/code\u003e mapping\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix wrong DrizzleQueryError export. thanks \u003ca href=\"https://github.com/nathankleyn\"\u003e\u003ccode\u003e@​nathankleyn\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed types of \u003ccode\u003e$client\u003c/code\u003e for clients created by drizzle function\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003eawait db.$client.[...]\n\u003c/code\u003e\u003c/pre\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eupdated_at\u003c/code\u003e column to the \u003ccode\u003eneon_auth.users_sync\u003c/code\u003e table definition.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[BUG]: Fixed type issues with joins with certain variations of \u003ccode\u003etsconfig\u003c/code\u003e: \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/4535\"\u003e#4535\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/4457\"\u003e#4457\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/4586\"\u003e[BUG]: Drizzle can no longer run on Durable Objects\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.44.0\u003c/h2\u003e\n\u003ch2\u003eError handling\u003c/h2\u003e\n\u003cp\u003eStarting from this version, we’ve introduced a new \u003ccode\u003eDrizzleQueryError\u003c/code\u003e that wraps all errors from database drivers and provides a set of useful information:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/273c78071d4841b497f5144734b38294df7ec64b\"\u003e\u003ccode\u003e273c780\u003c/code\u003e\u003c/a\u003e + 0.45.2 (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5534\"\u003e#5534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/4aa6ecfee4b4728dadf6f77f071a149878a3c6c0\"\u003e\u003ccode\u003e4aa6ecf\u003c/code\u003e\u003c/a\u003e Kit updates (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5490\"\u003e#5490\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/e8e6edfef5ca69c6188d320388ad440265911057\"\u003e\u003ccode\u003ee8e6edf\u003c/code\u003e\u003c/a\u003e feat(drizzle-kit): support d1 via binding (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5302\"\u003e#5302\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/a086f59fba7f46f3a077893ba912c99e91eaa760\"\u003e\u003ccode\u003ea086f59\u003c/code\u003e\u003c/a\u003e Fixed pg-native Pool detection in node-postgres transactions breaking in envi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/c445637df39366bcf47b12601896ce851771c1c2\"\u003e\u003ccode\u003ec445637\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5095\"\u003e#5095\u003c/a\u003e from drizzle-team/main-workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/e7b3aaa26456b88cd23a7843ebc95b3bddde1ba4\"\u003e\u003ccode\u003ee7b3aaa\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into main-workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/0d885a54ddafd8717f8610cf3d2899f3eef61e65\"\u003e\u003ccode\u003e0d885a5\u003c/code\u003e\u003c/a\u003e refactor: Update condition for run-feature job to improve clarity and functio...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/45a1ffbcbfdd96772d0aba7d9e43744db2dce471\"\u003e\u003ccode\u003e45a1ffb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5087\"\u003e#5087\u003c/a\u003e from drizzle-team/main-workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/6357645bd33b1f444e1d081769dd4b71c3de31f8\"\u003e\u003ccode\u003e6357645\u003c/code\u003e\u003c/a\u003e chore: Comment out NEON_HTTP_CONNECTION_STRING requirement in release workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/53dec98a936f549d0cc2e668f19db3a2df842f51\"\u003e\u003ccode\u003e53dec98\u003c/code\u003e\u003c/a\u003e refactor: Simplify release router workflow by removing unnecessary switch job...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/drizzle-team/drizzle-orm/compare/0.42.0...0.45.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for drizzle-orm since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/jrin0340-420/astroglider/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/jrin0340-420/astroglider/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/jrin0340-420%2Fastroglider/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"8.1.0","new_version":"9.1.1","update_type":"major","path":null,"pr_created_at":"2026-05-08T05:43:25.000Z","version_change":"8.1.0 → 9.1.1","issue":{"uuid":"4404069769","node_id":"PR_kwDORSKvL87ZaSlN","number":24,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 27 directories with 13 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-08T05:43:33.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-08T05:43:25.000Z","updated_at":"2026-05-08T05:43:36.000Z","time_to_close":8,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":13,"packages":[{"name":"@fastify/http-proxy","old_version":"11.3.0","new_version":"11.4.4","repository_url":"https://github.com/fastify/fastify-http-proxy"},{"name":"axios","old_version":"1.13.5","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"fast-xml-parser","old_version":"5.3.7","new_version":"5.7.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"fastify","old_version":"5.7.3","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"},{"name":"i18next-http-backend","old_version":"2.5.2","new_version":"3.0.5","repository_url":"https://github.com/i18next/i18next-http-backend"},{"name":"nodemailer","old_version":"7.0.11","new_version":"8.0.5","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"vite","old_version":"6.4.1","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"mammoth","old_version":"1.8.0","new_version":"1.11.0","repository_url":"https://github.com/mwilliamson/mammoth.js"},{"name":"@fastify/static","old_version":"8.1.0","new_version":"9.1.1","repository_url":"https://github.com/fastify/fastify-static"},{"name":"systeminformation","old_version":"5.25.11","new_version":"5.30.8","repository_url":"https://github.com/sebhildebrandt/systeminformation"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.3.1","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"ajv","old_version":"8.12.0","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"lodash","old_version":"4.17.23","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/http-proxy](https://github.com/fastify/fastify-http-proxy) | `11.3.0` | `11.4.4` |\n| [axios](https://github.com/axios/axios) | `1.13.5` | `1.15.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.3.7` | `5.7.0` |\n| [fastify](https://github.com/fastify/fastify) | `5.7.3` | `5.8.5` |\n| [i18next-http-backend](https://github.com/i18next/i18next-http-backend) | `2.5.2` | `3.0.5` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `7.0.11` | `8.0.5` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.4.1` | `6.4.2` |\n| [mammoth](https://github.com/mwilliamson/mammoth.js) | `1.8.0` | `1.11.0` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.1.0` | `9.1.1` |\n| [systeminformation](https://github.com/sebhildebrandt/systeminformation) | `5.25.11` | `5.30.8` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.3.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.12.0` | `8.18.0` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/cli directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/common directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/ai directory: [ajv](https://github.com/ajv-validator/ajv).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/campaign-monitor directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/crisp directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/docusign directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/firecrawl directory: [ajv](https://github.com/ajv-validator/ajv).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/github directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/gmail directory: [nodemailer](https://github.com/nodemailer/nodemailer).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/google-sheets directory: [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/help-scout directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/http-oauth2 directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/kizeo-forms directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/pastebin directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/rss directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/salesforce directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/sendgrid directory: [nodemailer](https://github.com/nodemailer/nodemailer).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/vtex directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/youtube directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/graphql directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/http directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/sftp directory: [basic-ftp](https://github.com/patrickjuchli/basic-ftp).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/smtp directory: [nodemailer](https://github.com/nodemailer/nodemailer).\nBumps the npm_and_yarn group with 6 updates in the /packages/server/api directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/http-proxy](https://github.com/fastify/fastify-http-proxy) | `11.3.0` | `11.4.4` |\n| [axios](https://github.com/axios/axios) | `1.13.5` | `1.15.2` |\n| [fastify](https://github.com/fastify/fastify) | `5.7.3` | `5.8.5` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `7.0.11` | `8.0.5` |\n| [mammoth](https://github.com/mwilliamson/mammoth.js) | `1.8.0` | `1.11.0` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.1.0` | `9.1.1` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/server/utils directory: [systeminformation](https://github.com/sebhildebrandt/systeminformation).\nBumps the npm_and_yarn group with 2 updates in the /packages/web directory: [axios](https://github.com/axios/axios) and [i18next-http-backend](https://github.com/i18next/i18next-http-backend).\n\nUpdates `@fastify/http-proxy` from 11.3.0 to 11.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-http-proxy/releases\"\u003e@​fastify/http-proxy's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev11.4.4\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33805 \u003ca href=\"https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37\"\u003ehttps://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: remove fast-proxy dependency by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/453\"\u003efastify/fastify-http-proxy#453\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/454\"\u003efastify/fastify-http-proxy#454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump pino-test from 1.1.0 to 2.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/456\"\u003efastify/fastify-http-proxy#456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 5.9.3 to 6.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/455\"\u003efastify/fastify-http-proxy#455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/457\"\u003efastify/fastify-http-proxy#457\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/459\"\u003efastify/fastify-http-proxy#459\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.3...v11.4.4\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.3...v11.4.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Only replace the prefix at the beginning of the URL. by \u003ca href=\"https://github.com/ShogunPanda\"\u003e\u003ccode\u003e@​ShogunPanda\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/452\"\u003efastify/fastify-http-proxy#452\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.2...v11.4.3\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.2...v11.4.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/443\"\u003efastify/fastify-http-proxy#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade borp to v1.0.0 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/445\"\u003efastify/fastify-http-proxy#445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/446\"\u003efastify/fastify-http-proxy#446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/448\"\u003efastify/fastify-http-proxy#448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: removed stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/449\"\u003efastify/fastify-http-proxy#449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(qs): preserve fromParameters query params by \u003ca href=\"https://github.com/rozzilla\"\u003e\u003ccode\u003e@​rozzilla\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/451\"\u003efastify/fastify-http-proxy#451\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/445\"\u003efastify/fastify-http-proxy#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.1...v11.4.2\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.1...v11.4.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add types and updated docs for 'preRewrite'. by \u003ca href=\"https://github.com/mn4367\"\u003e\u003ccode\u003e@​mn4367\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/442\"\u003efastify/fastify-http-proxy#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mn4367\"\u003e\u003ccode\u003e@​mn4367\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/442\"\u003efastify/fastify-http-proxy#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.0...v11.4.1\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.0...v11.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 22.15.34 to 24.0.8 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/424\"\u003efastify/fastify-http-proxy#424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 5.8.3 to 5.9.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/426\"\u003efastify/fastify-http-proxy#426\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/15df3dc5eca55e2e61dba1745f422690b4a55257\"\u003e\u003ccode\u003e15df3dc\u003c/code\u003e\u003c/a\u003e Bumped v11.4.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/87ded36a2a67b3530a4c04f836ba4f26b26b12ae\"\u003e\u003ccode\u003e87ded36\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/459\"\u003e#459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/4011c5d6a3da2b33e8fea5234f09cbd447dfa8f0\"\u003e\u003ccode\u003e4011c5d\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/457\"\u003e#457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/7d287c244a6ec8b222bad4e8fff289c26d0b1606\"\u003e\u003ccode\u003e7d287c2\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump typescript from 5.9.3 to 6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/455\"\u003e#455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/801beea98c3a61b168c64deef4ce694fdafd8804\"\u003e\u003ccode\u003e801beea\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump pino-test from 1.1.0 to 2.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/456\"\u003e#456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/b05568e6b7db701c95171c3a0194516cbb0fea13\"\u003e\u003ccode\u003eb05568e\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/454\"\u003e#454\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/1d675fd2add0e523ea1a97c6f8506ce769366cdc\"\u003e\u003ccode\u003e1d675fd\u003c/code\u003e\u003c/a\u003e chore: remove fast-proxy dependency (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/453\"\u003e#453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/16e2044b7c4b59e6069712510da3a3f4f6bab636\"\u003e\u003ccode\u003e16e2044\u003c/code\u003e\u003c/a\u003e Bumped v11.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/be4a26865b1a588fb016523b35db4baeb16cfe0a\"\u003e\u003ccode\u003ebe4a268\u003c/code\u003e\u003c/a\u003e fix: Only replace the prefix at the beginning of the URL. (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/452\"\u003e#452\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/f5719401e8693716be0001c9e8f777675b965cc5\"\u003e\u003ccode\u003ef571940\u003c/code\u003e\u003c/a\u003e v11.4.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.3.0...v11.4.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.5 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10702\"\u003e#10702\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10726\"\u003e#10726\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter:\u003c/strong\u003e Handles socket-only request errors without leaking keep-alive listeners. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10576\"\u003e#10576\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProgress Events:\u003c/strong\u003e Clamps \u003ccode\u003eloaded\u003c/code\u003e to \u003ccode\u003etotal\u003c/code\u003e for computable upload/download progress events. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7458\"\u003e#7458\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Aligns \u003ccode\u003erunWhen\u003c/code\u003e type with the runtime behaviour in \u003ccode\u003eInterceptorManager\u003c/code\u003e and makes response header keys case-insensitive. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7529\"\u003e#7529\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10677\"\u003e#10677\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ebuildFullPath\u003c/code\u003e:\u003c/strong\u003e Uses strict equality in the base/relative URL check. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7252\"\u003e#7252\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eAxiosURLSearchParams\u003c/code\u003e Regex:\u003c/strong\u003e Improves the regex used for param serialisation to avoid edge-case mismatches. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10736\"\u003e#10736\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResilient Value Parsing:\u003c/strong\u003e Parses out header/config values instead of throwing on malformed input. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10687\"\u003e#10687\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003ev1.15.1 - April 19, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/582934382e4e0e0bcb679c628071a4203e93cf57\"\u003e\u003ccode\u003e5829343\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10789\"\u003e#10789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4709a48fa2717ba97f43f5432d48ca4e26c2d326\"\u003e\u003ccode\u003e4709a48\u003c/code\u003e\u003c/a\u003e fix: added fix for memory leak in sockets (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/be3336014e01f9a4fc1f8aef15303cf7daaf58db\"\u003e\u003ccode\u003ebe33360\u003c/code\u003e\u003c/a\u003e chore: update changelog (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa\"\u003e\u003ccode\u003e4791514\u003c/code\u003e\u003c/a\u003e fix: more header pollutions (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6feafcff6c2dbafe206161c5d09e38e1d36af66f\"\u003e\u003ccode\u003e6feafcf\u003c/code\u003e\u003c/a\u003e fix: socket issue (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/302e2739c602f00e323d4f3f5c79500647633a73\"\u003e\u003ccode\u003e302e273\u003c/code\u003e\u003c/a\u003e docs: update docs, add a couple actions etc (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ac42446be51300fe214ba3c6e40cc95f34fd6871\"\u003e\u003ccode\u003eac42446\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/908f2206b6bfeff67236784abce85935698ac1d9\"\u003e\u003ccode\u003e908f220\u003c/code\u003e\u003c/a\u003e docs: update threatmodel (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10765\"\u003e#10765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f93f8155250c2e066205521eda05ae22983a1f6d\"\u003e\u003ccode\u003ef93f815\u003c/code\u003e\u003c/a\u003e docs: added docs around potential decompressions bomb (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10763\"\u003e#10763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1728aa1b15b8857f970611fd8983c06b423fc486\"\u003e\u003ccode\u003e1728aa1\u003c/code\u003e\u003c/a\u003e fix: short-circuits on any truthy non-boolean in withXSRFToken (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.13.5...v1.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 5.3.7 to 5.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003euse \u003ccode\u003e@​nodable/entities\u003c/code\u003e to replace entities\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo API change\u003c/li\u003e\n\u003cli\u003eNo change in performance for basic usage\u003c/li\u003e\n\u003cli\u003eNo typing change\u003c/li\u003e\n\u003cli\u003eNo config change\u003c/li\u003e\n\u003cli\u003enew dependency\u003c/li\u003e\n\u003cli\u003ebreaking: error messages for entities might have been changed.\u003c/li\u003e\n\u003cli\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.12...v5.6.0\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.12...v5.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eperformance improvment, increase entity expansion default limit\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eincrease default entity explansion limit as many projects demand for that\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre\u003e\u003ccode\u003emaxEntitySize: 10000,\r\nmaxExpansionDepth: 10000,\r\nmaxTotalExpansions: Infinity,\r\nmaxExpandedLength: 100000,\r\nmaxEntityCount: 1000,\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cul\u003e\n\u003cli\u003eperformance improvement\n\u003cul\u003e\n\u003cli\u003ereduce calls to toString\u003c/li\u003e\n\u003cli\u003eearly return when entities are not present\u003c/li\u003e\n\u003cli\u003eprepare rawAttrsForMatcher only if user sets \u003ccode\u003ejPath: false\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.9...v5.5.10\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.9...v5.5.10\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003efix typins and matcher instance in callbacks\u003c/h2\u003e\n\u003cp\u003ecombine typings file to avoid configuration changes\npass readonly instance of matcher to the call backs to avoid accidental push/pop call\u003c/p\u003e\n\u003ch2\u003efix bugs of entity parsing and value parsing\u003c/h2\u003e\n\u003cp\u003efix: entity expansion limits\nupdate strnum package to 2.2.0\u003c/p\u003e\n\u003ch2\u003efix entity expansion and incorrect replacement and performance\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003esupport onDangerousProperty\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eupdate dependecies to fix typings\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eintegrate path-expression-matcher\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esupport path-expression-matcher\u003c/li\u003e\n\u003cli\u003efix: stopNode should not be parsed\u003c/li\u003e\n\u003cli\u003eperformance improvement for stopNode checking\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eSeparate Builder\u003c/h2\u003e\n\u003cp\u003eXML Builder was the part of \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder\"\u003efast-xml-parser\u003c/a\u003e for years. But considering that any bug in builder may false-alarm the users who are only using parser and vice-versa, we have decided to split it into a separate package.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003efast-xml-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003eNote: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003cp\u003eNote: Due to some last quick changes on v4, detail of v4.5.3 \u0026amp; v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.3 / 2006-05-05\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: alwaysCreateTextNode should create text node when attributes are present for self closing node\u003c/li\u003e\n\u003cli\u003efix stop node expression when ns prefix is removed (found by \u003ca href=\"https://github.com/iruizsalinas\"\u003eiruizsalinas\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate XML Builder to 1.1.7\u003c/li\u003e\n\u003cli\u003emark addEntity deprecated\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.2 / 2026-04-25\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eallow numerical external entity for backward compatibility\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/705\"\u003e#705\u003c/a\u003e: attributesGroupName working with preserveOrder\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/817\"\u003e#817\u003c/a\u003e: stackoverflow when tag expression is very long\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.1 / 2026-04-20\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix typo in CJS typing file\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.0 / 2026-04-17\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse \u003ccode\u003e@nodable/entities\u003c/code\u003e v2.1.0\n\u003cul\u003e\n\u003cli\u003ebreaking changes\n\u003cul\u003e\n\u003cli\u003esingle entity scan. You're not allowed to user entity value to form another entity name.\u003c/li\u003e\n\u003cli\u003eyou cant add numeric external entity\u003c/li\u003e\n\u003cli\u003eentity error message when expantion limit is crossed might change\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003etypings are updated for new options related to process entity\u003c/li\u003e\n\u003cli\u003eplease follow documentation of \u003ccode\u003e@nodable/entities\u003c/code\u003e for more detail.\u003c/li\u003e\n\u003cli\u003eperformance\n\u003cul\u003e\n\u003cli\u003eif processEntities is false, then there should not be impact on performance.\u003c/li\u003e\n\u003cli\u003eif processEntities is true, but you dont pass entity decoder separately then performance may degrade by approx 8-10%\u003c/li\u003e\n\u003cli\u003eif processEntities is true, and you pass entity decoder separately\n\u003cul\u003e\n\u003cli\u003eif no entity then performance should be same as before\u003c/li\u003e\n\u003cli\u003eif there are entities then performance should be increased from past versions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eignoreAttributes is not required to be set to set xml version for NCR entity value\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eupdate 'fast-xml-builder' to sanitize malicious CDATA and comment's content\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.6.0 / 2026-04-15\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: entity replacement for numeric entities\u003c/li\u003e\n\u003cli\u003euse \u003ccode\u003e@​nodable/entities\u003c/code\u003e to replace entities\n\u003cul\u003e\n\u003cli\u003ethis may change some error messages related to entities expansion limit or inavlid use\u003c/li\u003e\n\u003cli\u003epost check would be exposed in future version\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.12 / 2026-04-13\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePerformance Improvement: update path-expression-matcher\n\u003cul\u003e\n\u003cli\u003euse proxy pattern than Proxy class\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.11 / 2026-04-08\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePerformance Improvement\n\u003cul\u003e\n\u003cli\u003eintegrate ExpressionSet for stopNodes\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f529642d760ef53bb9115ad4798af5dc77ac22c4\"\u003e\u003ccode\u003ef529642\u003c/code\u003e\u003c/a\u003e update to release v5.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/52a8583465d6a67ad19e86fe34714879a981c18e\"\u003e\u003ccode\u003e52a8583\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;improve performance of attributes reading\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/8d187f9abaf42ebdd85623a9ae942b08e8ae5d0c\"\u003e\u003ccode\u003e8d187f9\u003c/code\u003e\u003c/a\u003e update builder\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/e174168a72a65a8fccad2c42bde329d2167edf27\"\u003e\u003ccode\u003ee174168\u003c/code\u003e\u003c/a\u003e improve performance of attributes reading\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/79a8dde50cebaeeda75cc1ad5b97c328da106316\"\u003e\u003ccode\u003e79a8dde\u003c/code\u003e\u003c/a\u003e update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f5cd5a595f313ed7b0820cabfa82ebdaa08651f7\"\u003e\u003ccode\u003ef5cd5a5\u003c/code\u003e\u003c/a\u003e set xml version to decoder even if attributes are ignored\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f44b9236f4bee07bba75f0549fe86c981b1aeeef\"\u003e\u003ccode\u003ef44b923\u003c/code\u003e\u003c/a\u003e remove unwanted tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/869ec8b3588304a3a6aa9f22e38445e06d4547c8\"\u003e\u003ccode\u003e869ec8b\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003e@​nodable/entities\u003c/code\u003e v2.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/7cb49e51cd060caecf296fbf718a98d8c044c8c5\"\u003e\u003ccode\u003e7cb49e5\u003c/code\u003e\u003c/a\u003e update release detail\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/1b14fa7e2a957ea4eae7bbf144534737a19d4527\"\u003e\u003ccode\u003e1b14fa7\u003c/code\u003e\u003c/a\u003e include currency entities in default list\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.7...v5.7.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.7.3 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.3\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-3635 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(readme): add \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e to plugin team by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6565\"\u003efastify/fastify#6565\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated Plugins-Guide.md; Changed \u0026quot;fastify\u0026quot; to \u0026quot;instance\u0026quot; during plugin registration to showcase that it's added as a child by \u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: use fastify.test in test case by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6568\"\u003efastify/fastify#6568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use fastify.example in documentation by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6567\"\u003efastify/fastify#6567\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add common performance degradation guidance by \u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(server): fix camelCase anchor links in TOC by \u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(link-checker): fix root-relative links resolution by \u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update syntax markdown, absolute paths and links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6569\"\u003efastify/fastify#6569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify content-type parser/schema mismatch is outside threat model by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6537\"\u003efastify/fastify#6537\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix incorrect code examples in Reply and Request reference by \u003ca href=\"https://github.com/mahmoodhamdi\"\u003e\u003ccode\u003e@​mahmoodhamdi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6582\"\u003efastify/fastify#6582\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: replace redirected npm.im http-errors link by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6588\"\u003efastify/fastify#6588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: Allow port to be null in request type definition by \u003ca href=\"https://github.com/TristanBarlow\"\u003e\u003ccode\u003e@​TristanBarlow\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6589\"\u003efastify/fastify#6589\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6593\"\u003efastify/fastify#6593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(lock-threads): use shared lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6592\"\u003efastify/fastify#6592\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3983cce8124714242099e8756a7a9a80a0ba0aea\"\u003e\u003ccode\u003e3983cce\u003c/code\u003e\u003c/a\u003e Bumped v5.8.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3ce3ae6752dbed672759856081af9cb1e2733105\"\u003e\u003ccode\u003e3ce3ae6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/b06a196b694c0c7aed53976cd77456f1ad7d4c9f\"\u003e\u003ccode\u003eb06a196\u003c/code\u003e\u003c/a\u003e docs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6610\"\u003e#6610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/909c5d5329536b0acc004da7649b3da8af9273b2\"\u003e\u003ccode\u003e909c5d5\u003c/code\u003e\u003c/a\u003e chore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6630\"\u003e#6630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/4db21a36ddb588acaebf5a4472ccb3b0d5fc9db0\"\u003e\u003ccode\u003e4db21a3\u003c/code\u003e\u003c/a\u003e chore: Bump borp from 0.21.0 to 1.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6633\"\u003e#6633\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/0f4e544c8acd7c42df347936e613a73cecc4f3fe\"\u003e\u003ccode\u003e0f4e544\u003c/code\u003e\u003c/a\u003e chore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6632\"\u003e#6632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/33a2fcd39de584713495bf4b3bd864137746f224\"\u003e\u003ccode\u003e33a2fcd\u003c/code\u003e\u003c/a\u003e chore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6629\"\u003e#6629\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/fd35d829a8cd496a3c1170c0c1c021130e3ca0e8\"\u003e\u003ccode\u003efd35d82\u003c/code\u003e\u003c/a\u003e ci: reduce cron schedules from daily/weekly to monthly (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6623\"\u003e#6623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/8dee9be05ebf683cd212aeff1d294f6ea1ec405c\"\u003e\u003ccode\u003e8dee9be\u003c/code\u003e\u003c/a\u003e fix: restore trustProxy function for number and string types, add null check ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/d457aeda8611777389c7e4713a288eb7ddb9a389\"\u003e\u003ccode\u003ed457aed\u003c/code\u003e\u003c/a\u003e chore: upgrade to typescript v6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6605\"\u003e#6605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify/compare/v5.7.3...v5.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `i18next-http-backend` from 2.5.2 to 3.0.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/i18next/i18next-http-backend/blob/master/CHANGELOG.md\"\u003ei18next-http-backend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e3.0.5\u003c/h3\u003e\n\u003cp\u003eSecurity release — all issues found via an internal audit. See published advisory \u003ca href=\"https://github.com/i18next/i18next-http-backend/security/advisories/GHSA-q89c-q3h5-w34g\"\u003eGHSA-q89c-q3h5-w34g\u003c/a\u003e.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity: refuse to build request URLs when \u003ccode\u003elng\u003c/code\u003e or \u003ccode\u003ens\u003c/code\u003e values contain path-traversal, URL-structure (\u003ccode\u003e?\u003c/code\u003e, \u003ccode\u003e#\u003c/code\u003e, \u003ccode\u003e%\u003c/code\u003e, \u003ccode\u003e@\u003c/code\u003e, whitespace), path separators, control characters, prototype keys, or exceed 128 chars. Prevents path traversal / SSRF / URL injection via attacker-controlled language-code values. \u003ccode\u003eisSafeUrlSegment\u003c/code\u003e is permissive for legitimate i18next language codes (any BCP-47-like shape, underscores, hyphens, dots, \u003ccode\u003e+\u003c/code\u003e-joined multi-language requests) (\u003ca href=\"https://github.com/i18next/i18next-http-backend/security/advisories/GHSA-q89c-q3h5-w34g\"\u003eGHSA-q89c-q3h5-w34g\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esecurity: per-instance \u003ccode\u003eomitFetchOptions\u003c/code\u003e — the fetch-options-stripping fallback is now scoped to a single backend instance via \u003ccode\u003eoptions._omitFetchOptions\u003c/code\u003e instead of a module-level boolean. One instance hitting a \u0026quot;not implemented\u0026quot; fetch error no longer permanently strips \u003ccode\u003erequestOptions\u003c/code\u003e (including \u003ccode\u003ecredentials\u003c/code\u003e, \u003ccode\u003emode\u003c/code\u003e, \u003ccode\u003ecache\u003c/code\u003e) from every other backend instance in the same process\u003c/li\u003e\n\u003cli\u003esecurity: strip CR/LF/NUL and other C0/C1 control characters from \u003ccode\u003elng\u003c/code\u003e/\u003ccode\u003ens\u003c/code\u003e / URL values before they appear in error-callback strings (CWE-117 log forging)\u003c/li\u003e\n\u003cli\u003esecurity: redact \u003ccode\u003euser:password\u003c/code\u003e credentials from URLs before including them in error-callback strings — prevents leaking basic-auth credentials embedded in \u003ccode\u003eloadPath\u003c/code\u003e / \u003ccode\u003eaddPath\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003esecurity: iterate own enumerable keys only (\u003ccode\u003eObject.keys\u003c/code\u003e + prototype-key guard) in \u003ccode\u003eaddQueryString\u003c/code\u003e and in the \u003ccode\u003ecustomHeaders\u003c/code\u003e loop in XHR mode — prevents prototype-pollution amplification into the URL and request headers\u003c/li\u003e\n\u003cli\u003echore: ignore \u003ccode\u003e.env*\u003c/code\u003e and \u003ccode\u003e*.pem\u003c/code\u003e/\u003ccode\u003e*.key\u003c/code\u003e files in \u003ccode\u003e.gitignore\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse own interpolation function for loadPath and addPath instead of relying on i18next's interpolator \u003ca href=\"https://redirect.github.com/i18next/i18next/issues/2420\"\u003ei18next#2420\u003c/a\u003e — this means only \u003ccode\u003e{{lng}}\u003c/code\u003e and \u003ccode\u003e{{ns}}\u003c/code\u003e placeholders are supported; custom interpolation prefix/suffix from i18next config no longer applies to backend paths\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize fetchApi selector\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etry to get rid of top-level await\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix for Deno 2 and removal of unnecessary .cjs file\u003c/li\u003e\n\u003cli\u003efor esm build environments not supporting top-level await, you should import the \u003ccode\u003ei18next-http-backend/cjs\u003c/code\u003e export or stay at v2.6.2 or v2.7.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize fetchApi selector [backported]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esame as 2.6.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeprecated, same as v3.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove network error detection across browsers \u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/pull/152\"\u003e152\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize \u0026quot;Failed to fetch\u0026quot; retry case \u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/issues/147\"\u003e147\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.0\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/5757fa3283bff31bd75e75598c3bcb44179bd892\"\u003e\u003ccode\u003e5757fa3\u003c/code\u003e\u003c/a\u003e 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4cee84f229c637b9c182366d3156f726d407a621\"\u003e\u003ccode\u003e4cee84f\u003c/code\u003e\u003c/a\u003e security: hardening for 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4cbc48741128d9b1f6cceb43edabfbec84c92615\"\u003e\u003ccode\u003e4cbc487\u003c/code\u003e\u003c/a\u003e Bump next from 16.2.1 to 16.2.3 in /example/next (\u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/issues/180\"\u003e#180\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/0d7dcbb09989d358b3af9a67658469ae8ed361dc\"\u003e\u003ccode\u003e0d7dcbb\u003c/code\u003e\u003c/a\u003e make last change more clear\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/c740e013ab5ff4ea3a71f9e0842a302bdf4147ae\"\u003e\u003ccode\u003ec740e01\u003c/code\u003e\u003c/a\u003e year\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/e1dc72b3fb016932959d2bf796d94985baca7050\"\u003e\u003ccode\u003ee1dc72b\u003c/code\u003e\u003c/a\u003e changelog fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4dbb4851ff53b0058d8f0a254779b45c839e6c24\"\u003e\u003ccode\u003e4dbb485\u003c/code\u003e\u003c/a\u003e 3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/5f33a0c2d72f8f9c1e0add30b9b75a0c2edeb7b6\"\u003e\u003ccode\u003e5f33a0c\u003c/code\u003e\u003c/a\u003e use own interpolation function for loadPath and addPath instead of relying on...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/681c09d12ebfafef09351b784d2e7b250328879f\"\u003e\u003ccode\u003e681c09d\u003c/code\u003e\u003c/a\u003e update ci actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/e63ff163717ba02c589e27fa81cc881add892fbd\"\u003e\u003ccode\u003ee63ff16\u003c/code\u003e\u003c/a\u003e adjust deno test\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/i18next/i18next-http-backend/compare/v2.5.2...v3.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nodemailer` from 7.0.11 to 8.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/releases\"\u003enodemailer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.4...v8.0.5\"\u003e8.0.5\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edecode SMTP server responses as UTF-8 at line boundary (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e95876b1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esanitize CRLF in transport name option to prevent SMTP command injection (GHSA-vvjj-xcjg-gr5g) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e0a43876\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4\"\u003e8.0.4\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esanitize envelope size to prevent SMTP command injection (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e2d7b971\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.2...v8.0.3\"\u003e8.0.3\u003c/a\u003e (2026-03-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up addressparser and fix group name fallback producing undefined (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9d55877f8ed15a6aefd7ba76cbb6b6a6cdbcc4fd\"\u003e9d55877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix cookie bugs, remove dead code, and improve hot-path efficiency (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003ee8c8b92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor smtp-connection for clarity and add Node.js 6 syntax compat test (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c5b48ea61c28eabf347972f4198a12cdab226ff7\"\u003ec5b48ea\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove familySupportCache that broke DNS resolution tests (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003ec803d90\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.2\"\u003e8.0.2\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emerge fragmented display names with unquoted commas in addressparser (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/fe27f7fd57f7587d897274438da2f628ad0ad7d9\"\u003efe27f7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.0...v8.0.1\"\u003e8.0.1\u003c/a\u003e (2026-02-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/7f8dde41438c66b8311e888fa5f8c518fcaba6f1\"\u003e7f8dde4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/381f628d55e62bb3131bd2a452fa1ce00bc48aea\"\u003e381f628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Gmail Workspace service configuration (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1787\"\u003e#1787\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/dc97ede417b3030b311771541b1f17f5ca76bcbf\"\u003edc97ede\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.13...v8.0.0\"\u003e8.0.0\u003c/a\u003e (2026-02-04)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md\"\u003enodemailer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.4...v8.0.5\"\u003e8.0.5\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edecode SMTP server responses as UTF-8 at line boundary (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e95876b1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esanitize CRLF in transport name option to prevent SMTP command injection (GHSA-vvjj-xcjg-gr5g) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e0a43876\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4\"\u003e8.0.4\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esanitize envelope size to prevent SMTP command injection (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e2d7b971\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.2...v8.0.3\"\u003e8.0.3\u003c/a\u003e (2026-03-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up addressparser and fix group name fallback producing undefined (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9d55877f8ed15a6aefd7ba76cbb6b6a6cdbcc4fd\"\u003e9d55877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix cookie bugs, remove dead code, and improve hot-path efficiency (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003ee8c8b92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor smtp-connection for clarity and add Node.js 6 syntax compat test (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c5b48ea61c28eabf347972f4198a12cdab226ff7\"\u003ec5b48ea\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove familySupportCache that broke DNS resolution tests (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003ec803d90\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.2\"\u003e8.0.2\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emerge fragmented display names with unquoted commas in addressparser (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/fe27f7fd57f7587d897274438da2f628ad0ad7d9\"\u003efe27f7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.0...v8.0.1\"\u003e8.0.1\u003c/a\u003e (2026-02-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/7f8dde41438c66b8311e888fa5f8c518fcaba6f1\"\u003e7f8dde4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/381f628d55e62bb3131bd2a452fa1ce00bc48aea\"\u003e381f628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Gmail Workspace service configuration (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1787\"\u003e#1787\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/dc97ede417b3030b311771541b1f17f5ca76bcbf\"\u003edc97ede\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.13...v8.0.0\"\u003e8.0.0\u003c/a\u003e (2026-02-04)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eError code 'NoAuth' renamed to 'ENOAUTH'\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/202cfb3e14010223204e9ba9f7430176be624f0f\"\u003e\u003ccode\u003e202cfb3\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.5 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1809\"\u003e#1809\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/b634abf05959edcc7207cdaba2c6541f92994cbb\"\u003e\u003ccode\u003eb634abf\u003c/code\u003e\u003c/a\u003e docs: add CLAUDE.md with project conventions and release process\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e\u003ccode\u003e95876b1\u003c/code\u003e\u003c/a\u003e fix: decode SMTP server responses as UTF-8 at line boundary\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e\u003ccode\u003e0a43876\u003c/code\u003e\u003c/a\u003e fix: sanitize CRLF in transport name option to prevent SMTP command injection...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/08e59e64d0f8595fa535f07061787e0946372657\"\u003e\u003ccode\u003e08e59e6\u003c/code\u003e\u003c/a\u003e chore: update dev dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d319753c34d2f0ced24d8eb1d7d866d965f59f4\"\u003e\u003ccode\u003e2d31975\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.4 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1806\"\u003e#1806\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e\u003ccode\u003e2d7b971\u003c/code\u003e\u003c/a\u003e fix: sanitize envelope size to prevent SMTP command injection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/4e702e97650aaff442a7bc040957ba9c53c614b8\"\u003e\u003ccode\u003e4e702e9\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.3 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1804\"\u003e#1804\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003e\u003ccode\u003ec803d90\u003c/code\u003e\u003c/a\u003e fix: remove familySupportCache that broke DNS resolution tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003e\u003ccode\u003ee8c8b92\u003c/code\u003e\u003c/a\u003e fix: fix cookie bugs, remove dead code, and improve hot-path efficiency\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.11...v8.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 6.4.1 to 6.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.4.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.2 (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003efe28e47\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22163\"\u003e#22163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: avoid path traversal with optimize deps s...\n\n_Description has been truncated_","html_url":"https://github.com/szabiiii/activepieces/pull/24","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/szabiiii%2Factivepieces/issues/24","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/24/packages"}},{"old_version":"8.1.0","new_version":"9.1.1","update_type":"major","path":null,"pr_created_at":"2026-05-08T05:43:19.000Z","version_change":"8.1.0 → 9.1.1","issue":{"uuid":"4404069262","node_id":"PR_kwDORSKvL87ZaSeJ","number":21,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 20 directories with 7 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-08T05:43:27.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-08T05:43:19.000Z","updated_at":"2026-05-08T05:43:30.000Z","time_to_close":8,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":7,"packages":[{"name":"@fastify/http-proxy","old_version":"11.3.0","new_version":"11.4.4","repository_url":"https://github.com/fastify/fastify-http-proxy"},{"name":"axios","old_version":"1.13.5","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"fast-xml-parser","old_version":"5.3.7","new_version":"5.7.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"fastify","old_version":"5.7.3","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"},{"name":"i18next-http-backend","old_version":"2.5.2","new_version":"3.0.5","repository_url":"https://github.com/i18next/i18next-http-backend"},{"name":"@fastify/static","old_version":"8.1.0","new_version":"9.1.1","repository_url":"https://github.com/fastify/fastify-static"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.3.1","repository_url":"https://github.com/patrickjuchli/basic-ftp"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/http-proxy](https://github.com/fastify/fastify-http-proxy) | `11.3.0` | `11.4.4` |\n| [axios](https://github.com/axios/axios) | `1.13.5` | `1.15.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.3.7` | `5.7.0` |\n| [fastify](https://github.com/fastify/fastify) | `5.7.3` | `5.8.5` |\n| [i18next-http-backend](https://github.com/i18next/i18next-http-backend) | `2.5.2` | `3.0.5` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.1.0` | `9.1.1` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.3.1` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/cli directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/common directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/campaign-monitor directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/crisp directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/docusign directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/github directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/help-scout directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/http-oauth2 directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/kizeo-forms directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/pastebin directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/rss directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/salesforce directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/vtex directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/youtube directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/graphql directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/http directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/sftp directory: [basic-ftp](https://github.com/patrickjuchli/basic-ftp).\nBumps the npm_and_yarn group with 4 updates in the /packages/server/api directory: [@fastify/http-proxy](https://github.com/fastify/fastify-http-proxy), [axios](https://github.com/axios/axios), [fastify](https://github.com/fastify/fastify) and [@fastify/static](https://github.com/fastify/fastify-static).\nBumps the npm_and_yarn group with 2 updates in the /packages/web directory: [axios](https://github.com/axios/axios) and [i18next-http-backend](https://github.com/i18next/i18next-http-backend).\n\nUpdates `@fastify/http-proxy` from 11.3.0 to 11.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-http-proxy/releases\"\u003e@​fastify/http-proxy's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev11.4.4\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33805 \u003ca href=\"https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37\"\u003ehttps://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: remove fast-proxy dependency by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/453\"\u003efastify/fastify-http-proxy#453\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/454\"\u003efastify/fastify-http-proxy#454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump pino-test from 1.1.0 to 2.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/456\"\u003efastify/fastify-http-proxy#456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 5.9.3 to 6.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/455\"\u003efastify/fastify-http-proxy#455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/457\"\u003efastify/fastify-http-proxy#457\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/459\"\u003efastify/fastify-http-proxy#459\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.3...v11.4.4\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.3...v11.4.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Only replace the prefix at the beginning of the URL. by \u003ca href=\"https://github.com/ShogunPanda\"\u003e\u003ccode\u003e@​ShogunPanda\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/452\"\u003efastify/fastify-http-proxy#452\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.2...v11.4.3\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.2...v11.4.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/443\"\u003efastify/fastify-http-proxy#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade borp to v1.0.0 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/445\"\u003efastify/fastify-http-proxy#445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/446\"\u003efastify/fastify-http-proxy#446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/448\"\u003efastify/fastify-http-proxy#448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: removed stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/449\"\u003efastify/fastify-http-proxy#449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(qs): preserve fromParameters query params by \u003ca href=\"https://github.com/rozzilla\"\u003e\u003ccode\u003e@​rozzilla\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/451\"\u003efastify/fastify-http-proxy#451\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/445\"\u003efastify/fastify-http-proxy#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.1...v11.4.2\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.1...v11.4.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add types and updated docs for 'preRewrite'. by \u003ca href=\"https://github.com/mn4367\"\u003e\u003ccode\u003e@​mn4367\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/442\"\u003efastify/fastify-http-proxy#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mn4367\"\u003e\u003ccode\u003e@​mn4367\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/442\"\u003efastify/fastify-http-proxy#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.0...v11.4.1\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.0...v11.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 22.15.34 to 24.0.8 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/424\"\u003efastify/fastify-http-proxy#424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 5.8.3 to 5.9.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/426\"\u003efastify/fastify-http-proxy#426\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/15df3dc5eca55e2e61dba1745f422690b4a55257\"\u003e\u003ccode\u003e15df3dc\u003c/code\u003e\u003c/a\u003e Bumped v11.4.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/87ded36a2a67b3530a4c04f836ba4f26b26b12ae\"\u003e\u003ccode\u003e87ded36\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/459\"\u003e#459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/4011c5d6a3da2b33e8fea5234f09cbd447dfa8f0\"\u003e\u003ccode\u003e4011c5d\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/457\"\u003e#457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/7d287c244a6ec8b222bad4e8fff289c26d0b1606\"\u003e\u003ccode\u003e7d287c2\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump typescript from 5.9.3 to 6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/455\"\u003e#455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/801beea98c3a61b168c64deef4ce694fdafd8804\"\u003e\u003ccode\u003e801beea\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump pino-test from 1.1.0 to 2.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/456\"\u003e#456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/b05568e6b7db701c95171c3a0194516cbb0fea13\"\u003e\u003ccode\u003eb05568e\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/454\"\u003e#454\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/1d675fd2add0e523ea1a97c6f8506ce769366cdc\"\u003e\u003ccode\u003e1d675fd\u003c/code\u003e\u003c/a\u003e chore: remove fast-proxy dependency (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/453\"\u003e#453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/16e2044b7c4b59e6069712510da3a3f4f6bab636\"\u003e\u003ccode\u003e16e2044\u003c/code\u003e\u003c/a\u003e Bumped v11.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/be4a26865b1a588fb016523b35db4baeb16cfe0a\"\u003e\u003ccode\u003ebe4a268\u003c/code\u003e\u003c/a\u003e fix: Only replace the prefix at the beginning of the URL. (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/452\"\u003e#452\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/f5719401e8693716be0001c9e8f777675b965cc5\"\u003e\u003ccode\u003ef571940\u003c/code\u003e\u003c/a\u003e v11.4.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.3.0...v11.4.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.5 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10702\"\u003e#10702\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10726\"\u003e#10726\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter:\u003c/strong\u003e Handles socket-only request errors without leaking keep-alive listeners. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10576\"\u003e#10576\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProgress Events:\u003c/strong\u003e Clamps \u003ccode\u003eloaded\u003c/code\u003e to \u003ccode\u003etotal\u003c/code\u003e for computable upload/download progress events. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7458\"\u003e#7458\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Aligns \u003ccode\u003erunWhen\u003c/code\u003e type with the runtime behaviour in \u003ccode\u003eInterceptorManager\u003c/code\u003e and makes response header keys case-insensitive. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7529\"\u003e#7529\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10677\"\u003e#10677\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ebuildFullPath\u003c/code\u003e:\u003c/strong\u003e Uses strict equality in the base/relative URL check. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7252\"\u003e#7252\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eAxiosURLSearchParams\u003c/code\u003e Regex:\u003c/strong\u003e Improves the regex used for param serialisation to avoid edge-case mismatches. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10736\"\u003e#10736\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResilient Value Parsing:\u003c/strong\u003e Parses out header/config values instead of throwing on malformed input. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10687\"\u003e#10687\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003ev1.15.1 - April 19, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/582934382e4e0e0bcb679c628071a4203e93cf57\"\u003e\u003ccode\u003e5829343\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10789\"\u003e#10789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4709a48fa2717ba97f43f5432d48ca4e26c2d326\"\u003e\u003ccode\u003e4709a48\u003c/code\u003e\u003c/a\u003e fix: added fix for memory leak in sockets (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/be3336014e01f9a4fc1f8aef15303cf7daaf58db\"\u003e\u003ccode\u003ebe33360\u003c/code\u003e\u003c/a\u003e chore: update changelog (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa\"\u003e\u003ccode\u003e4791514\u003c/code\u003e\u003c/a\u003e fix: more header pollutions (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6feafcff6c2dbafe206161c5d09e38e1d36af66f\"\u003e\u003ccode\u003e6feafcf\u003c/code\u003e\u003c/a\u003e fix: socket issue (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/302e2739c602f00e323d4f3f5c79500647633a73\"\u003e\u003ccode\u003e302e273\u003c/code\u003e\u003c/a\u003e docs: update docs, add a couple actions etc (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ac42446be51300fe214ba3c6e40cc95f34fd6871\"\u003e\u003ccode\u003eac42446\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/908f2206b6bfeff67236784abce85935698ac1d9\"\u003e\u003ccode\u003e908f220\u003c/code\u003e\u003c/a\u003e docs: update threatmodel (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10765\"\u003e#10765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f93f8155250c2e066205521eda05ae22983a1f6d\"\u003e\u003ccode\u003ef93f815\u003c/code\u003e\u003c/a\u003e docs: added docs around potential decompressions bomb (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10763\"\u003e#10763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1728aa1b15b8857f970611fd8983c06b423fc486\"\u003e\u003ccode\u003e1728aa1\u003c/code\u003e\u003c/a\u003e fix: short-circuits on any truthy non-boolean in withXSRFToken (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.13.5...v1.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 5.3.7 to 5.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003euse \u003ccode\u003e@​nodable/entities\u003c/code\u003e to replace entities\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo API change\u003c/li\u003e\n\u003cli\u003eNo change in performance for basic usage\u003c/li\u003e\n\u003cli\u003eNo typing change\u003c/li\u003e\n\u003cli\u003eNo config change\u003c/li\u003e\n\u003cli\u003enew dependency\u003c/li\u003e\n\u003cli\u003ebreaking: error messages for entities might have been changed.\u003c/li\u003e\n\u003cli\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.12...v5.6.0\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.12...v5.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eperformance improvment, increase entity expansion default limit\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eincrease default entity explansion limit as many projects demand for that\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre\u003e\u003ccode\u003emaxEntitySize: 10000,\r\nmaxExpansionDepth: 10000,\r\nmaxTotalExpansions: Infinity,\r\nmaxExpandedLength: 100000,\r\nmaxEntityCount: 1000,\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cul\u003e\n\u003cli\u003eperformance improvement\n\u003cul\u003e\n\u003cli\u003ereduce calls to toString\u003c/li\u003e\n\u003cli\u003eearly return when entities are not present\u003c/li\u003e\n\u003cli\u003eprepare rawAttrsForMatcher only if user sets \u003ccode\u003ejPath: false\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.9...v5.5.10\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.9...v5.5.10\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003efix typins and matcher instance in callbacks\u003c/h2\u003e\n\u003cp\u003ecombine typings file to avoid configuration changes\npass readonly instance of matcher to the call backs to avoid accidental push/pop call\u003c/p\u003e\n\u003ch2\u003efix bugs of entity parsing and value parsing\u003c/h2\u003e\n\u003cp\u003efix: entity expansion limits\nupdate strnum package to 2.2.0\u003c/p\u003e\n\u003ch2\u003efix entity expansion and incorrect replacement and performance\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003esupport onDangerousProperty\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eupdate dependecies to fix typings\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eintegrate path-expression-matcher\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esupport path-expression-matcher\u003c/li\u003e\n\u003cli\u003efix: stopNode should not be parsed\u003c/li\u003e\n\u003cli\u003eperformance improvement for stopNode checking\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eSeparate Builder\u003c/h2\u003e\n\u003cp\u003eXML Builder was the part of \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder\"\u003efast-xml-parser\u003c/a\u003e for years. But considering that any bug in builder may false-alarm the users who are only using parser and vice-versa, we have decided to split it into a separate package.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003efast-xml-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003eNote: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003cp\u003eNote: Due to some last quick changes on v4, detail of v4.5.3 \u0026amp; v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.3 / 2006-05-05\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: alwaysCreateTextNode should create text node when attributes are present for self closing node\u003c/li\u003e\n\u003cli\u003efix stop node expression when ns prefix is removed (found by \u003ca href=\"https://github.com/iruizsalinas\"\u003eiruizsalinas\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate XML Builder to 1.1.7\u003c/li\u003e\n\u003cli\u003emark addEntity deprecated\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.2 / 2026-04-25\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eallow numerical external entity for backward compatibility\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/705\"\u003e#705\u003c/a\u003e: attributesGroupName working with preserveOrder\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/817\"\u003e#817\u003c/a\u003e: stackoverflow when tag expression is very long\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.1 / 2026-04-20\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix typo in CJS typing file\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.0 / 2026-04-17\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse \u003ccode\u003e@nodable/entities\u003c/code\u003e v2.1.0\n\u003cul\u003e\n\u003cli\u003ebreaking changes\n\u003cul\u003e\n\u003cli\u003esingle entity scan. You're not allowed to user entity value to form another entity name.\u003c/li\u003e\n\u003cli\u003eyou cant add numeric external entity\u003c/li\u003e\n\u003cli\u003eentity error message when expantion limit is crossed might change\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003etypings are updated for new options related to process entity\u003c/li\u003e\n\u003cli\u003eplease follow documentation of \u003ccode\u003e@nodable/entities\u003c/code\u003e for more detail.\u003c/li\u003e\n\u003cli\u003eperformance\n\u003cul\u003e\n\u003cli\u003eif processEntities is false, then there should not be impact on performance.\u003c/li\u003e\n\u003cli\u003eif processEntities is true, but you dont pass entity decoder separately then performance may degrade by approx 8-10%\u003c/li\u003e\n\u003cli\u003eif processEntities is true, and you pass entity decoder separately\n\u003cul\u003e\n\u003cli\u003eif no entity then performance should be same as before\u003c/li\u003e\n\u003cli\u003eif there are entities then performance should be increased from past versions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eignoreAttributes is not required to be set to set xml version for NCR entity value\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eupdate 'fast-xml-builder' to sanitize malicious CDATA and comment's content\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.6.0 / 2026-04-15\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: entity replacement for numeric entities\u003c/li\u003e\n\u003cli\u003euse \u003ccode\u003e@​nodable/entities\u003c/code\u003e to replace entities\n\u003cul\u003e\n\u003cli\u003ethis may change some error messages related to entities expansion limit or inavlid use\u003c/li\u003e\n\u003cli\u003epost check would be exposed in future version\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.12 / 2026-04-13\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePerformance Improvement: update path-expression-matcher\n\u003cul\u003e\n\u003cli\u003euse proxy pattern than Proxy class\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.11 / 2026-04-08\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePerformance Improvement\n\u003cul\u003e\n\u003cli\u003eintegrate ExpressionSet for stopNodes\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f529642d760ef53bb9115ad4798af5dc77ac22c4\"\u003e\u003ccode\u003ef529642\u003c/code\u003e\u003c/a\u003e update to release v5.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/52a8583465d6a67ad19e86fe34714879a981c18e\"\u003e\u003ccode\u003e52a8583\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;improve performance of attributes reading\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/8d187f9abaf42ebdd85623a9ae942b08e8ae5d0c\"\u003e\u003ccode\u003e8d187f9\u003c/code\u003e\u003c/a\u003e update builder\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/e174168a72a65a8fccad2c42bde329d2167edf27\"\u003e\u003ccode\u003ee174168\u003c/code\u003e\u003c/a\u003e improve performance of attributes reading\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/79a8dde50cebaeeda75cc1ad5b97c328da106316\"\u003e\u003ccode\u003e79a8dde\u003c/code\u003e\u003c/a\u003e update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f5cd5a595f313ed7b0820cabfa82ebdaa08651f7\"\u003e\u003ccode\u003ef5cd5a5\u003c/code\u003e\u003c/a\u003e set xml version to decoder even if attributes are ignored\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f44b9236f4bee07bba75f0549fe86c981b1aeeef\"\u003e\u003ccode\u003ef44b923\u003c/code\u003e\u003c/a\u003e remove unwanted tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/869ec8b3588304a3a6aa9f22e38445e06d4547c8\"\u003e\u003ccode\u003e869ec8b\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003e@​nodable/entities\u003c/code\u003e v2.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/7cb49e51cd060caecf296fbf718a98d8c044c8c5\"\u003e\u003ccode\u003e7cb49e5\u003c/code\u003e\u003c/a\u003e update release detail\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/1b14fa7e2a957ea4eae7bbf144534737a19d4527\"\u003e\u003ccode\u003e1b14fa7\u003c/code\u003e\u003c/a\u003e include currency entities in default list\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.7...v5.7.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.7.3 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.3\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-3635 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(readme): add \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e to plugin team by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6565\"\u003efastify/fastify#6565\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated Plugins-Guide.md; Changed \u0026quot;fastify\u0026quot; to \u0026quot;instance\u0026quot; during plugin registration to showcase that it's added as a child by \u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: use fastify.test in test case by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6568\"\u003efastify/fastify#6568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use fastify.example in documentation by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6567\"\u003efastify/fastify#6567\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add common performance degradation guidance by \u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(server): fix camelCase anchor links in TOC by \u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(link-checker): fix root-relative links resolution by \u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update syntax markdown, absolute paths and links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6569\"\u003efastify/fastify#6569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify content-type parser/schema mismatch is outside threat model by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6537\"\u003efastify/fastify#6537\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix incorrect code examples in Reply and Request reference by \u003ca href=\"https://github.com/mahmoodhamdi\"\u003e\u003ccode\u003e@​mahmoodhamdi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6582\"\u003efastify/fastify#6582\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: replace redirected npm.im http-errors link by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6588\"\u003efastify/fastify#6588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: Allow port to be null in request type definition by \u003ca href=\"https://github.com/TristanBarlow\"\u003e\u003ccode\u003e@​TristanBarlow\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6589\"\u003efastify/fastify#6589\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6593\"\u003efastify/fastify#6593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(lock-threads): use shared lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6592\"\u003efastify/fastify#6592\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3983cce8124714242099e8756a7a9a80a0ba0aea\"\u003e\u003ccode\u003e3983cce\u003c/code\u003e\u003c/a\u003e Bumped v5.8.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3ce3ae6752dbed672759856081af9cb1e2733105\"\u003e\u003ccode\u003e3ce3ae6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/b06a196b694c0c7aed53976cd77456f1ad7d4c9f\"\u003e\u003ccode\u003eb06a196\u003c/code\u003e\u003c/a\u003e docs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6610\"\u003e#6610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/909c5d5329536b0acc004da7649b3da8af9273b2\"\u003e\u003ccode\u003e909c5d5\u003c/code\u003e\u003c/a\u003e chore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6630\"\u003e#6630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/4db21a36ddb588acaebf5a4472ccb3b0d5fc9db0\"\u003e\u003ccode\u003e4db21a3\u003c/code\u003e\u003c/a\u003e chore: Bump borp from 0.21.0 to 1.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6633\"\u003e#6633\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/0f4e544c8acd7c42df347936e613a73cecc4f3fe\"\u003e\u003ccode\u003e0f4e544\u003c/code\u003e\u003c/a\u003e chore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6632\"\u003e#6632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/33a2fcd39de584713495bf4b3bd864137746f224\"\u003e\u003ccode\u003e33a2fcd\u003c/code\u003e\u003c/a\u003e chore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6629\"\u003e#6629\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/fd35d829a8cd496a3c1170c0c1c021130e3ca0e8\"\u003e\u003ccode\u003efd35d82\u003c/code\u003e\u003c/a\u003e ci: reduce cron schedules from daily/weekly to monthly (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6623\"\u003e#6623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/8dee9be05ebf683cd212aeff1d294f6ea1ec405c\"\u003e\u003ccode\u003e8dee9be\u003c/code\u003e\u003c/a\u003e fix: restore trustProxy function for number and string types, add null check ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/d457aeda8611777389c7e4713a288eb7ddb9a389\"\u003e\u003ccode\u003ed457aed\u003c/code\u003e\u003c/a\u003e chore: upgrade to typescript v6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6605\"\u003e#6605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify/compare/v5.7.3...v5.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `i18next-http-backend` from 2.5.2 to 3.0.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/i18next/i18next-http-backend/blob/master/CHANGELOG.md\"\u003ei18next-http-backend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e3.0.5\u003c/h3\u003e\n\u003cp\u003eSecurity release — all issues found via an internal audit. See published advisory \u003ca href=\"https://github.com/i18next/i18next-http-backend/security/advisories/GHSA-q89c-q3h5-w34g\"\u003eGHSA-q89c-q3h5-w34g\u003c/a\u003e.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity: refuse to build request URLs when \u003ccode\u003elng\u003c/code\u003e or \u003ccode\u003ens\u003c/code\u003e values contain path-traversal, URL-structure (\u003ccode\u003e?\u003c/code\u003e, \u003ccode\u003e#\u003c/code\u003e, \u003ccode\u003e%\u003c/code\u003e, \u003ccode\u003e@\u003c/code\u003e, whitespace), path separators, control characters, prototype keys, or exceed 128 chars. Prevents path traversal / SSRF / URL injection via attacker-controlled language-code values. \u003ccode\u003eisSafeUrlSegment\u003c/code\u003e is permissive for legitimate i18next language codes (any BCP-47-like shape, underscores, hyphens, dots, \u003ccode\u003e+\u003c/code\u003e-joined multi-language requests) (\u003ca href=\"https://github.com/i18next/i18next-http-backend/security/advisories/GHSA-q89c-q3h5-w34g\"\u003eGHSA-q89c-q3h5-w34g\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esecurity: per-instance \u003ccode\u003eomitFetchOptions\u003c/code\u003e — the fetch-options-stripping fallback is now scoped to a single backend instance via \u003ccode\u003eoptions._omitFetchOptions\u003c/code\u003e instead of a module-level boolean. One instance hitting a \u0026quot;not implemented\u0026quot; fetch error no longer permanently strips \u003ccode\u003erequestOptions\u003c/code\u003e (including \u003ccode\u003ecredentials\u003c/code\u003e, \u003ccode\u003emode\u003c/code\u003e, \u003ccode\u003ecache\u003c/code\u003e) from every other backend instance in the same process\u003c/li\u003e\n\u003cli\u003esecurity: strip CR/LF/NUL and other C0/C1 control characters from \u003ccode\u003elng\u003c/code\u003e/\u003ccode\u003ens\u003c/code\u003e / URL values before they appear in error-callback strings (CWE-117 log forging)\u003c/li\u003e\n\u003cli\u003esecurity: redact \u003ccode\u003euser:password\u003c/code\u003e credentials from URLs before including them in error-callback strings — prevents leaking basic-auth credentials embedded in \u003ccode\u003eloadPath\u003c/code\u003e / \u003ccode\u003eaddPath\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003esecurity: iterate own enumerable keys only (\u003ccode\u003eObject.keys\u003c/code\u003e + prototype-key guard) in \u003ccode\u003eaddQueryString\u003c/code\u003e and in the \u003ccode\u003ecustomHeaders\u003c/code\u003e loop in XHR mode — prevents prototype-pollution amplification into the URL and request headers\u003c/li\u003e\n\u003cli\u003echore: ignore \u003ccode\u003e.env*\u003c/code\u003e and \u003ccode\u003e*.pem\u003c/code\u003e/\u003ccode\u003e*.key\u003c/code\u003e files in \u003ccode\u003e.gitignore\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse own interpolation function for loadPath and addPath instead of relying on i18next's interpolator \u003ca href=\"https://redirect.github.com/i18next/i18next/issues/2420\"\u003ei18next#2420\u003c/a\u003e — this means only \u003ccode\u003e{{lng}}\u003c/code\u003e and \u003ccode\u003e{{ns}}\u003c/code\u003e placeholders are supported; custom interpolation prefix/suffix from i18next config no longer applies to backend paths\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize fetchApi selector\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etry to get rid of top-level await\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix for Deno 2 and removal of unnecessary .cjs file\u003c/li\u003e\n\u003cli\u003efor esm build environments not supporting top-level await, you should import the \u003ccode\u003ei18next-http-backend/cjs\u003c/code\u003e export or stay at v2.6.2 or v2.7.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize fetchApi selector [backported]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esame as 2.6.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeprecated, same as v3.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove network error detection across browsers \u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/pull/152\"\u003e152\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize \u0026quot;Failed to fetch\u0026quot; retry case \u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/issues/147\"\u003e147\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.0\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/5757fa3283bff31bd75e75598c3bcb44179bd892\"\u003e\u003ccode\u003e5757fa3\u003c/code\u003e\u003c/a\u003e 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4cee84f229c637b9c182366d3156f726d407a621\"\u003e\u003ccode\u003e4cee84f\u003c/code\u003e\u003c/a\u003e security: hardening for 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4cbc48741128d9b1f6cceb43edabfbec84c92615\"\u003e\u003ccode\u003e4cbc487\u003c/code\u003e\u003c/a\u003e Bump next from 16.2.1 to 16.2.3 in /example/next (\u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/issues/180\"\u003e#180\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/0d7dcbb09989d358b3af9a67658469ae8ed361dc\"\u003e\u003ccode\u003e0d7dcbb\u003c/code\u003e\u003c/a\u003e make last change more clear\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/c740e013ab5ff4ea3a71f9e0842a302bdf4147ae\"\u003e\u003ccode\u003ec740e01\u003c/code\u003e\u003c/a\u003e year\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/e1dc72b3fb016932959d2bf796d94985baca7050\"\u003e\u003ccode\u003ee1dc72b\u003c/code\u003e\u003c/a\u003e changelog fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4dbb4851ff53b0058d8f0a254779b45c839e6c24\"\u003e\u003ccode\u003e4dbb485\u003c/code\u003e\u003c/a\u003e 3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/5f33a0c2d72f8f9c1e0add30b9b75a0c2edeb7b6\"\u003e\u003ccode\u003e5f33a0c\u003c/code\u003e\u003c/a\u003e use own interpolation function for loadPath and addPath instead of relying on...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/681c09d12ebfafef09351b784d2e7b250328879f\"\u003e\u003ccode\u003e681c09d\u003c/code\u003e\u003c/a\u003e update ci actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/e63ff163717ba02c589e27fa81cc881add892fbd\"\u003e\u003ccode\u003ee63ff16\u003c/code\u003e\u003c/a\u003e adjust deno test\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/i18next/i18next-http-backend/compare/v2.5.2...v3.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fastify/static` from 8.1.0 to 9.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6410 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\u003c/a\u003e.\nThis fixes CVE CVE-2026-6414 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/570\"\u003efastify/fastify-static#570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/552\"\u003efastify/fastify-static#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move ignoreTrailingSlash under routerOptions by \u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/543\"\u003efastify/fastify-static#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump pino and borp dependencies, delete stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update syntax typescript by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/558\"\u003efastify/fastify-static#558\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/560\"\u003efastify/fastify-static#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: sendFile ignoring option overrides in some cases by \u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade c8 to v11.0.0 and improvements test by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/564\"\u003efastify/fastify-static#564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/566\"\u003efastify/fastify-static#566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump content-disposition from 0.5.4 to 1.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/547\"\u003efastify/fastify-static#547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate glob@13 by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/550\"\u003efastify/fastify-static#550\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: use cross-platform compatible info emoji by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/522\"\u003efastify/fastify-static#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix typo by \u003ca href=\"https://github.com/9w\"\u003e\u003ccode\u003e@​9w\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/523\"\u003efastify/fastify-static#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): update date ranges; standardise style by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/525\"\u003efastify/fastify-static#525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove reference to simple-get by \u003ca href=\"https://github.com/ilteoood\"\u003e\u003ccode\u003e@​ilteoood\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/528\"\u003efastify/fastify-static#528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 22.15.34 to 24.0.8 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/527\"\u003efastify/fastify-static#527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(types): add missing anchors by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/529\"\u003efastify/fastify-static#529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(readme): correct compatibility table by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/531\"\u003efastify/fastify-static#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: remove usage of deprecated request.routeConfig by \u003ca href=\"https://github.com/inyourtime\"\u003e\u003ccode\u003e@​inyourtime\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/530\"\u003efastify/fastify-static#530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump tsd from 0.32.0 to 0.33.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/532\"\u003efastify/fastify-static#532\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/48b136f5d8da0efea328f49f6202ab3edabf608b\"\u003e\u003ccode\u003e48b136f\u003c/code\u003e\u003c/a\u003e Bumped v9.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/cc7b7f7e00a5f028599ba17392b831afd0c651aa\"\u003e\u003ccode\u003ecc7b7f7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/9921faa7ffe4931f4bbd2d1a8b6d90e720081856\"\u003e\u003ccode\u003e9921faa\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/4183d2d8dd52b11c27f7adc22abb8d2531ad4a02\"\u003e\u003ccode\u003e4183d2d\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/a3a8cd6c7a5b0937d7ad939564991c284f09754a\"\u003e\u003ccode\u003ea3a8cd6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/8423c80016917b40a3e42c38fd55070a89d1b9b8\"\u003e\u003ccode\u003e8423c80\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/475dce148995ac754a8cb344bad63c8cbd6517d2\"\u003e\u003ccode\u003e475dce1\u003c/code\u003e\u003c/a\u003e chore: upgrade c8 to v11.0.0 and improvements test (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/3ff0f39b94da96f42a88ed57c554abc8381806c3\"\u003e\u003ccode\u003e3ff0f39\u003c/code\u003e\u003c/a\u003e fix: sendFile ignoring option overrides in some cases (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/559\"\u003e#559\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/663baa7da61ff69115995baf59efba6396d814a8\"\u003e\u003ccode\u003e663baa7\u003c/code\u003e\u003c/a\u003e chore(license): standardise license notice (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/560\"\u003e#560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/51bb66e88667850ff5e8f4e9a27ebbf8c5b7bbad\"\u003e\u003ccode\u003e51bb66e\u003c/code\u003e\u003c/a\u003e chore: update syntax typescript (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.1.0...v9.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://gi...\n\n_Description has been truncated_","html_url":"https://github.com/szabiiii/activepieces/pull/21","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/szabiiii%2Factivepieces/issues/21","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/21/packages"}},{"old_version":"8.1.0","new_version":"9.1.1","update_type":"major","path":null,"pr_created_at":"2026-05-08T05:42:46.000Z","version_change":"8.1.0 → 9.1.1","issue":{"uuid":"4404067037","node_id":"PR_kwDORSKvL87ZaSBO","number":18,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 20 directories with 6 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-08T05:43:13.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-08T05:42:46.000Z","updated_at":"2026-05-08T05:43:15.000Z","time_to_close":27,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":6,"packages":[{"name":"@fastify/http-proxy","old_version":"11.3.0","new_version":"11.4.4","repository_url":"https://github.com/fastify/fastify-http-proxy"},{"name":"axios","old_version":"1.13.5","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"fast-xml-parser","old_version":"5.3.7","new_version":"5.7.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"i18next-http-backend","old_version":"2.5.2","new_version":"3.0.5","repository_url":"https://github.com/i18next/i18next-http-backend"},{"name":"@fastify/static","old_version":"8.1.0","new_version":"9.1.1","repository_url":"https://github.com/fastify/fastify-static"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.3.1","repository_url":"https://github.com/patrickjuchli/basic-ftp"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/http-proxy](https://github.com/fastify/fastify-http-proxy) | `11.3.0` | `11.4.4` |\n| [axios](https://github.com/axios/axios) | `1.13.5` | `1.15.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.3.7` | `5.7.0` |\n| [i18next-http-backend](https://github.com/i18next/i18next-http-backend) | `2.5.2` | `3.0.5` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.1.0` | `9.1.1` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.3.1` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/cli directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/common directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/campaign-monitor directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/crisp directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/docusign directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/github directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/help-scout directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/http-oauth2 directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/kizeo-forms directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/pastebin directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/rss directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/salesforce directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/vtex directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/youtube directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/graphql directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/http directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/sftp directory: [basic-ftp](https://github.com/patrickjuchli/basic-ftp).\nBumps the npm_and_yarn group with 3 updates in the /packages/server/api directory: [@fastify/http-proxy](https://github.com/fastify/fastify-http-proxy), [axios](https://github.com/axios/axios) and [@fastify/static](https://github.com/fastify/fastify-static).\nBumps the npm_and_yarn group with 2 updates in the /packages/web directory: [axios](https://github.com/axios/axios) and [i18next-http-backend](https://github.com/i18next/i18next-http-backend).\n\nUpdates `@fastify/http-proxy` from 11.3.0 to 11.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-http-proxy/releases\"\u003e@​fastify/http-proxy's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev11.4.4\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33805 \u003ca href=\"https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37\"\u003ehttps://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: remove fast-proxy dependency by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/453\"\u003efastify/fastify-http-proxy#453\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/454\"\u003efastify/fastify-http-proxy#454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump pino-test from 1.1.0 to 2.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/456\"\u003efastify/fastify-http-proxy#456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 5.9.3 to 6.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/455\"\u003efastify/fastify-http-proxy#455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/457\"\u003efastify/fastify-http-proxy#457\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/459\"\u003efastify/fastify-http-proxy#459\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.3...v11.4.4\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.3...v11.4.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Only replace the prefix at the beginning of the URL. by \u003ca href=\"https://github.com/ShogunPanda\"\u003e\u003ccode\u003e@​ShogunPanda\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/452\"\u003efastify/fastify-http-proxy#452\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.2...v11.4.3\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.2...v11.4.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/443\"\u003efastify/fastify-http-proxy#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade borp to v1.0.0 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/445\"\u003efastify/fastify-http-proxy#445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/446\"\u003efastify/fastify-http-proxy#446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/448\"\u003efastify/fastify-http-proxy#448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: removed stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/449\"\u003efastify/fastify-http-proxy#449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(qs): preserve fromParameters query params by \u003ca href=\"https://github.com/rozzilla\"\u003e\u003ccode\u003e@​rozzilla\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/451\"\u003efastify/fastify-http-proxy#451\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/445\"\u003efastify/fastify-http-proxy#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.1...v11.4.2\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.1...v11.4.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add types and updated docs for 'preRewrite'. by \u003ca href=\"https://github.com/mn4367\"\u003e\u003ccode\u003e@​mn4367\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/442\"\u003efastify/fastify-http-proxy#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mn4367\"\u003e\u003ccode\u003e@​mn4367\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/442\"\u003efastify/fastify-http-proxy#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.0...v11.4.1\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.0...v11.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 22.15.34 to 24.0.8 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/424\"\u003efastify/fastify-http-proxy#424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 5.8.3 to 5.9.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/426\"\u003efastify/fastify-http-proxy#426\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/15df3dc5eca55e2e61dba1745f422690b4a55257\"\u003e\u003ccode\u003e15df3dc\u003c/code\u003e\u003c/a\u003e Bumped v11.4.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/87ded36a2a67b3530a4c04f836ba4f26b26b12ae\"\u003e\u003ccode\u003e87ded36\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/459\"\u003e#459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/4011c5d6a3da2b33e8fea5234f09cbd447dfa8f0\"\u003e\u003ccode\u003e4011c5d\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/457\"\u003e#457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/7d287c244a6ec8b222bad4e8fff289c26d0b1606\"\u003e\u003ccode\u003e7d287c2\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump typescript from 5.9.3 to 6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/455\"\u003e#455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/801beea98c3a61b168c64deef4ce694fdafd8804\"\u003e\u003ccode\u003e801beea\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump pino-test from 1.1.0 to 2.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/456\"\u003e#456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/b05568e6b7db701c95171c3a0194516cbb0fea13\"\u003e\u003ccode\u003eb05568e\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/454\"\u003e#454\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/1d675fd2add0e523ea1a97c6f8506ce769366cdc\"\u003e\u003ccode\u003e1d675fd\u003c/code\u003e\u003c/a\u003e chore: remove fast-proxy dependency (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/453\"\u003e#453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/16e2044b7c4b59e6069712510da3a3f4f6bab636\"\u003e\u003ccode\u003e16e2044\u003c/code\u003e\u003c/a\u003e Bumped v11.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/be4a26865b1a588fb016523b35db4baeb16cfe0a\"\u003e\u003ccode\u003ebe4a268\u003c/code\u003e\u003c/a\u003e fix: Only replace the prefix at the beginning of the URL. (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/452\"\u003e#452\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/f5719401e8693716be0001c9e8f777675b965cc5\"\u003e\u003ccode\u003ef571940\u003c/code\u003e\u003c/a\u003e v11.4.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.3.0...v11.4.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.5 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10702\"\u003e#10702\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10726\"\u003e#10726\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter:\u003c/strong\u003e Handles socket-only request errors without leaking keep-alive listeners. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10576\"\u003e#10576\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProgress Events:\u003c/strong\u003e Clamps \u003ccode\u003eloaded\u003c/code\u003e to \u003ccode\u003etotal\u003c/code\u003e for computable upload/download progress events. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7458\"\u003e#7458\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Aligns \u003ccode\u003erunWhen\u003c/code\u003e type with the runtime behaviour in \u003ccode\u003eInterceptorManager\u003c/code\u003e and makes response header keys case-insensitive. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7529\"\u003e#7529\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10677\"\u003e#10677\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ebuildFullPath\u003c/code\u003e:\u003c/strong\u003e Uses strict equality in the base/relative URL check. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7252\"\u003e#7252\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eAxiosURLSearchParams\u003c/code\u003e Regex:\u003c/strong\u003e Improves the regex used for param serialisation to avoid edge-case mismatches. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10736\"\u003e#10736\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResilient Value Parsing:\u003c/strong\u003e Parses out header/config values instead of throwing on malformed input. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10687\"\u003e#10687\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003ev1.15.1 - April 19, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/582934382e4e0e0bcb679c628071a4203e93cf57\"\u003e\u003ccode\u003e5829343\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10789\"\u003e#10789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4709a48fa2717ba97f43f5432d48ca4e26c2d326\"\u003e\u003ccode\u003e4709a48\u003c/code\u003e\u003c/a\u003e fix: added fix for memory leak in sockets (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/be3336014e01f9a4fc1f8aef15303cf7daaf58db\"\u003e\u003ccode\u003ebe33360\u003c/code\u003e\u003c/a\u003e chore: update changelog (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa\"\u003e\u003ccode\u003e4791514\u003c/code\u003e\u003c/a\u003e fix: more header pollutions (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6feafcff6c2dbafe206161c5d09e38e1d36af66f\"\u003e\u003ccode\u003e6feafcf\u003c/code\u003e\u003c/a\u003e fix: socket issue (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/302e2739c602f00e323d4f3f5c79500647633a73\"\u003e\u003ccode\u003e302e273\u003c/code\u003e\u003c/a\u003e docs: update docs, add a couple actions etc (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ac42446be51300fe214ba3c6e40cc95f34fd6871\"\u003e\u003ccode\u003eac42446\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/908f2206b6bfeff67236784abce85935698ac1d9\"\u003e\u003ccode\u003e908f220\u003c/code\u003e\u003c/a\u003e docs: update threatmodel (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10765\"\u003e#10765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f93f8155250c2e066205521eda05ae22983a1f6d\"\u003e\u003ccode\u003ef93f815\u003c/code\u003e\u003c/a\u003e docs: added docs around potential decompressions bomb (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10763\"\u003e#10763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1728aa1b15b8857f970611fd8983c06b423fc486\"\u003e\u003ccode\u003e1728aa1\u003c/code\u003e\u003c/a\u003e fix: short-circuits on any truthy non-boolean in withXSRFToken (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.13.5...v1.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 5.3.7 to 5.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003euse \u003ccode\u003e@​nodable/entities\u003c/code\u003e to replace entities\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo API change\u003c/li\u003e\n\u003cli\u003eNo change in performance for basic usage\u003c/li\u003e\n\u003cli\u003eNo typing change\u003c/li\u003e\n\u003cli\u003eNo config change\u003c/li\u003e\n\u003cli\u003enew dependency\u003c/li\u003e\n\u003cli\u003ebreaking: error messages for entities might have been changed.\u003c/li\u003e\n\u003cli\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.12...v5.6.0\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.12...v5.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eperformance improvment, increase entity expansion default limit\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eincrease default entity explansion limit as many projects demand for that\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre\u003e\u003ccode\u003emaxEntitySize: 10000,\r\nmaxExpansionDepth: 10000,\r\nmaxTotalExpansions: Infinity,\r\nmaxExpandedLength: 100000,\r\nmaxEntityCount: 1000,\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cul\u003e\n\u003cli\u003eperformance improvement\n\u003cul\u003e\n\u003cli\u003ereduce calls to toString\u003c/li\u003e\n\u003cli\u003eearly return when entities are not present\u003c/li\u003e\n\u003cli\u003eprepare rawAttrsForMatcher only if user sets \u003ccode\u003ejPath: false\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.9...v5.5.10\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.9...v5.5.10\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003efix typins and matcher instance in callbacks\u003c/h2\u003e\n\u003cp\u003ecombine typings file to avoid configuration changes\npass readonly instance of matcher to the call backs to avoid accidental push/pop call\u003c/p\u003e\n\u003ch2\u003efix bugs of entity parsing and value parsing\u003c/h2\u003e\n\u003cp\u003efix: entity expansion limits\nupdate strnum package to 2.2.0\u003c/p\u003e\n\u003ch2\u003efix entity expansion and incorrect replacement and performance\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003esupport onDangerousProperty\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eupdate dependecies to fix typings\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eintegrate path-expression-matcher\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esupport path-expression-matcher\u003c/li\u003e\n\u003cli\u003efix: stopNode should not be parsed\u003c/li\u003e\n\u003cli\u003eperformance improvement for stopNode checking\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eSeparate Builder\u003c/h2\u003e\n\u003cp\u003eXML Builder was the part of \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder\"\u003efast-xml-parser\u003c/a\u003e for years. But considering that any bug in builder may false-alarm the users who are only using parser and vice-versa, we have decided to split it into a separate package.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003efast-xml-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003eNote: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003cp\u003eNote: Due to some last quick changes on v4, detail of v4.5.3 \u0026amp; v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.3 / 2006-05-05\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: alwaysCreateTextNode should create text node when attributes are present for self closing node\u003c/li\u003e\n\u003cli\u003efix stop node expression when ns prefix is removed (found by \u003ca href=\"https://github.com/iruizsalinas\"\u003eiruizsalinas\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate XML Builder to 1.1.7\u003c/li\u003e\n\u003cli\u003emark addEntity deprecated\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.2 / 2026-04-25\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eallow numerical external entity for backward compatibility\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/705\"\u003e#705\u003c/a\u003e: attributesGroupName working with preserveOrder\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/817\"\u003e#817\u003c/a\u003e: stackoverflow when tag expression is very long\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.1 / 2026-04-20\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix typo in CJS typing file\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.0 / 2026-04-17\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse \u003ccode\u003e@nodable/entities\u003c/code\u003e v2.1.0\n\u003cul\u003e\n\u003cli\u003ebreaking changes\n\u003cul\u003e\n\u003cli\u003esingle entity scan. You're not allowed to user entity value to form another entity name.\u003c/li\u003e\n\u003cli\u003eyou cant add numeric external entity\u003c/li\u003e\n\u003cli\u003eentity error message when expantion limit is crossed might change\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003etypings are updated for new options related to process entity\u003c/li\u003e\n\u003cli\u003eplease follow documentation of \u003ccode\u003e@nodable/entities\u003c/code\u003e for more detail.\u003c/li\u003e\n\u003cli\u003eperformance\n\u003cul\u003e\n\u003cli\u003eif processEntities is false, then there should not be impact on performance.\u003c/li\u003e\n\u003cli\u003eif processEntities is true, but you dont pass entity decoder separately then performance may degrade by approx 8-10%\u003c/li\u003e\n\u003cli\u003eif processEntities is true, and you pass entity decoder separately\n\u003cul\u003e\n\u003cli\u003eif no entity then performance should be same as before\u003c/li\u003e\n\u003cli\u003eif there are entities then performance should be increased from past versions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eignoreAttributes is not required to be set to set xml version for NCR entity value\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eupdate 'fast-xml-builder' to sanitize malicious CDATA and comment's content\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.6.0 / 2026-04-15\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: entity replacement for numeric entities\u003c/li\u003e\n\u003cli\u003euse \u003ccode\u003e@​nodable/entities\u003c/code\u003e to replace entities\n\u003cul\u003e\n\u003cli\u003ethis may change some error messages related to entities expansion limit or inavlid use\u003c/li\u003e\n\u003cli\u003epost check would be exposed in future version\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.12 / 2026-04-13\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePerformance Improvement: update path-expression-matcher\n\u003cul\u003e\n\u003cli\u003euse proxy pattern than Proxy class\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.11 / 2026-04-08\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePerformance Improvement\n\u003cul\u003e\n\u003cli\u003eintegrate ExpressionSet for stopNodes\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f529642d760ef53bb9115ad4798af5dc77ac22c4\"\u003e\u003ccode\u003ef529642\u003c/code\u003e\u003c/a\u003e update to release v5.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/52a8583465d6a67ad19e86fe34714879a981c18e\"\u003e\u003ccode\u003e52a8583\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;improve performance of attributes reading\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/8d187f9abaf42ebdd85623a9ae942b08e8ae5d0c\"\u003e\u003ccode\u003e8d187f9\u003c/code\u003e\u003c/a\u003e update builder\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/e174168a72a65a8fccad2c42bde329d2167edf27\"\u003e\u003ccode\u003ee174168\u003c/code\u003e\u003c/a\u003e improve performance of attributes reading\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/79a8dde50cebaeeda75cc1ad5b97c328da106316\"\u003e\u003ccode\u003e79a8dde\u003c/code\u003e\u003c/a\u003e update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f5cd5a595f313ed7b0820cabfa82ebdaa08651f7\"\u003e\u003ccode\u003ef5cd5a5\u003c/code\u003e\u003c/a\u003e set xml version to decoder even if attributes are ignored\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f44b9236f4bee07bba75f0549fe86c981b1aeeef\"\u003e\u003ccode\u003ef44b923\u003c/code\u003e\u003c/a\u003e remove unwanted tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/869ec8b3588304a3a6aa9f22e38445e06d4547c8\"\u003e\u003ccode\u003e869ec8b\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003e@​nodable/entities\u003c/code\u003e v2.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/7cb49e51cd060caecf296fbf718a98d8c044c8c5\"\u003e\u003ccode\u003e7cb49e5\u003c/code\u003e\u003c/a\u003e update release detail\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/1b14fa7e2a957ea4eae7bbf144534737a19d4527\"\u003e\u003ccode\u003e1b14fa7\u003c/code\u003e\u003c/a\u003e include currency entities in default list\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.7...v5.7.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `i18next-http-backend` from 2.5.2 to 3.0.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/i18next/i18next-http-backend/blob/master/CHANGELOG.md\"\u003ei18next-http-backend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e3.0.5\u003c/h3\u003e\n\u003cp\u003eSecurity release — all issues found via an internal audit. See published advisory \u003ca href=\"https://github.com/i18next/i18next-http-backend/security/advisories/GHSA-q89c-q3h5-w34g\"\u003eGHSA-q89c-q3h5-w34g\u003c/a\u003e.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity: refuse to build request URLs when \u003ccode\u003elng\u003c/code\u003e or \u003ccode\u003ens\u003c/code\u003e values contain path-traversal, URL-structure (\u003ccode\u003e?\u003c/code\u003e, \u003ccode\u003e#\u003c/code\u003e, \u003ccode\u003e%\u003c/code\u003e, \u003ccode\u003e@\u003c/code\u003e, whitespace), path separators, control characters, prototype keys, or exceed 128 chars. Prevents path traversal / SSRF / URL injection via attacker-controlled language-code values. \u003ccode\u003eisSafeUrlSegment\u003c/code\u003e is permissive for legitimate i18next language codes (any BCP-47-like shape, underscores, hyphens, dots, \u003ccode\u003e+\u003c/code\u003e-joined multi-language requests) (\u003ca href=\"https://github.com/i18next/i18next-http-backend/security/advisories/GHSA-q89c-q3h5-w34g\"\u003eGHSA-q89c-q3h5-w34g\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esecurity: per-instance \u003ccode\u003eomitFetchOptions\u003c/code\u003e — the fetch-options-stripping fallback is now scoped to a single backend instance via \u003ccode\u003eoptions._omitFetchOptions\u003c/code\u003e instead of a module-level boolean. One instance hitting a \u0026quot;not implemented\u0026quot; fetch error no longer permanently strips \u003ccode\u003erequestOptions\u003c/code\u003e (including \u003ccode\u003ecredentials\u003c/code\u003e, \u003ccode\u003emode\u003c/code\u003e, \u003ccode\u003ecache\u003c/code\u003e) from every other backend instance in the same process\u003c/li\u003e\n\u003cli\u003esecurity: strip CR/LF/NUL and other C0/C1 control characters from \u003ccode\u003elng\u003c/code\u003e/\u003ccode\u003ens\u003c/code\u003e / URL values before they appear in error-callback strings (CWE-117 log forging)\u003c/li\u003e\n\u003cli\u003esecurity: redact \u003ccode\u003euser:password\u003c/code\u003e credentials from URLs before including them in error-callback strings — prevents leaking basic-auth credentials embedded in \u003ccode\u003eloadPath\u003c/code\u003e / \u003ccode\u003eaddPath\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003esecurity: iterate own enumerable keys only (\u003ccode\u003eObject.keys\u003c/code\u003e + prototype-key guard) in \u003ccode\u003eaddQueryString\u003c/code\u003e and in the \u003ccode\u003ecustomHeaders\u003c/code\u003e loop in XHR mode — prevents prototype-pollution amplification into the URL and request headers\u003c/li\u003e\n\u003cli\u003echore: ignore \u003ccode\u003e.env*\u003c/code\u003e and \u003ccode\u003e*.pem\u003c/code\u003e/\u003ccode\u003e*.key\u003c/code\u003e files in \u003ccode\u003e.gitignore\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse own interpolation function for loadPath and addPath instead of relying on i18next's interpolator \u003ca href=\"https://redirect.github.com/i18next/i18next/issues/2420\"\u003ei18next#2420\u003c/a\u003e — this means only \u003ccode\u003e{{lng}}\u003c/code\u003e and \u003ccode\u003e{{ns}}\u003c/code\u003e placeholders are supported; custom interpolation prefix/suffix from i18next config no longer applies to backend paths\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize fetchApi selector\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etry to get rid of top-level await\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix for Deno 2 and removal of unnecessary .cjs file\u003c/li\u003e\n\u003cli\u003efor esm build environments not supporting top-level await, you should import the \u003ccode\u003ei18next-http-backend/cjs\u003c/code\u003e export or stay at v2.6.2 or v2.7.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize fetchApi selector [backported]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esame as 2.6.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeprecated, same as v3.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove network error detection across browsers \u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/pull/152\"\u003e152\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize \u0026quot;Failed to fetch\u0026quot; retry case \u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/issues/147\"\u003e147\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.0\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/5757fa3283bff31bd75e75598c3bcb44179bd892\"\u003e\u003ccode\u003e5757fa3\u003c/code\u003e\u003c/a\u003e 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4cee84f229c637b9c182366d3156f726d407a621\"\u003e\u003ccode\u003e4cee84f\u003c/code\u003e\u003c/a\u003e security: hardening for 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4cbc48741128d9b1f6cceb43edabfbec84c92615\"\u003e\u003ccode\u003e4cbc487\u003c/code\u003e\u003c/a\u003e Bump next from 16.2.1 to 16.2.3 in /example/next (\u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/issues/180\"\u003e#180\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/0d7dcbb09989d358b3af9a67658469ae8ed361dc\"\u003e\u003ccode\u003e0d7dcbb\u003c/code\u003e\u003c/a\u003e make last change more clear\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/c740e013ab5ff4ea3a71f9e0842a302bdf4147ae\"\u003e\u003ccode\u003ec740e01\u003c/code\u003e\u003c/a\u003e year\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/e1dc72b3fb016932959d2bf796d94985baca7050\"\u003e\u003ccode\u003ee1dc72b\u003c/code\u003e\u003c/a\u003e changelog fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4dbb4851ff53b0058d8f0a254779b45c839e6c24\"\u003e\u003ccode\u003e4dbb485\u003c/code\u003e\u003c/a\u003e 3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/5f33a0c2d72f8f9c1e0add30b9b75a0c2edeb7b6\"\u003e\u003ccode\u003e5f33a0c\u003c/code\u003e\u003c/a\u003e use own interpolation function for loadPath and addPath instead of relying on...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/681c09d12ebfafef09351b784d2e7b250328879f\"\u003e\u003ccode\u003e681c09d\u003c/code\u003e\u003c/a\u003e update ci actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/e63ff163717ba02c589e27fa81cc881add892fbd\"\u003e\u003ccode\u003ee63ff16\u003c/code\u003e\u003c/a\u003e adjust deno test\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/i18next/i18next-http-backend/compare/v2.5.2...v3.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fastify/static` from 8.1.0 to 9.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-6410 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-pr96-94w5-mx2h\u003c/a\u003e.\nThis fixes CVE CVE-2026-6414 \u003ca href=\"https://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\"\u003ehttps://github.com/fastify/fastify-static/security/advisories/GHSA-x428-ghpx-8j92\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/570\"\u003efastify/fastify-static#570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.0...v9.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/552\"\u003efastify/fastify-static#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move ignoreTrailingSlash under routerOptions by \u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/543\"\u003efastify/fastify-static#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump pino and borp dependencies, delete stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update syntax typescript by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/558\"\u003efastify/fastify-static#558\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/560\"\u003efastify/fastify-static#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: sendFile ignoring option overrides in some cases by \u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade c8 to v11.0.0 and improvements test by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/564\"\u003efastify/fastify-static#564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/566\"\u003efastify/fastify-static#566\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lraveri\"\u003e\u003ccode\u003e@​lraveri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/553\"\u003efastify/fastify-static#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/557\"\u003efastify/fastify-static#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bakugo\"\u003e\u003ccode\u003e@​bakugo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/559\"\u003efastify/fastify-static#559\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.0.0...v9.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump content-disposition from 0.5.4 to 1.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/547\"\u003efastify/fastify-static#547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate glob@13 by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/550\"\u003efastify/fastify-static#550\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0\"\u003ehttps://github.com/fastify/fastify-static/compare/v8.3.0...v9.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: use cross-platform compatible info emoji by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/522\"\u003efastify/fastify-static#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix typo by \u003ca href=\"https://github.com/9w\"\u003e\u003ccode\u003e@​9w\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/523\"\u003efastify/fastify-static#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): update date ranges; standardise style by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/525\"\u003efastify/fastify-static#525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove reference to simple-get by \u003ca href=\"https://github.com/ilteoood\"\u003e\u003ccode\u003e@​ilteoood\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/528\"\u003efastify/fastify-static#528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 22.15.34 to 24.0.8 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/527\"\u003efastify/fastify-static#527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(types): add missing anchors by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/529\"\u003efastify/fastify-static#529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(readme): correct compatibility table by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/531\"\u003efastify/fastify-static#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: remove usage of deprecated request.routeConfig by \u003ca href=\"https://github.com/inyourtime\"\u003e\u003ccode\u003e@​inyourtime\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/530\"\u003efastify/fastify-static#530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump tsd from 0.32.0 to 0.33.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/532\"\u003efastify/fastify-static#532\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/48b136f5d8da0efea328f49f6202ab3edabf608b\"\u003e\u003ccode\u003e48b136f\u003c/code\u003e\u003c/a\u003e Bumped v9.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/cc7b7f7e00a5f028599ba17392b831afd0c651aa\"\u003e\u003ccode\u003ecc7b7f7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/9921faa7ffe4931f4bbd2d1a8b6d90e720081856\"\u003e\u003ccode\u003e9921faa\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/4183d2d8dd52b11c27f7adc22abb8d2531ad4a02\"\u003e\u003ccode\u003e4183d2d\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/570\"\u003e#570\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/a3a8cd6c7a5b0937d7ad939564991c284f09754a\"\u003e\u003ccode\u003ea3a8cd6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/8423c80016917b40a3e42c38fd55070a89d1b9b8\"\u003e\u003ccode\u003e8423c80\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/475dce148995ac754a8cb344bad63c8cbd6517d2\"\u003e\u003ccode\u003e475dce1\u003c/code\u003e\u003c/a\u003e chore: upgrade c8 to v11.0.0 and improvements test (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/3ff0f39b94da96f42a88ed57c554abc8381806c3\"\u003e\u003ccode\u003e3ff0f39\u003c/code\u003e\u003c/a\u003e fix: sendFile ignoring option overrides in some cases (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/559\"\u003e#559\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/663baa7da61ff69115995baf59efba6396d814a8\"\u003e\u003ccode\u003e663baa7\u003c/code\u003e\u003c/a\u003e chore(license): standardise license notice (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/560\"\u003e#560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/51bb66e88667850ff5e8f4e9a27ebbf8c5b7bbad\"\u003e\u003ccode\u003e51bb66e\u003c/code\u003e\u003c/a\u003e chore: update syntax typescript (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v8.1.0...v9.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/980371bb6057d78d479b5cfc18683392abd2c45f\"\u003e\u003ccode\u003e980371b\u003c/code\u003e\u003c/a\u003e Guard against unbounded control response\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/50827c73ca6c1d786c97276e47be8a33d0f2277d\"\u003e\u003ccode\u003e50827c7\u003c/code\u003e\u003c/a\u003e Adjust changelog to match release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/c9378a8ff73b96e89f17525266d648ce495286a6\"\u003e\u003ccode\u003ec9378a8\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/22abe4356782f499d97418f0a7a2c3bb02db72b7\"\u003e\u003ccode\u003e22abe43\u003c/code\u003e\u003c/a\u003e Update Github Actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0feaaec3d4394bb3470edd006df933d2b6e64689\"\u003e\u003ccode\u003e0feaaec\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/6629d7d7abe9169543a8ff60a6dc32e6fe7cf91c\"\u003e\u003ccode\u003e6629d7d\u003c/code\u003e\u003c/a\u003e Improve error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9c3bf4f893470cd2418b54862eb9b609efc3d335\"\u003e\u003ccode\u003e9c3bf4f\u003c/code\u003e\u003c/a\u003e Set higher default value for max size of directory listing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/acd3942c81ac27caf998b0ed13f3ce85c0fc6320\"\u003e\u003ccode\u003eacd3942\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/130442932b1ef27a550c915f231c07eae01e665a\"\u003e\u003ccode\u003e1304429\u003c/code\u003e\u003c/a\u003e Offer maxListingBytes as an option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5cb5367e86d8a2991224fb2b82e4933d27c07904\"\u003e\u003ccode\u003e5cb5367\u003c/code\u003e\u003c/a\u003e Add bounded StringWriter\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.5 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.c...\n\n_Description has been truncated_","html_url":"https://github.com/szabiiii/activepieces/pull/18","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/szabiiii%2Factivepieces/issues/18","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/18/packages"}},{"old_version":"8.2.0","new_version":"9.1.3","update_type":"major","path":null,"pr_created_at":"2026-05-07T16:33:42.000Z","version_change":"8.2.0 → 9.1.3","issue":{"uuid":"4400369754","node_id":"PR_kwDOPrXVTc7ZObaB","number":95,"state":"closed","title":"Bump the npm_and_yarn group across 12 directories with 16 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-07T16:35:54.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-07T16:33:42.000Z","updated_at":"2026-05-07T16:38:36.000Z","time_to_close":132,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":16,"packages":[{"name":"axios","old_version":"1.8.3","new_version":"1.16.0","repository_url":"https://github.com/axios/axios"},{"name":"axios","old_version":"1.11.0","new_version":"1.16.0","repository_url":"https://github.com/axios/axios"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.3.1","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"fastify","old_version":"5.4.0","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"},{"name":"i18next-http-backend","old_version":"2.5.2","new_version":"3.0.5","repository_url":"https://github.com/i18next/i18next-http-backend"},{"name":"simple-git","old_version":"3.21.0","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"postcss","old_version":"8.4.38","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"vite","old_version":"6.3.5","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"fast-xml-parser","old_version":"4.4.1","new_version":"5.7.2","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"@fastify/static","old_version":"8.2.0","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"},{"name":"@supabase/auth-js","old_version":"2.69.1","new_version":"2.105.3","repository_url":"https://github.com/supabase/supabase-js"},{"name":"@xmldom/xmldom","old_version":"0.8.10","new_version":"0.8.13","repository_url":"https://github.com/xmldom/xmldom"},{"name":"protobufjs","old_version":"7.5.3","new_version":"7.5.6","repository_url":"https://github.com/protobufjs/protobuf.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 12 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `1.8.3` | `1.16.0` |\n| [axios](https://github.com/axios/axios) | `1.11.0` | `1.16.0` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.3.1` |\n| [fastify](https://github.com/fastify/fastify) | `5.4.0` | `5.8.5` |\n| [i18next-http-backend](https://github.com/i18next/i18next-http-backend) | `2.5.2` | `3.0.5` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.21.0` | `3.36.0` |\n| [postcss](https://github.com/postcss/postcss) | `8.4.38` | `8.5.10` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.3.5` | `6.4.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.4.1` | `5.7.2` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.2.0` | `9.1.3` |\n| [@supabase/auth-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/auth-js) | `2.69.1` | `2.105.3` |\n| [@xmldom/xmldom](https://github.com/xmldom/xmldom) | `0.8.10` | `0.8.13` |\n| [protobufjs](https://github.com/protobufjs/protobuf.js) | `7.5.3` | `7.5.6` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/amazon-ses directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/amazon-sns directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/amazon-sqs directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/clarifai directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 2 updates in the /packages/pieces/community/contentful directory: [axios](https://github.com/axios/axios) and [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/image-helper directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects).\nBumps the npm_and_yarn group with 3 updates in the /packages/pieces/community/mailchain directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects), [lodash](https://github.com/lodash/lodash) and [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/pdf directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects).\nBumps the npm_and_yarn group with 2 updates in the /packages/pieces/community/scrapeless directory: [basic-ftp](https://github.com/patrickjuchli/basic-ftp) and [ip-address](https://github.com/beaugunderson/ip-address).\nBumps the npm_and_yarn group with 2 updates in the /packages/server/shared directory: [axios](https://github.com/axios/axios) and [fastify](https://github.com/fastify/fastify).\nBumps the npm_and_yarn group with 2 updates in the /packages/server/worker directory: [axios](https://github.com/axios/axios) and [fastify](https://github.com/fastify/fastify).\n\nUpdates `axios` from 1.8.3 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/df53d7dd99b202fb194217abd127ae6a630e70dc\"\u003e\u003ccode\u003edf53d7d\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9d92bcd32639d1eea5b89f03ae45f248d3bb058e\"\u003e\u003ccode\u003e9d92bcd\u003c/code\u003e\u003c/a\u003e fix: gadgets and smaller issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5107ee69aee527b19eabaf80000ca65752135435\"\u003e\u003ccode\u003e5107ee6\u003c/code\u003e\u003c/a\u003e fix: prevent undefined error codes in settle (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e57349992f230b6b13e80613eb84302560aa5ba8\"\u003e\u003ccode\u003ee573499\u003c/code\u003e\u003c/a\u003e fix(fetch): defer global access in fetch adapter (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ad68e1a484b50086af427f767bbd7d6e3aab7ac3\"\u003e\u003ccode\u003ead68e1a\u003c/code\u003e\u003c/a\u003e fix(http): honor timeout during connect without redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2a51828213128691d2e37502b5eb2cf4965a737d\"\u003e\u003ccode\u003e2a51828\u003c/code\u003e\u003c/a\u003e fix(http): decode URL basic auth credentials (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0e8b6bbb542131bae9940618d84d5286255d4db1\"\u003e\u003ccode\u003e0e8b6bb\u003c/code\u003e\u003c/a\u003e fix(http): preserve user-supplied Host header when forwarding through a proxy...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/79f39e1d041dca87173226d0255f90eaf252564b\"\u003e\u003ccode\u003e79f39e1\u003c/code\u003e\u003c/a\u003e docs: document paramsSerializer.encode for strict RFC 3986 query encoding (\u003ca href=\"https://redirect.github.com/axios/axios/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0fe3a5fc14829535e1d517c662d448e86c33438e\"\u003e\u003ccode\u003e0fe3a5f\u003c/code\u003e\u003c/a\u003e [Docs/Types] Update \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions for ES2023 and add ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/cd6737fd84bdb7caf2a319d3579573a49f9d238d\"\u003e\u003ccode\u003ecd6737f\u003c/code\u003e\u003c/a\u003e chore: matches the sibling responseStream.on(aborted) handler and added tests...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.8.3...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.11.0 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/df53d7dd99b202fb194217abd127ae6a630e70dc\"\u003e\u003ccode\u003edf53d7d\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9d92bcd32639d1eea5b89f03ae45f248d3bb058e\"\u003e\u003ccode\u003e9d92bcd\u003c/code\u003e\u003c/a\u003e fix: gadgets and smaller issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5107ee69aee527b19eabaf80000ca65752135435\"\u003e\u003ccode\u003e5107ee6\u003c/code\u003e\u003c/a\u003e fix: prevent undefined error codes in settle (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e57349992f230b6b13e80613eb84302560aa5ba8\"\u003e\u003ccode\u003ee573499\u003c/code\u003e\u003c/a\u003e fix(fetch): defer global access in fetch adapter (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ad68e1a484b50086af427f767bbd7d6e3aab7ac3\"\u003e\u003ccode\u003ead68e1a\u003c/code\u003e\u003c/a\u003e fix(http): honor timeout during connect without redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2a51828213128691d2e37502b5eb2cf4965a737d\"\u003e\u003ccode\u003e2a51828\u003c/code\u003e\u003c/a\u003e fix(http): decode URL basic auth credentials (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0e8b6bbb542131bae9940618d84d5286255d4db1\"\u003e\u003ccode\u003e0e8b6bb\u003c/code\u003e\u003c/a\u003e fix(http): preserve user-supplied Host header when forwarding through a proxy...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/79f39e1d041dca87173226d0255f90eaf252564b\"\u003e\u003ccode\u003e79f39e1\u003c/code\u003e\u003c/a\u003e docs: document paramsSerializer.encode for strict RFC 3986 query encoding (\u003ca href=\"https://redirect.github.com/axios/axios/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0fe3a5fc14829535e1d517c662d448e86c33438e\"\u003e\u003ccode\u003e0fe3a5f\u003c/code\u003e\u003c/a\u003e [Docs/Types] Update \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions for ES2023 and add ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/cd6737fd84bdb7caf2a319d3579573a49f9d238d\"\u003e\u003ccode\u003ecd6737f\u003c/code\u003e\u003c/a\u003e chore: matches the sibling responseStream.on(aborted) handler and added tests...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.8.3...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/980371bb6057d78d479b5cfc18683392abd2c45f\"\u003e\u003ccode\u003e980371b\u003c/code\u003e\u003c/a\u003e Guard against unbounded control response\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/50827c73ca6c1d786c97276e47be8a33d0f2277d\"\u003e\u003ccode\u003e50827c7\u003c/code\u003e\u003c/a\u003e Adjust changelog to match release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/c9378a8ff73b96e89f17525266d648ce495286a6\"\u003e\u003ccode\u003ec9378a8\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/22abe4356782f499d97418f0a7a2c3bb02db72b7\"\u003e\u003ccode\u003e22abe43\u003c/code\u003e\u003c/a\u003e Update Github Actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0feaaec3d4394bb3470edd006df933d2b6e64689\"\u003e\u003ccode\u003e0feaaec\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/6629d7d7abe9169543a8ff60a6dc32e6fe7cf91c\"\u003e\u003ccode\u003e6629d7d\u003c/code\u003e\u003c/a\u003e Improve error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9c3bf4f893470cd2418b54862eb9b609efc3d335\"\u003e\u003ccode\u003e9c3bf4f\u003c/code\u003e\u003c/a\u003e Set higher default value for max size of directory listing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/acd3942c81ac27caf998b0ed13f3ce85c0fc6320\"\u003e\u003ccode\u003eacd3942\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/130442932b1ef27a550c915f231c07eae01e665a\"\u003e\u003ccode\u003e1304429\u003c/code\u003e\u003c/a\u003e Offer maxListingBytes as an option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5cb5367e86d8a2991224fb2b82e4933d27c07904\"\u003e\u003ccode\u003e5cb5367\u003c/code\u003e\u003c/a\u003e Add bounded StringWriter\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.4.0 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastif...\n\n_Description has been truncated_\n\n---\n\n🔄 This PR is an automated dependency update that bumps 16 npm packages across 12 directories, including major updates to axios (1.8.3→1.16.0), fastify (5.4.0→5.8.5), and various AWS SDK packages, addressing security vulnerabilities and bringing performance improvements.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Core Dependencies**: Major version bumps for axios (1.8.3→1.16.0) and fastify (5.4.0→5.8.5) with significant security and feature improvements\n- **AWS SDK Updates**: Unified AWS SDK packages to version 3.1044.0 across S3, SES, SNS, and SQS services\n- **Security Patches**: Updates to basic-ftp (5.0.5→5.3.1), follow-redirects (1.15.9→1.16.0), and other packages addressing known vulnerabilities\n- **Development Tools**: Updates to vite (6.3.5→6.4.2), postcss (8.4.38→8.5.10), and other build tools\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 16 Vulnerable Packages]\n    B --\u003e C[Update Root Dependencies]\n    B --\u003e D[Update Package-Specific Dependencies]\n    C --\u003e E[axios 1.16.0 - Security Fixes]\n    C --\u003e F[fastify 5.8.5 - CVE Patches]\n    C --\u003e G[AWS SDK 3.1044.0 - Consistency]\n    D --\u003e H[Community Packages]\n    H --\u003e I[Lock File Updates]\n    E --\u003e J[Enhanced Security Posture]\n    F --\u003e J\n    G --\u003e J\n```\n\n### Impact\n- **Security Enhancement**: Addresses multiple CVEs including fetch adapter vulnerabilities in axios and trust proxy issues in fastify\n- **API Improvements**: Axios now supports QUERY HTTP method and improved error handling with ECONNREFUSED constants\n- **Consistency**: AWS SDK packages are now aligned to the same version (3.1044.0) reducing potential compatibility issues\n- **Performance**: Updated packages include performance optimizations and bug fixes for better reliability\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/activepieces/pull/95","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Factivepieces/issues/95","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/95/packages"}},{"old_version":"9.1.1","new_version":"9.1.3","update_type":"patch","path":null,"pr_created_at":"2026-05-07T12:03:54.000Z","version_change":"9.1.1 → 9.1.3","issue":{"uuid":"4398603828","node_id":"PR_kwDORFRk1s7ZImP4","number":68,"state":"closed","title":"Build(deps): Bump the minor-and-patch group across 1 directory with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-09T01:16:12.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-07T12:03:54.000Z","updated_at":"2026-05-09T01:16:14.000Z","time_to_close":133938,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Build(deps): Bump","group_name":"minor-and-patch","update_count":19,"packages":[{"name":"@fastify/static","old_version":"9.1.1","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"},{"name":"axios","old_version":"1.15.0","new_version":"1.16.0","repository_url":"https://github.com/axios/axios"},{"name":"zod","old_version":"4.3.6","new_version":"4.4.3","repository_url":"https://github.com/colinhacks/zod"},{"name":"esbuild","old_version":"0.27.7","new_version":"0.28.0","repository_url":"https://github.com/evanw/esbuild"},{"name":"vitest","old_version":"4.1.4","new_version":"4.1.5","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"lucide-react","old_version":"1.8.0","new_version":"1.14.0","repository_url":"https://github.com/lucide-icons/lucide"},{"name":"react","old_version":"19.2.5","new_version":"19.2.6","repository_url":"https://github.com/facebook/react"},{"name":"react-dom","old_version":"19.2.5","new_version":"19.2.6","repository_url":"https://github.com/facebook/react"},{"name":"react-hook-form","old_version":"7.72.1","new_version":"7.75.0","repository_url":"https://github.com/react-hook-form/react-hook-form"},{"name":"react-router","old_version":"7.14.1","new_version":"7.15.0","repository_url":"https://github.com/remix-run/react-router"},{"name":"zustand","old_version":"5.0.12","new_version":"5.0.13","repository_url":"https://github.com/pmndrs/zustand"},{"name":"@tailwindcss/vite","old_version":"4.2.2","new_version":"4.2.4","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"jsdom","old_version":"29.0.2","new_version":"29.1.1","repository_url":"https://github.com/jsdom/jsdom"},{"name":"msw","old_version":"2.13.4","new_version":"2.14.3","repository_url":"https://github.com/mswjs/msw"},{"name":"postcss","old_version":"8.5.10","new_version":"8.5.14","repository_url":"https://github.com/postcss/postcss"},{"name":"vite","old_version":"8.0.8","new_version":"8.0.11","repository_url":"https://github.com/vitejs/vite"},{"name":"vitepress-plugin-llms","old_version":"1.12.1","new_version":"1.12.2","repository_url":"https://github.com/okineadev/vitepress-plugin-llms"},{"name":"vue","old_version":"3.5.32","new_version":"3.5.34","repository_url":"https://github.com/vuejs/core"}],"path":null,"ecosystem":"npm"},"body":"Bumps the minor-and-patch group with 18 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `9.1.1` | `9.1.3` |\n| [axios](https://github.com/axios/axios) | `1.15.0` | `1.16.0` |\n| [zod](https://github.com/colinhacks/zod) | `4.3.6` | `4.4.3` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.27.7` | `0.28.0` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.4` | `4.1.5` |\n| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.8.0` | `1.14.0` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.5` | `19.2.6` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.5` | `19.2.6` |\n| [react-hook-form](https://github.com/react-hook-form/react-hook-form) | `7.72.1` | `7.75.0` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `7.14.1` | `7.15.0` |\n| [zustand](https://github.com/pmndrs/zustand) | `5.0.12` | `5.0.13` |\n| [@tailwindcss/vite](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-vite) | `4.2.2` | `4.2.4` |\n| [jsdom](https://github.com/jsdom/jsdom) | `29.0.2` | `29.1.1` |\n| [msw](https://github.com/mswjs/msw) | `2.13.4` | `2.14.3` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.10` | `8.5.14` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.0.8` | `8.0.11` |\n| [vitepress-plugin-llms](https://github.com/okineadev/vitepress-plugin-llms) | `1.12.1` | `1.12.2` |\n| [vue](https://github.com/vuejs/core) | `3.5.32` | `3.5.34` |\n\n\nUpdates `@fastify/static` from 9.1.1 to 9.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-static/releases\"\u003e@​fastify/static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: support wildcard prefixes with route params by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/576\"\u003efastify/fastify-static#576\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.2...v9.1.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev9.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: resolve wildcard paths in encapsulated contexts by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-static/pull/574\"\u003efastify/fastify-static#574\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\"\u003ehttps://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/880c1a6c9118c7ff7c74a5727e5697237183d5cf\"\u003e\u003ccode\u003e880c1a6\u003c/code\u003e\u003c/a\u003e Bumped v9.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/7f92da5bf2366ccd2e0082e77d5222a7cb47d152\"\u003e\u003ccode\u003e7f92da5\u003c/code\u003e\u003c/a\u003e fix: support wildcard prefixes with route params (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/b0a66d5270a1ee1535e0c786d9beac2c7c7619c6\"\u003e\u003ccode\u003eb0a66d5\u003c/code\u003e\u003c/a\u003e Bumped v9.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-static/commit/32af86372ab45d3799408d5b56fc7f7d3003e5de\"\u003e\u003ccode\u003e32af863\u003c/code\u003e\u003c/a\u003e fix: resolve wildcard paths in encapsulated contexts (\u003ca href=\"https://redirect.github.com/fastify/fastify-static/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/fastify/fastify-static/compare/v9.1.1...v9.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.15.0 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/df53d7dd99b202fb194217abd127ae6a630e70dc\"\u003e\u003ccode\u003edf53d7d\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9d92bcd32639d1eea5b89f03ae45f248d3bb058e\"\u003e\u003ccode\u003e9d92bcd\u003c/code\u003e\u003c/a\u003e fix: gadgets and smaller issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5107ee69aee527b19eabaf80000ca65752135435\"\u003e\u003ccode\u003e5107ee6\u003c/code\u003e\u003c/a\u003e fix: prevent undefined error codes in settle (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e57349992f230b6b13e80613eb84302560aa5ba8\"\u003e\u003ccode\u003ee573499\u003c/code\u003e\u003c/a\u003e fix(fetch): defer global access in fetch adapter (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ad68e1a484b50086af427f767bbd7d6e3aab7ac3\"\u003e\u003ccode\u003ead68e1a\u003c/code\u003e\u003c/a\u003e fix(http): honor timeout during connect without redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2a51828213128691d2e37502b5eb2cf4965a737d\"\u003e\u003ccode\u003e2a51828\u003c/code\u003e\u003c/a\u003e fix(http): decode URL basic auth credentials (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0e8b6bbb542131bae9940618d84d5286255d4db1\"\u003e\u003ccode\u003e0e8b6bb\u003c/code\u003e\u003c/a\u003e fix(http): preserve user-supplied Host header when forwarding through a proxy...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/79f39e1d041dca87173226d0255f90eaf252564b\"\u003e\u003ccode\u003e79f39e1\u003c/code\u003e\u003c/a\u003e docs: document paramsSerializer.encode for strict RFC 3986 query encoding (\u003ca href=\"https://redirect.github.com/axios/axios/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0fe3a5fc14829535e1d517c662d448e86c33438e\"\u003e\u003ccode\u003e0fe3a5f\u003c/code\u003e\u003c/a\u003e [Docs/Types] Update \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions for ES2023 and add ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/cd6737fd84bdb7caf2a319d3579573a49f9d238d\"\u003e\u003ccode\u003ecd6737f\u003c/code\u003e\u003c/a\u003e chore: matches the sibling responseStream.on(aborted) handler and added tests...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.15.0...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zod` from 4.3.6 to 4.4.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/colinhacks/zod/releases\"\u003ezod's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.4.3\u003c/h2\u003e\n\u003ch2\u003eCommits:\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e4c2fa95ce3f3390fbc522324e406b4e9e89b88f9 docs: use Zernio primary wordmark for gold sponsor logo\u003c/li\u003e\n\u003cli\u003e2aeec83eb135e3a83756e973ef44845fc5a455d2 docs: prune lapsed gold sponsors and rebalance logo sizing\u003c/li\u003e\n\u003cli\u003e7391be88ac1ee5cd02057f5ccc012a1f5df4efd0 docs: prune lapsed silver/bronze sponsors and add active ones\u003c/li\u003e\n\u003cli\u003e2c703322a21b4e2b12f33f49ea8430c451a68b4f docs: normalize bronze sponsor logos to github avatar pattern\u003c/li\u003e\n\u003cli\u003e9195250cab0e7950efe39c3926d6c203b4b0a170 docs: remove Mintlify from bronze sponsors (churned)\u003c/li\u003e\n\u003cli\u003eb8dffe9e62f17e6571e6249d05cc5102b54d94e4 docs: remove Numeric and Speakeasy (2+ missed monthly cycles)\u003c/li\u003e\n\u003cli\u003e1cab69383fcdeae2a366d5e2a2fc4d8fc765d168 fix(v4): restore catch handling for absent object keys (\u003ca href=\"https://redirect.github.com/colinhacks/zod/issues/5937\"\u003e#5937\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/colinhacks/zod/issues/5939\"\u003e#5939\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ec2be4f819064eed62c7c350a2d399b5faecd15f8 fix(v4): generalize optin/fallback to transform; restore preprocess on absent keys (\u003ca href=\"https://redirect.github.com/colinhacks/zod/issues/5941\"\u003e#5941\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ef3c9ec03ba7a28ae72d25cc295f38674bee0f559 4.4.3\u003c/li\u003e\n\u003cli\u003e1fb56a5c18c27102dbc92260a4007c7732a0ccca docs: document release procedure in AGENTS.md\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.4.2\u003c/h2\u003e\n\u003ch2\u003eCommits:\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e0c62df0ea19fd05abdf90473e9eef7eea530fab2 Clean up docs navigation and stale labels (\u003ca href=\"https://redirect.github.com/colinhacks/zod/issues/5901\"\u003e#5901\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e20cc794895cc8604fe0c87d83a5d1c3f89fad0ac chore: add security policy and refresh tooling deps\u003c/li\u003e\n\u003cli\u003e6fbe07b0177efdd1bf1c0b05160e70d7a0702337 fix(docs): heading anchor links now include the hash so it doesnt scoll all the way up, follows navbar logic (\u003ca href=\"https://redirect.github.com/colinhacks/zod/issues/5791\"\u003e#5791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e4bbed1b1c73eca4ce9e59b1189ed236aa6c8b5bd Tighten discriminated union option typing\u003c/li\u003e\n\u003cli\u003ebbac3e567e7fccfaaf7cdc97f1ce30c295e2c908 Update PR guidance for agents\u003c/li\u003e\n\u003cli\u003ecf0dc942a32805c292fff59ade20a7ace980735a Merge remote-tracking branch 'origin/main' into fix-discriminated-union-key-constraint\u003c/li\u003e\n\u003cli\u003e292c894a5fd2aa42e527900b83d8d7a3009a709c docs: add Zernio gold sponsor\u003c/li\u003e\n\u003cli\u003e1fc9f311c28dcf80d0bb5a36b177086cbc3d8eca docs: document codec inversion\u003c/li\u003e\n\u003cli\u003e1373c85da9aeff704a9762d27bc58699618aefb7 docs: remove AI disclosure guidance\u003c/li\u003e\n\u003cli\u003ee20d02b473c08e3a4e557bc610b1b5fac079b649 chore: ignore triage notes\u003c/li\u003e\n\u003cli\u003ee58ea4d91b1dfe8194b73508203213cbc7e9c936 docs: test Zod Mini tab code heights\u003c/li\u003e\n\u003cli\u003e905761a5d127e8d5dd2ebb3bc88c75cb0b8149ff docs: document preprocess input type narrowing\u003c/li\u003e\n\u003cli\u003ebf64bac850d4dee2b7dde7e64909d5d796d32043 chore: tighten test guidance in AGENTS.md\u003c/li\u003e\n\u003cli\u003e8ec4e73f4c4693b6361ad591be40fb41eb8a9f95 chore: update play.ts scratch\u003c/li\u003e\n\u003cli\u003e02c2baf7d0d615872fa4528a8020603b71211702 Make z.preprocess defer optionality to inner schema (\u003ca href=\"https://redirect.github.com/colinhacks/zod/issues/5929\"\u003e#5929\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e88015df8e25c44fb5385eb3ef28935119cd5edea fix(docs): drop deprecated \u003ccode\u003ebaseUrl\u003c/code\u003e from tsconfig\u003c/li\u003e\n\u003cli\u003ec59d4474e3b4cad1b323462186cf607178ce8267 4.4.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.4.1\u003c/h2\u003e\n\u003ch2\u003eCommits:\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e481f7be4238c83ed58183f921b2646f340a91c6a ci: gate release publishing on full test workflow\u003c/li\u003e\n\u003cli\u003e95ccab423aec720b2523c3a64cdc7e3204537cc7 test(v3): restore optional undefined expectations\u003c/li\u003e\n\u003cli\u003ecede2c63739a5823d6aa5093d291e9a111da943d fix(v4): reject tuple holes before required defaults (\u003ca href=\"https://redirect.github.com/colinhacks/zod/issues/5900\"\u003e#5900\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eedd0bf0f5ada4a8dc581c259407d7bbad0a71ea7 release: 4.4.1\u003c/li\u003e\n\u003cli\u003e180d83d1dbe6a59260710cc8637a3dea2281ee56 docs: remove Jazz featured sponsor\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.4.0\u003c/h2\u003e\n\u003ch2\u003e4.4.0\u003c/h2\u003e\n\u003cp\u003eThis is a minor release with a wide set of correctness and soundness fixes. Some fixes intentionally make Zod stricter, so code that depended on previously accepted invalid or ambiguous inputs may need small updates.\u003c/p\u003e\n\u003ch2\u003ePotentially breaking bug fixes\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/colinhacks/zod/commit/1fb56a5c18c27102dbc92260a4007c7732a0ccca\"\u003e\u003ccode\u003e1fb56a5\u003c/code\u003e\u003c/a\u003e docs: document release procedure in AGENTS.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/colinhacks/zod/commit/f3c9ec03ba7a28ae72d25cc295f38674bee0f559\"\u003e\u003ccode\u003ef3c9ec0\u003c/code\u003e\u003c/a\u003e 4.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/colinhacks/zod/commit/c2be4f819064eed62c7c350a2d399b5faecd15f8\"\u003e\u003ccode\u003ec2be4f8\u003c/code\u003e\u003c/a\u003e fix(v4): generalize optin/fallback to transform; restore preprocess on absent...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/colinhacks/zod/commit/1cab69383fcdeae2a366d5e2a2fc4d8fc765d168\"\u003e\u003ccode\u003e1cab693\u003c/code\u003e\u003c/a\u003e fix(v4): restore catch handling for absent object keys (\u003ca href=\"https://redirect.github.com/colinhacks/zod/issues/5937\"\u003e#5937\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/colinhacks/zod/issues/5939\"\u003e#5939\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/colinhacks/zod/commit/b8dffe9e62f17e6571e6249d05cc5102b54d94e4\"\u003e\u003ccode\u003eb8dffe9\u003c/code\u003e\u003c/a\u003e docs: remove Numeric and Speakeasy (2+ missed monthly cycles)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/colinhacks/zod/commit/9195250cab0e7950efe39c3926d6c203b4b0a170\"\u003e\u003ccode\u003e9195250\u003c/code\u003e\u003c/a\u003e docs: remove Mintlify from bronze sponsors (churned)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/colinhacks/zod/commit/2c703322a21b4e2b12f33f49ea8430c451a68b4f\"\u003e\u003ccode\u003e2c70332\u003c/code\u003e\u003c/a\u003e docs: normalize bronze sponsor logos to github avatar pattern\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/colinhacks/zod/commit/7391be88ac1ee5cd02057f5ccc012a1f5df4efd0\"\u003e\u003ccode\u003e7391be8\u003c/code\u003e\u003c/a\u003e docs: prune lapsed silver/bronze sponsors and add active ones\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/colinhacks/zod/commit/2aeec83eb135e3a83756e973ef44845fc5a455d2\"\u003e\u003ccode\u003e2aeec83\u003c/code\u003e\u003c/a\u003e docs: prune lapsed gold sponsors and rebalance logo sizing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/colinhacks/zod/commit/4c2fa95ce3f3390fbc522324e406b4e9e89b88f9\"\u003e\u003ccode\u003e4c2fa95\u003c/code\u003e\u003c/a\u003e docs: use Zernio primary wordmark for gold sponsor logo\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/colinhacks/zod/compare/v4.3.6...v4.4.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for zod since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.27.7 to 0.28.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd support for \u003ccode\u003ewith { type: 'text' }\u003c/code\u003e imports (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4435\"\u003e#4435\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe \u003ca href=\"https://github.com/tc39/proposal-import-text\"\u003eimport text\u003c/a\u003e proposal has reached stage 3 in the TC39 process, which means that it's recommended for implementation. It has also already been implemented by \u003ca href=\"https://docs.deno.com/examples/importing_text/\"\u003eDeno\u003c/a\u003e and \u003ca href=\"https://bun.com/docs/guides/runtime/import-html\"\u003eBun\u003c/a\u003e. So with this release, esbuild also adds support for it. This behaves exactly the same as esbuild's existing \u003ca href=\"https://esbuild.github.io/content-types/#text\"\u003e\u003ccode\u003etext\u003c/code\u003e loader\u003c/a\u003e. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport string from './example.txt' with { type: 'text' }\nconsole.log(string)\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to fallback download path (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4343\"\u003e#4343\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eInstalling esbuild via npm is somewhat complicated with several different edge cases (see \u003ca href=\"https://esbuild.github.io/getting-started/#additional-npm-flags\"\u003eesbuild's documentation\u003c/a\u003e for details). If the regular installation of esbuild's platform-specific package fails, esbuild's install script attempts to download the platform-specific package itself (first with the \u003ccode\u003enpm\u003c/code\u003e command, and then with a HTTP request to \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e as a last resort).\u003c/p\u003e\n\u003cp\u003eThis last resort path previously didn't have any integrity checks. With this release, esbuild will now verify that the hash of the downloaded binary matches the expected hash for the current release. This means the hashes for all of esbuild's platform-specific binary packages will now be embedded in the top-level \u003ccode\u003eesbuild\u003c/code\u003e package. Hopefully this should work without any problems. But just in case, this change is being done as a breaking change release.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate the Go compiler from 1.25.7 to 1.26.1\u003c/p\u003e\n\u003cp\u003eThis upgrade should not affect anything. However, there have been some significant internal changes to the Go compiler, so esbuild could potentially behave differently in certain edge cases:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIt now uses the \u003ca href=\"https://go.dev/doc/go1.26#new-garbage-collector\"\u003enew garbage collector\u003c/a\u003e that comes with Go 1.26.\u003c/li\u003e\n\u003cli\u003eThe Go compiler is now more aggressive with allocating memory on the stack.\u003c/li\u003e\n\u003cli\u003eThe executable format that the Go linker uses has undergone several changes.\u003c/li\u003e\n\u003cli\u003eThe WebAssembly build now unconditionally makes use of the sign extension and non-trapping floating-point to integer conversion instructions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eYou can read the \u003ca href=\"https://go.dev/doc/go1.26\"\u003eGo 1.26 release notes\u003c/a\u003e for more information.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.28.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd support for \u003ccode\u003ewith { type: 'text' }\u003c/code\u003e imports (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4435\"\u003e#4435\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe \u003ca href=\"https://github.com/tc39/proposal-import-text\"\u003eimport text\u003c/a\u003e proposal has reached stage 3 in the TC39 process, which means that it's recommended for implementation. It has also already been implemented by \u003ca href=\"https://docs.deno.com/examples/importing_text/\"\u003eDeno\u003c/a\u003e and \u003ca href=\"https://bun.com/docs/guides/runtime/import-html\"\u003eBun\u003c/a\u003e. So with this release, esbuild also adds support for it. This behaves exactly the same as esbuild's existing \u003ca href=\"https://esbuild.github.io/content-types/#text\"\u003e\u003ccode\u003etext\u003c/code\u003e loader\u003c/a\u003e. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport string from './example.txt' with { type: 'text' }\nconsole.log(string)\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to fallback download path (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4343\"\u003e#4343\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eInstalling esbuild via npm is somewhat complicated with several different edge cases (see \u003ca href=\"https://esbuild.github.io/getting-started/#additional-npm-flags\"\u003eesbuild's documentation\u003c/a\u003e for details). If the regular installation of esbuild's platform-specific package fails, esbuild's install script attempts to download the platform-specific package itself (first with the \u003ccode\u003enpm\u003c/code\u003e command, and then with a HTTP request to \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e as a last resort).\u003c/p\u003e\n\u003cp\u003eThis last resort path previously didn't have any integrity checks. With this release, esbuild will now verify that the hash of the downloaded binary matches the expected hash for the current release. This means the hashes for all of esbuild's platform-specific binary packages will now be embedded in the top-level \u003ccode\u003eesbuild\u003c/code\u003e package. Hopefully this should work without any problems. But just in case, this change is being done as a breaking change release.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate the Go compiler from 1.25.7 to 1.26.1\u003c/p\u003e\n\u003cp\u003eThis upgrade should not affect anything. However, there have been some significant internal changes to the Go compiler, so esbuild could potentially behave differently in certain edge cases:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIt now uses the \u003ca href=\"https://go.dev/doc/go1.26#new-garbage-collector\"\u003enew garbage collector\u003c/a\u003e that comes with Go 1.26.\u003c/li\u003e\n\u003cli\u003eThe Go compiler is now more aggressive with allocating memory on the stack.\u003c/li\u003e\n\u003cli\u003eThe executable format that the Go linker uses has undergone several changes.\u003c/li\u003e\n\u003cli\u003eThe WebAssembly build now unconditionally makes use of the sign extension and non-trapping floating-point to integer conversion instructions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eYou can read the \u003ca href=\"https://go.dev/doc/go1.26\"\u003eGo 1.26 release notes\u003c/a\u003e for more information.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/6a794dff68e6a43539f6da671e3080efdf11ca70\"\u003e\u003ccode\u003e6a794df\u003c/code\u003e\u003c/a\u003e publish 0.28.0 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/64ee0ea63b2ff303caafc9610c388dc72c882c23\"\u003e\u003ccode\u003e64ee0ea\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4435\"\u003e#4435\u003c/a\u003e: support \u003ccode\u003ewith { type: text }\u003c/code\u003e imports\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/ef65aeeaacdb71eade186f888975b1de89574314\"\u003e\u003ccode\u003eef65aee\u003c/code\u003e\u003c/a\u003e fix sort order in \u003ccode\u003esnapshots_packagejson.txt\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1a26a8ecbc39aaf1379c524a0274a08fbcbed655\"\u003e\u003ccode\u003e1a26a8e\u003c/code\u003e\u003c/a\u003e try to fix \u003ccode\u003etest-old-ts\u003c/code\u003e, also shuffle CI tasks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/556ce6c1fc00d7c0917fbfada01ed8e5251bc510\"\u003e\u003ccode\u003e556ce6c\u003c/code\u003e\u003c/a\u003e use \u003ccode\u003e''\u003c/code\u003e instead of \u003ccode\u003enull\u003c/code\u003e to omit build hashes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/8e675a81a473ea69a46a69792f1386bb110dd877\"\u003e\u003ccode\u003e8e675a8\u003c/code\u003e\u003c/a\u003e ci: allow missing binary hashes for tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/7067763b904fe8a522fa840a4a48c5fbd4c395e0\"\u003e\u003ccode\u003e7067763\u003c/code\u003e\u003c/a\u003e Reapply \u0026quot;update go 1.25.7 =\u0026gt; 1.26.1\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/39473a952ab3b450d0578b698a8b8d2a02332e0d\"\u003e\u003ccode\u003e39473a9\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4343\"\u003e#4343\u003c/a\u003e: integrity check for binary download\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.27.7...v0.28.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 4.1.4 to 4.1.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Experimental Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Istanbul to support \u003ccode\u003einstrumenter\u003c/code\u003e option  -  by \u003ca href=\"https://github.com/BartWaardenburg\"\u003e\u003ccode\u003e@​BartWaardenburg\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10119\"\u003evitest-dev/vitest#10119\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/0e0ff41c7\"\u003e\u003c!-- raw HTML omitted --\u003e(0e0ff)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e--project negation excludes browser instances  -  by \u003ca href=\"https://github.com/felamaslen\"\u003e\u003ccode\u003e@​felamaslen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10131\"\u003evitest-dev/vitest#10131\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9423dc084\"\u003e\u003c!-- raw HTML omitted --\u003e(9423d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProject color label on html reporter  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10142\"\u003evitest-dev/vitest#10142\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/596f73986\"\u003e\u003c!-- raw HTML omitted --\u003e(596f7)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003evi.defineHelper\u003c/code\u003e called as object method  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10163\"\u003evitest-dev/vitest#10163\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/122c25b5b\"\u003e\u003c!-- raw HTML omitted --\u003e(122c2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlias \u003ccode\u003eagent\u003c/code\u003e reporter to \u003ccode\u003eminimal\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10157\"\u003evitest-dev/vitest#10157\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/663b99fe3\"\u003e\u003c!-- raw HTML omitted --\u003e(663b9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions  -  by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003esheremet-va\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedad\"\u003e\u003c!-- raw HTML omitted --\u003e(9787d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions \u0026quot;  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd\"\u003e\u003c!-- raw HTML omitted --\u003e(7dc6d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-collect\u003c/strong\u003e: Recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery  -  by \u003ca href=\"https://github.com/Yejneshwar\"\u003e\u003ccode\u003e@​Yejneshwar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10129\"\u003evitest-dev/vitest#10129\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab2\"\u003e\u003c!-- raw HTML omitted --\u003e(32546)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Descriptive error message when reports directory is removed during test run  -  by \u003ca href=\"https://github.com/DaveT1991\"\u003e\u003ccode\u003e@​DaveT1991\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10117\"\u003evitest-dev/vitest#10117\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1413382e1\"\u003e\u003c!-- raw HTML omitted --\u003e(14133)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esnapshot\u003c/strong\u003e: Increase default snapshot max output length  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10150\"\u003evitest-dev/vitest#10150\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/21e66ff63\"\u003e\u003c!-- raw HTML omitted --\u003e(21e66)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eui\u003c/strong\u003e: Fix jsx/tsx syntax highlight  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10152\"\u003evitest-dev/vitest#10152\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/f1b1f6c7b\"\u003e\u003c!-- raw HTML omitted --\u003e(f1b1f)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eweb-worker\u003c/strong\u003e: Support MessagePort objects referenced inside postMessage data  -  by \u003ca href=\"https://github.com/whitphx\"\u003e\u003ccode\u003e@​whitphx\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eClaude Opus 4.6 (1M context)\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9927\"\u003evitest-dev/vitest#9927\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10124\"\u003evitest-dev/vitest#10124\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7ad7d39af\"\u003e\u003c!-- raw HTML omitted --\u003e(7ad7d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Make test-specification options writable  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10154\"\u003evitest-dev/vitest#10154\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/6abd557b7\"\u003e\u003c!-- raw HTML omitted --\u003e(6abd5)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.4...v4.1.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e399846850fedf10b8228cbe46a419628998acd9\"\u003e\u003ccode\u003ee399846\u003c/code\u003e\u003c/a\u003e chore: release v4.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd9dda0fe6fee2fb6451d0611a9ecb6e7\"\u003e\u003ccode\u003e7dc6d54\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;fix: respect diff config options in soft assertions (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696\"\u003e#8696\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedade9896a6d3eeed7739177d6c583a68a7\"\u003e\u003ccode\u003e9787ded\u003c/code\u003e\u003c/a\u003e fix: respect diff config options in soft assertions (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696\"\u003e#8696\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab292c45c3ef27aa21ec7da380c307052c\"\u003e\u003ccode\u003e325463a\u003c/code\u003e\u003c/a\u003e fix(ast-collect): recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/0e0ff41c7e86d6e2bf581f074dc216805d10d371\"\u003e\u003ccode\u003e0e0ff41\u003c/code\u003e\u003c/a\u003e feat(coverage): istanbul to support \u003ccode\u003einstrumenter\u003c/code\u003e option (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10119\"\u003e#10119\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/663b99fe3e6a60fc8a7ccd2d9941d1cbe929b606\"\u003e\u003ccode\u003e663b99f\u003c/code\u003e\u003c/a\u003e fix: alias \u003ccode\u003eagent\u003c/code\u003e reporter to \u003ccode\u003eminimal\u003c/code\u003e (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10157\"\u003e#10157\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/122c25b5b157ffd31b376561b16ab983aa23e7bc\"\u003e\u003ccode\u003e122c25b\u003c/code\u003e\u003c/a\u003e fix: fix \u003ccode\u003evi.defineHelper\u003c/code\u003e called as object method (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10163\"\u003e#10163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/6abd557b7219156893dd13a1dbe86501d5542d2e\"\u003e\u003ccode\u003e6abd557\u003c/code\u003e\u003c/a\u003e feat(api): make test-specification options writable (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10154\"\u003e#10154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/596f73986abe2161a9a06f0ca03df68e82690b21\"\u003e\u003ccode\u003e596f739\u003c/code\u003e\u003c/a\u003e fix: project color label on html reporter (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10142\"\u003e#10142\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/9423dc0841e97b6dcac8a73cdb8e656b3d6ba909\"\u003e\u003ccode\u003e9423dc0\u003c/code\u003e\u003c/a\u003e fix: --project negation excludes browser instances (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10131\"\u003e#10131\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v4.1.5/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lucide-react` from 1.8.0 to 1.14.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lucide-icons/lucide/releases\"\u003elucide-react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 1.14.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003erepeat-off\u003c/code\u003e icon by \u003ca href=\"https://github.com/jguddas\"\u003e\u003ccode\u003e@​jguddas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/3102\"\u003elucide-icons/lucide#3102\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lucide-icons/lucide/compare/1.13.0...1.14.0\"\u003ehttps://github.com/lucide-icons/lucide/compare/1.13.0...1.14.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.13.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(docs): sync URL params with UI state on categories page by \u003ca href=\"https://github.com/taimar\"\u003e\u003ccode\u003e@​taimar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4111\"\u003elucide-icons/lucide#4111\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): add \u003ccode\u003ewaves-vertical\u003c/code\u003e icon by \u003ca href=\"https://github.com/jamiemlaw\"\u003e\u003ccode\u003e@​jamiemlaw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/3867\"\u003elucide-icons/lucide#3867\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lucide-icons/lucide/compare/1.12.0...1.13.0\"\u003ehttps://github.com/lucide-icons/lucide/compare/1.12.0...1.13.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.12.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(icon): add folder-bookmark icon by \u003ca href=\"https://github.com/swastik7805\"\u003e\u003ccode\u003e@​swastik7805\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4262\"\u003elucide-icons/lucide#4262\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(readme): Update readme files by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4320\"\u003elucide-icons/lucide#4320\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003eastroid\u003c/code\u003e icon by \u003ca href=\"https://github.com/whoisBugsbunny\"\u003e\u003ccode\u003e@​whoisBugsbunny\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4217\"\u003elucide-icons/lucide#4217\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lucide-icons/lucide/compare/1.10.0...1.12.0\"\u003ehttps://github.com/lucide-icons/lucide/compare/1.10.0...1.12.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.11.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: add missing period to TypeScript Support description by \u003ca href=\"https://github.com/jglu\"\u003e\u003ccode\u003e@​jglu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4309\"\u003elucide-icons/lucide#4309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(\u003ccode\u003e@​lucide/svelte\u003c/code\u003e): proper doc comments for svelte components by \u003ca href=\"https://github.com/blt-r\"\u003e\u003ccode\u003e@​blt-r\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4267\"\u003elucide-icons/lucide#4267\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump svgo from 3.3.2 to 3.3.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4119\"\u003elucide-icons/lucide#4119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump astro from 6.0.8 to 6.1.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4310\"\u003elucide-icons/lucide#4310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): add power and quick tags to zap and zap-off by \u003ca href=\"https://github.com/swastik7805\"\u003e\u003ccode\u003e@​swastik7805\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4268\"\u003elucide-icons/lucide#4268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(build-font): added comprehensive unit tests on build-font tool by \u003ca href=\"https://github.com/karsa-mistmere\"\u003e\u003ccode\u003e@​karsa-mistmere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4315\"\u003elucide-icons/lucide#4315\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(docs): blur background of framework-select by \u003ca href=\"https://github.com/Spleefies\"\u003e\u003ccode\u003e@​Spleefies\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4238\"\u003elucide-icons/lucide#4238\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icon): add heart-x icon  by \u003ca href=\"https://github.com/swastik7805\"\u003e\u003ccode\u003e@​swastik7805\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4264\"\u003elucide-icons/lucide#4264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(icons): optimised \u003ccode\u003erotate-3d\u003c/code\u003e icon by \u003ca href=\"https://github.com/jamiemlaw\"\u003e\u003ccode\u003e@​jamiemlaw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4299\"\u003elucide-icons/lucide#4299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003elayers-minus\u003c/code\u003e icon by \u003ca href=\"https://github.com/Spleefies\"\u003e\u003ccode\u003e@​Spleefies\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4005\"\u003elucide-icons/lucide#4005\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003ebell-check\u003c/code\u003e icon by \u003ca href=\"https://github.com/pettelau\"\u003e\u003ccode\u003e@​pettelau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4152\"\u003elucide-icons/lucide#4152\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jglu\"\u003e\u003ccode\u003e@​jglu\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4309\"\u003elucide-icons/lucide#4309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pettelau\"\u003e\u003ccode\u003e@​pettelau\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4152\"\u003elucide-icons/lucide#4152\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lucide-icons/lucide/compare/1.9.0...1.11.0\"\u003ehttps://github.com/lucide-icons/lucide/compare/1.9.0...1.11.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.10.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: add missing period to TypeScript Support description by \u003ca href=\"https://github.com/jglu\"\u003e\u003ccode\u003e@​jglu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4309\"\u003elucide-icons/lucide#4309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(\u003ccode\u003e@​lucide/svelte\u003c/code\u003e): proper doc comments for svelte components by \u003ca href=\"https://github.com/blt-r\"\u003e\u003ccode\u003e@​blt-r\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4267\"\u003elucide-icons/lucide#4267\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump svgo from 3.3.2 to 3.3.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4119\"\u003elucide-icons/lucide#4119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump astro from 6.0.8 to 6.1.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4310\"\u003elucide-icons/lucide#4310\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lucide-icons/lucide/commit/50d8af5a1012e188f3d71ac8f1fc0fba1aab5357\"\u003e\u003ccode\u003e50d8af5\u003c/code\u003e\u003c/a\u003e docs(readme): Update readme files (\u003ca href=\"https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react/issues/4320\"\u003e#4320\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lucide-icons/lucide/commit/653e44b83293567ff24dcb90ca1094a9cf0a042a\"\u003e\u003ccode\u003e653e44b\u003c/code\u003e\u003c/a\u003e feat(packages): use .mjs for ESM bundles (\u003ca href=\"https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react/issues/4285\"\u003e#4285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/lucide-icons/lucide/commits/1.14.0/packages/lucide-react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react` from 19.2.5 to 19.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/releases\"\u003ereact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.6 (May 6th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eType hardening and performance improvements\n(\u003ca href=\"https://redirect.github.com/facebook/react/pull/36425\"\u003e#36425\u003c/a\u003e by \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/eaf3e95ca92be7a23d3c9cc8ffd6f199a40be401\"\u003e\u003ccode\u003eeaf3e95\u003c/code\u003e\u003c/a\u003e Version 19.2.6\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/facebook/react/commits/v19.2.6/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-dom` from 19.2.5 to 19.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/releases\"\u003ereact-dom's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.6 (May 6th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eType hardening and performance improvements\n(\u003ca href=\"https://redirect.github.com/facebook/react/pull/36425\"\u003e#36425\u003c/a\u003e by \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/facebook/react/commit/eaf3e95ca92be7a23d3c9cc8ffd6f199a40be401\"\u003e\u003ccode\u003eeaf3e95\u003c/code\u003e\u003c/a\u003e Version 19.2.6\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/facebook/react/commits/v19.2.6/packages/react-dom\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-hook-form` from 7.72.1 to 7.75.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/react-hook-form/react-hook-form/releases\"\u003ereact-hook-form's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 7.75.0\u003c/h2\u003e\n\u003cp\u003e🦧 feat: improve get dirty fields prune empty fields (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13363\"\u003e#13363\u003c/a\u003e)\u003c/p\u003e\n\u003cpre lang=\"diff\"\u003e\u003ccode\u003e+ dirtyFields: { test: [{ data: false }] }\r\n- dirtyFields: {} // removed the empty node with false value\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e🎹 typescript 6.0 (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13330\"\u003e#13330\u003c/a\u003e)\n🌡️ chore: minor improvement on setValue \u0026amp; reset (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13366\"\u003e#13366\u003c/a\u003e)\n🐞 fix \u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13403\"\u003e#13403\u003c/a\u003e: include setValues in FormProvider context value (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13404\"\u003e#13404\u003c/a\u003e)\n🐞 fix: recompute isDirty after re-registering a previously unregistered field (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13399\"\u003e#13399\u003c/a\u003e)\n🐞 fix: preserve watch updates on field array unmount fixes \u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13375\"\u003e#13375\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13385\"\u003e#13385\u003c/a\u003e)\n🐞 fix: prevent useWatch re-render when unrelated field validation is … (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13398\"\u003e#13398\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ethanks to \u003ca href=\"https://github.com/dfedoryshchev\"\u003e\u003ccode\u003e@​dfedoryshchev\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/cyky\"\u003e\u003ccode\u003e@​cyky\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/gkarabelos\"\u003e\u003ccode\u003e@​gkarabelos\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 7.74.0\u003c/h2\u003e\n\u003cp\u003e🪇 feat: setValues (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13201\"\u003e#13201\u003c/a\u003e)\u003c/p\u003e\n\u003cpre lang=\"tsx\"\u003e\u003ccode\u003esetValues((data) =\u0026gt; {\r\n  return {\r\n    ...data,\r\n    name: 'test'\r\n  }\r\n})\r\n\u003cp\u003esetValues(formValues);\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e🐞 fix: preserve previous field value when useController name changes (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13395\"\u003e#13395\u003c/a\u003e)\n🐞 fix: handle null parent when unregistering nested field (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13396\"\u003e#13396\u003c/a\u003e)\n🐞 fix: treat NaN as empty when valueAsNumber is true in validateField (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13388\"\u003e#13388\u003c/a\u003e)\n🪢 fix build to exclude test files (\u003ca href=\"https://redirect.github.com/react-hook-form/react-hook-form/issues/13387\"\u003e#13387\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ethanks to \u003ca href=\"https://github.com/Yihao-G\"\u003e\u003ccode\u003e@​Yihao-G\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://githu...\n\n_Description has been truncated_","html_url":"https://github.com/t3rr11/Requesto/pull/68","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/t3rr11%2FRequesto/issues/68","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/68/packages"}},{"old_version":"8.2.0","new_version":"9.1.3","update_type":"major","path":null,"pr_created_at":"2026-05-07T01:21:52.000Z","version_change":"8.2.0 → 9.1.3","issue":{"uuid":"4395476989","node_id":"PR_kwDOPrXVTc7Y-crU","number":94,"state":"open","title":"Bump the npm_and_yarn group across 12 directories with 18 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-07T01:21:52.000Z","updated_at":"2026-05-07T01:29:07.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":18,"packages":[{"name":"axios","old_version":"1.8.3","new_version":"1.16.0","repository_url":"https://github.com/axios/axios"},{"name":"axios","old_version":"1.11.0","new_version":"1.16.0","repository_url":"https://github.com/axios/axios"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.3.1","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"fastify","old_version":"5.4.0","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"},{"name":"i18next-http-backend","old_version":"2.5.2","new_version":"3.0.5","repository_url":"https://github.com/i18next/i18next-http-backend"},{"name":"nodemailer","old_version":"6.9.9","new_version":"8.0.7","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"simple-git","old_version":"3.21.0","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"postcss","old_version":"8.4.38","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"vite","old_version":"6.3.5","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"fast-xml-parser","old_version":"4.4.1","new_version":"5.7.2","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"@fastify/static","old_version":"8.2.0","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"},{"name":"@supabase/auth-js","old_version":"2.69.1","new_version":"2.105.3","repository_url":"https://github.com/supabase/supabase-js"},{"name":"@xmldom/xmldom","old_version":"0.8.10","new_version":"0.8.13","repository_url":"https://github.com/xmldom/xmldom"},{"name":"protobufjs","old_version":"7.5.3","new_version":"7.5.6","repository_url":"https://github.com/protobufjs/protobuf.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `1.8.3` | `1.16.0` |\n| [axios](https://github.com/axios/axios) | `1.11.0` | `1.16.0` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.3.1` |\n| [fastify](https://github.com/fastify/fastify) | `5.4.0` | `5.8.5` |\n| [i18next-http-backend](https://github.com/i18next/i18next-http-backend) | `2.5.2` | `3.0.5` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `6.9.9` | `8.0.7` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.21.0` | `3.36.0` |\n| [postcss](https://github.com/postcss/postcss) | `8.4.38` | `8.5.10` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.3.5` | `6.4.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.4.1` | `5.7.2` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.2.0` | `9.1.3` |\n| [@supabase/auth-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/auth-js) | `2.69.1` | `2.105.3` |\n| [@xmldom/xmldom](https://github.com/xmldom/xmldom) | `0.8.10` | `0.8.13` |\n| [protobufjs](https://github.com/protobufjs/protobuf.js) | `7.5.3` | `7.5.6` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/amazon-ses directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/amazon-sns directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/amazon-sqs directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/clarifai directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 2 updates in the /packages/pieces/community/contentful directory: [axios](https://github.com/axios/axios) and [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/image-helper directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects).\nBumps the npm_and_yarn group with 3 updates in the /packages/pieces/community/mailchain directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects), [lodash](https://github.com/lodash/lodash) and [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/pdf directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects).\nBumps the npm_and_yarn group with 3 updates in the /packages/pieces/community/scrapeless directory: [basic-ftp](https://github.com/patrickjuchli/basic-ftp), [picomatch](https://github.com/micromatch/picomatch) and [ip-address](https://github.com/beaugunderson/ip-address).\nBumps the npm_and_yarn group with 2 updates in the /packages/server/shared directory: [axios](https://github.com/axios/axios) and [fastify](https://github.com/fastify/fastify).\nBumps the npm_and_yarn group with 2 updates in the /packages/server/worker directory: [axios](https://github.com/axios/axios) and [fastify](https://github.com/fastify/fastify).\n\nUpdates `axios` from 1.8.3 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/df53d7dd99b202fb194217abd127ae6a630e70dc\"\u003e\u003ccode\u003edf53d7d\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9d92bcd32639d1eea5b89f03ae45f248d3bb058e\"\u003e\u003ccode\u003e9d92bcd\u003c/code\u003e\u003c/a\u003e fix: gadgets and smaller issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5107ee69aee527b19eabaf80000ca65752135435\"\u003e\u003ccode\u003e5107ee6\u003c/code\u003e\u003c/a\u003e fix: prevent undefined error codes in settle (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e57349992f230b6b13e80613eb84302560aa5ba8\"\u003e\u003ccode\u003ee573499\u003c/code\u003e\u003c/a\u003e fix(fetch): defer global access in fetch adapter (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ad68e1a484b50086af427f767bbd7d6e3aab7ac3\"\u003e\u003ccode\u003ead68e1a\u003c/code\u003e\u003c/a\u003e fix(http): honor timeout during connect without redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2a51828213128691d2e37502b5eb2cf4965a737d\"\u003e\u003ccode\u003e2a51828\u003c/code\u003e\u003c/a\u003e fix(http): decode URL basic auth credentials (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0e8b6bbb542131bae9940618d84d5286255d4db1\"\u003e\u003ccode\u003e0e8b6bb\u003c/code\u003e\u003c/a\u003e fix(http): preserve user-supplied Host header when forwarding through a proxy...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/79f39e1d041dca87173226d0255f90eaf252564b\"\u003e\u003ccode\u003e79f39e1\u003c/code\u003e\u003c/a\u003e docs: document paramsSerializer.encode for strict RFC 3986 query encoding (\u003ca href=\"https://redirect.github.com/axios/axios/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0fe3a5fc14829535e1d517c662d448e86c33438e\"\u003e\u003ccode\u003e0fe3a5f\u003c/code\u003e\u003c/a\u003e [Docs/Types] Update \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions for ES2023 and add ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/cd6737fd84bdb7caf2a319d3579573a49f9d238d\"\u003e\u003ccode\u003ecd6737f\u003c/code\u003e\u003c/a\u003e chore: matches the sibling responseStream.on(aborted) handler and added tests...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.8.3...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.11.0 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/df53d7dd99b202fb194217abd127ae6a630e70dc\"\u003e\u003ccode\u003edf53d7d\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9d92bcd32639d1eea5b89f03ae45f248d3bb058e\"\u003e\u003ccode\u003e9d92bcd\u003c/code\u003e\u003c/a\u003e fix: gadgets and smaller issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5107ee69aee527b19eabaf80000ca65752135435\"\u003e\u003ccode\u003e5107ee6\u003c/code\u003e\u003c/a\u003e fix: prevent undefined error codes in settle (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e57349992f230b6b13e80613eb84302560aa5ba8\"\u003e\u003ccode\u003ee573499\u003c/code\u003e\u003c/a\u003e fix(fetch): defer global access in fetch adapter (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ad68e1a484b50086af427f767bbd7d6e3aab7ac3\"\u003e\u003ccode\u003ead68e1a\u003c/code\u003e\u003c/a\u003e fix(http): honor timeout during connect without redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2a51828213128691d2e37502b5eb2cf4965a737d\"\u003e\u003ccode\u003e2a51828\u003c/code\u003e\u003c/a\u003e fix(http): decode URL basic auth credentials (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0e8b6bbb542131bae9940618d84d5286255d4db1\"\u003e\u003ccode\u003e0e8b6bb\u003c/code\u003e\u003c/a\u003e fix(http): preserve user-supplied Host header when forwarding through a proxy...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/79f39e1d041dca87173226d0255f90eaf252564b\"\u003e\u003ccode\u003e79f39e1\u003c/code\u003e\u003c/a\u003e docs: document paramsSerializer.encode for strict RFC 3986 query encoding (\u003ca href=\"https://redirect.github.com/axios/axios/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0fe3a5fc14829535e1d517c662d448e86c33438e\"\u003e\u003ccode\u003e0fe3a5f\u003c/code\u003e\u003c/a\u003e [Docs/Types] Update \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions for ES2023 and add ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/cd6737fd84bdb7caf2a319d3579573a49f9d238d\"\u003e\u003ccode\u003ecd6737f\u003c/code\u003e\u003c/a\u003e chore: matches the sibling responseStream.on(aborted) handler and added tests...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.8.3...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/980371bb6057d78d479b5cfc18683392abd2c45f\"\u003e\u003ccode\u003e980371b\u003c/code\u003e\u003c/a\u003e Guard against unbounded control response\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/50827c73ca6c1d786c97276e47be8a33d0f2277d\"\u003e\u003ccode\u003e50827c7\u003c/code\u003e\u003c/a\u003e Adjust changelog to match release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/c9378a8ff73b96e89f17525266d648ce495286a6\"\u003e\u003ccode\u003ec9378a8\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/22abe4356782f499d97418f0a7a2c3bb02db72b7\"\u003e\u003ccode\u003e22abe43\u003c/code\u003e\u003c/a\u003e Update Github Actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0feaaec3d4394bb3470edd006df933d2b6e64689\"\u003e\u003ccode\u003e0feaaec\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/6629d7d7abe9169543a8ff60a6dc32e6fe7cf91c\"\u003e\u003ccode\u003e6629d7d\u003c/code\u003e\u003c/a\u003e Improve error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9c3bf4f893470cd2418b54862eb9b609efc3d335\"\u003e\u003ccode\u003e9c3bf4f\u003c/code\u003e\u003c/a\u003e Set higher default value for max size of directory listing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/acd3942c81ac27caf998b0ed13f3ce85c0fc6320\"\u003e\u003ccode\u003eacd3942\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/130442932b1ef27a550c915f231c07eae01e665a\"\u003e\u003ccode\u003e1304429\u003c/code\u003e\u003c/a\u003e Offer maxListingBytes as an option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5cb5367e86d8a2991224fb2b82e4933d27c07904\"\u003e\u003ccode\u003e5cb5367\u003c/code\u003e\u003c/a\u003e Add bounded StringWriter\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.4.0 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"ht...\n\n_Description has been truncated_\n\n---\n\n🔄 This PR is an automated dependency update that bumps 18 npm packages across 12 directories, including major updates to axios (1.8.3→1.16.0), fastify (5.4.0→5.8.5), and nodemailer (6.9.9→8.0.7), along with security fixes and performance improvements across the dependency tree.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Core Dependencies**: Major version updates to axios (1.8.3→1.16.0), fastify (5.4.0→5.8.5), and nodemailer (6.9.9→8.0.7)\n- **AWS SDK Updates**: Unified AWS SDK packages to version 3.1044.0 across S3, SES, SNS, and SQS services\n- **Security Patches**: Updates include fixes for basic-ftp (5.0.5→5.3.1) addressing multiple CVEs and fastify security patches\n- **Development Tools**: Build tool updates including vite (6.3.5→6.4.2) and postcss (8.4.38→8.5.10)\n- **Community Packages**: Lock file updates across multiple community piece packages with dependency version bumps\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 18 Outdated Packages]\n    B --\u003e C[Core Dependencies]\n    B --\u003e D[AWS SDK Packages]\n    B --\u003e E[Community Pieces]\n    B --\u003e F[Dev Dependencies]\n    \n    C --\u003e C1[axios 1.8.3→1.16.0]\n    C --\u003e C2[fastify 5.4.0→5.8.5]\n    C --\u003e C3[nodemailer 6.9.9→8.0.7]\n    \n    D --\u003e D1[Unify to 3.1044.0]\n    D --\u003e D2[S3, SES, SNS, SQS]\n    \n    E --\u003e E1[Lock File Updates]\n    E --\u003e E2[Transitive Dependencies]\n    \n    F --\u003e F1[vite 6.3.5→6.4.2]\n    F --\u003e F2[postcss 8.4.38→8.5.10]\n```\n\n### Impact\n- **Security Enhancement**: Addresses multiple CVEs in basic-ftp and includes security patches in fastify and axios\n- **Performance Improvements**: Axios 1.16.0 includes HTTP adapter optimizations, fetch adapter improvements, and better error handling\n- **API Consistency**: AWS SDK version unification ensures consistent behavior across all AWS service integrations\n- **Developer Experience**: Updated build tools (vite, postcss) provide better development performance and modern features\n- **Maintenance**: Automated dependency management reduces technical debt and keeps the project current with upstream fixes\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/activepieces/pull/94","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Factivepieces/issues/94","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/94/packages"}},{"old_version":"8.2.0","new_version":"9.1.3","update_type":"major","path":null,"pr_created_at":"2026-05-06T23:08:23.000Z","version_change":"8.2.0 → 9.1.3","issue":{"uuid":"4395017637","node_id":"PR_kwDOPzvG_M7Y8_qp","number":91,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 13 directories with 17 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-06T23:08:23.000Z","updated_at":"2026-05-06T23:11:08.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":17,"packages":[{"name":"axios","old_version":"1.8.3","new_version":"1.16.0","repository_url":"https://github.com/axios/axios"},{"name":"axios","old_version":"1.11.0","new_version":"1.16.0","repository_url":"https://github.com/axios/axios"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.3.1","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"fastify","old_version":"5.4.0","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"},{"name":"i18next-http-backend","old_version":"2.5.2","new_version":"3.0.5","repository_url":"https://github.com/i18next/i18next-http-backend"},{"name":"nodemailer","old_version":"6.9.9","new_version":"8.0.7","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"simple-git","old_version":"3.21.0","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"postcss","old_version":"8.4.38","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"vite","old_version":"6.3.6","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"fast-xml-parser","old_version":"4.4.1","new_version":"5.7.2","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"@fastify/static","old_version":"8.2.0","new_version":"9.1.3","repository_url":"https://github.com/fastify/fastify-static"},{"name":"@supabase/auth-js","old_version":"2.69.1","new_version":"2.105.3","repository_url":"https://github.com/supabase/supabase-js"},{"name":"@xmldom/xmldom","old_version":"0.8.10","new_version":"0.8.13","repository_url":"https://github.com/xmldom/xmldom"},{"name":"protobufjs","old_version":"7.5.3","new_version":"7.5.6","repository_url":"https://github.com/protobufjs/protobuf.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `1.8.3` | `1.16.0` |\n| [axios](https://github.com/axios/axios) | `1.11.0` | `1.16.0` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.3.1` |\n| [fastify](https://github.com/fastify/fastify) | `5.4.0` | `5.8.5` |\n| [i18next-http-backend](https://github.com/i18next/i18next-http-backend) | `2.5.2` | `3.0.5` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `6.9.9` | `8.0.7` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.21.0` | `3.36.0` |\n| [postcss](https://github.com/postcss/postcss) | `8.4.38` | `8.5.10` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.3.6` | `6.4.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.4.1` | `5.7.2` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.2.0` | `9.1.3` |\n| [@supabase/auth-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/auth-js) | `2.69.1` | `2.105.3` |\n| [@xmldom/xmldom](https://github.com/xmldom/xmldom) | `0.8.10` | `0.8.13` |\n| [protobufjs](https://github.com/protobufjs/protobuf.js) | `7.5.3` | `7.5.6` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/amazon-ses directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/amazon-sns directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/amazon-sqs directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/clarifai directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 2 updates in the /packages/pieces/community/contentful directory: [axios](https://github.com/axios/axios) and [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/image-helper directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/jira-cloud directory: [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 3 updates in the /packages/pieces/community/mailchain directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects), [lodash](https://github.com/lodash/lodash) and [protobufjs](https://github.com/protobufjs/protobuf.js).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/pdf directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects).\nBumps the npm_and_yarn group with 2 updates in the /packages/pieces/community/scrapeless directory: [basic-ftp](https://github.com/patrickjuchli/basic-ftp) and [ip-address](https://github.com/beaugunderson/ip-address).\nBumps the npm_and_yarn group with 2 updates in the /packages/server/shared directory: [axios](https://github.com/axios/axios) and [fastify](https://github.com/fastify/fastify).\nBumps the npm_and_yarn group with 2 updates in the /packages/server/worker directory: [axios](https://github.com/axios/axios) and [fastify](https://github.com/fastify/fastify).\n\nUpdates `axios` from 1.8.3 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/df53d7dd99b202fb194217abd127ae6a630e70dc\"\u003e\u003ccode\u003edf53d7d\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9d92bcd32639d1eea5b89f03ae45f248d3bb058e\"\u003e\u003ccode\u003e9d92bcd\u003c/code\u003e\u003c/a\u003e fix: gadgets and smaller issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5107ee69aee527b19eabaf80000ca65752135435\"\u003e\u003ccode\u003e5107ee6\u003c/code\u003e\u003c/a\u003e fix: prevent undefined error codes in settle (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e57349992f230b6b13e80613eb84302560aa5ba8\"\u003e\u003ccode\u003ee573499\u003c/code\u003e\u003c/a\u003e fix(fetch): defer global access in fetch adapter (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ad68e1a484b50086af427f767bbd7d6e3aab7ac3\"\u003e\u003ccode\u003ead68e1a\u003c/code\u003e\u003c/a\u003e fix(http): honor timeout during connect without redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2a51828213128691d2e37502b5eb2cf4965a737d\"\u003e\u003ccode\u003e2a51828\u003c/code\u003e\u003c/a\u003e fix(http): decode URL basic auth credentials (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0e8b6bbb542131bae9940618d84d5286255d4db1\"\u003e\u003ccode\u003e0e8b6bb\u003c/code\u003e\u003c/a\u003e fix(http): preserve user-supplied Host header when forwarding through a proxy...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/79f39e1d041dca87173226d0255f90eaf252564b\"\u003e\u003ccode\u003e79f39e1\u003c/code\u003e\u003c/a\u003e docs: document paramsSerializer.encode for strict RFC 3986 query encoding (\u003ca href=\"https://redirect.github.com/axios/axios/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0fe3a5fc14829535e1d517c662d448e86c33438e\"\u003e\u003ccode\u003e0fe3a5f\u003c/code\u003e\u003c/a\u003e [Docs/Types] Update \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions for ES2023 and add ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/cd6737fd84bdb7caf2a319d3579573a49f9d238d\"\u003e\u003ccode\u003ecd6737f\u003c/code\u003e\u003c/a\u003e chore: matches the sibling responseStream.on(aborted) handler and added tests...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.8.3...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.11.0 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFetch adapter now enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e and \u003ccode\u003emaxContentLength\u003c/code\u003e.\u003c/strong\u003e These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy requests now preserve user-supplied \u003ccode\u003eHost\u003c/code\u003e headers.\u003c/strong\u003e Previously, the proxy path could overwrite a custom \u003ccode\u003eHost\u003c/code\u003e. Virtual-host-style routing through a proxy will now behave correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBasic auth credentials embedded in URLs are now URL-decoded.\u003c/strong\u003e If you have percent-encoded credentials in a URL (e.g. \u003ccode\u003ehttps://user:p%40ss@host\u003c/code\u003e), the decoded value is what now goes on the wire. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eparseProtocol\u003c/code\u003e now strictly requires a colon in the protocol separator.\u003c/strong\u003e Strings that loosely parsed as protocols before may no longer match. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003eunescape()\u003c/code\u003e replaced with modern UTF-8 encoding.\u003c/strong\u003e Non-ASCII URL handling is now spec-correct; consumers depending on legacy \u003ccode\u003eunescape()\u003c/code\u003e quirks may see different output bytes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003etransformRequest\u003c/code\u003e input typing change was reverted.\u003c/strong\u003e The typing change introduced in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e was reverted in \u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e after follow-up review — net behavior is unchanged from 1.15.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eQUERY HTTP Method:\u003c/strong\u003e Added support for the QUERY HTTP method across adapters and type definitions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10802\"\u003e#10802\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eECONNREFUSED Error Constant:\u003c/strong\u003e Exposed \u003ccode\u003eECONNREFUSED\u003c/code\u003e as a constant on \u003ccode\u003eAxiosError\u003c/code\u003e so callers can match connection-refused failures without comparing string literals (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/6485\"\u003e#6485\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEncode Helper Export:\u003c/strong\u003e Exported the internal \u003ccode\u003eencode\u003c/code\u003e helper from \u003ccode\u003ebuildURL\u003c/code\u003e so userland param serializers can reuse the same encoding logic that axios uses internally. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6897\"\u003e#6897\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Redirects \u0026amp; Headers:\u003c/strong\u003e Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing \u003ccode\u003erequestDetails\u003c/code\u003e argument on \u003ccode\u003ebeforeRedirect\u003c/code\u003e, preserved user-supplied \u003ccode\u003eHost\u003c/code\u003e headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10794\"\u003e#10794\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10800\"\u003e#10800\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6241\"\u003e#6241\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10822\"\u003e#10822\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter — Streams \u0026amp; Timeouts:\u003c/strong\u003e Preserved the partial response object on \u003ccode\u003eAxiosError\u003c/code\u003e when a stream is aborted after headers arrive, honoured the \u003ccode\u003etimeout\u003c/code\u003e option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and \u003ccode\u003emaxRedirects: 0\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10708\"\u003e#10708\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7149\"\u003e#7149\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Enforced \u003ccode\u003emaxBodyLength\u003c/code\u003e / \u003ccode\u003emaxContentLength\u003c/code\u003e in the fetch adapter, set the \u003ccode\u003eUser-Agent\u003c/code\u003e header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a \u003ccode\u003eTypeError\u003c/code\u003e in restricted environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10795\"\u003e#10795\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10772\"\u003e#10772\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10806\"\u003e#10806\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Adapter:\u003c/strong\u003e Unsubscribed the \u003ccode\u003ecancelToken\u003c/code\u003e and \u003ccode\u003eAbortSignal\u003c/code\u003e listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e Attached the parsed response to \u003ccode\u003eAxiosError\u003c/code\u003e when \u003ccode\u003eJSON.parse\u003c/code\u003e fails inside \u003ccode\u003edispatchRequest\u003c/code\u003e, prevented \u003ccode\u003esettle\u003c/code\u003e from emitting \u003ccode\u003eundefined\u003c/code\u003e error codes, and tightened the \u003ccode\u003eparseProtocol\u003c/code\u003e regex to require a colon in the protocol separator. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10724\"\u003e#10724\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes \u0026amp; Exports:\u003c/strong\u003e Aligned the CommonJS \u003ccode\u003eCancelToken\u003c/code\u003e typings with the ESM build, fixed a compiler error caused by \u003ccode\u003eRawAxiosHeaders\u003c/code\u003e, and re-exported \u003ccode\u003ecreate\u003c/code\u003e from the package index. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7414\"\u003e#7414\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6389\"\u003e#6389\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6460\"\u003e#6460\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUTF-8 Encoding:\u003c/strong\u003e Replaced the deprecated \u003ccode\u003eunescape()\u003c/code\u003e call with a modern UTF-8 encoding implementation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7378\"\u003e#7378\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMisc Cleanup:\u003c/strong\u003e Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRefactor — ES6 Modernisation:\u003c/strong\u003e Modernised the \u003ccode\u003eutils\u003c/code\u003e module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Hardened the HTTP test server lifecycle to fix flaky \u003ccode\u003eFormData\u003c/code\u003e EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10820\"\u003e#10820\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10791\"\u003e#10791\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10796\"\u003e#10796\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs:\u003c/strong\u003e Documented \u003ccode\u003eparamsSerializer.encode\u003c/code\u003e for strict RFC 3986 query encoding, updated the \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10821\"\u003e#10821\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10782\"\u003e#10782\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10759\"\u003e#10759\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10804\"\u003e#10804\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReverted:\u003c/strong\u003e Reverted the \u003ccode\u003etransformRequest\u003c/code\u003e input typing change from \u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e after follow-up review. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10745\"\u003e#10745\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10810\"\u003e#10810\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eactions/setup-node\u003c/code\u003e, the \u003ccode\u003egithub-actions\u003c/code\u003e group, and \u003ccode\u003epostcss\u003c/code\u003e (in \u003ccode\u003e/docs\u003c/code\u003e) to their latest versions. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10785\"\u003e#10785\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10813\"\u003e#10813\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10814\"\u003e#10814\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease:\u003c/strong\u003e Updated changelog and packages, and prepared the 1.16.0 release. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10790\"\u003e#10790\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/singhankit001\"\u003e\u003ccode\u003e@​singhankit001\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10588\"\u003e#10588\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7419\"\u003e#7419\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/iruizsalinas\"\u003e\u003ccode\u003e@​iruizsalinas\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10787\"\u003e#10787\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/MarcosNocetti\"\u003e\u003ccode\u003e@​MarcosNocetti\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10680\"\u003e#10680\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/deepview-autofix\"\u003e\u003ccode\u003e@​deepview-autofix\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10729\"\u003e#10729\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/df53d7dd99b202fb194217abd127ae6a630e70dc\"\u003e\u003ccode\u003edf53d7d\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10834\"\u003e#10834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9d92bcd32639d1eea5b89f03ae45f248d3bb058e\"\u003e\u003ccode\u003e9d92bcd\u003c/code\u003e\u003c/a\u003e fix: gadgets and smaller issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10833\"\u003e#10833\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5107ee69aee527b19eabaf80000ca65752135435\"\u003e\u003ccode\u003e5107ee6\u003c/code\u003e\u003c/a\u003e fix: prevent undefined error codes in settle (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7276\"\u003e#7276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e57349992f230b6b13e80613eb84302560aa5ba8\"\u003e\u003ccode\u003ee573499\u003c/code\u003e\u003c/a\u003e fix(fetch): defer global access in fetch adapter (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7260\"\u003e#7260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ad68e1a484b50086af427f767bbd7d6e3aab7ac3\"\u003e\u003ccode\u003ead68e1a\u003c/code\u003e\u003c/a\u003e fix(http): honor timeout during connect without redirects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10819\"\u003e#10819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2a51828213128691d2e37502b5eb2cf4965a737d\"\u003e\u003ccode\u003e2a51828\u003c/code\u003e\u003c/a\u003e fix(http): decode URL basic auth credentials (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10825\"\u003e#10825\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0e8b6bbb542131bae9940618d84d5286255d4db1\"\u003e\u003ccode\u003e0e8b6bb\u003c/code\u003e\u003c/a\u003e fix(http): preserve user-supplied Host header when forwarding through a proxy...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/79f39e1d041dca87173226d0255f90eaf252564b\"\u003e\u003ccode\u003e79f39e1\u003c/code\u003e\u003c/a\u003e docs: document paramsSerializer.encode for strict RFC 3986 query encoding (\u003ca href=\"https://redirect.github.com/axios/axios/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0fe3a5fc14829535e1d517c662d448e86c33438e\"\u003e\u003ccode\u003e0fe3a5f\u003c/code\u003e\u003c/a\u003e [Docs/Types] Update \u003ccode\u003eparseReviver\u003c/code\u003e TypeScript definitions for ES2023 and add ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/cd6737fd84bdb7caf2a319d3579573a49f9d238d\"\u003e\u003ccode\u003ecd6737f\u003c/code\u003e\u003c/a\u003e chore: matches the sibling responseStream.on(aborted) handler and added tests...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.8.3...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Protect against unbounded control response, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rpmf-866q-6p89\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Introduced an upper bound for total bytes of directory listing, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-rp42-5vxx-qpwr\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded: Option to increase the upper bound for total bytes of directory listing in Client constructor.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/980371bb6057d78d479b5cfc18683392abd2c45f\"\u003e\u003ccode\u003e980371b\u003c/code\u003e\u003c/a\u003e Guard against unbounded control response\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/50827c73ca6c1d786c97276e47be8a33d0f2277d\"\u003e\u003ccode\u003e50827c7\u003c/code\u003e\u003c/a\u003e Adjust changelog to match release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/c9378a8ff73b96e89f17525266d648ce495286a6\"\u003e\u003ccode\u003ec9378a8\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/22abe4356782f499d97418f0a7a2c3bb02db72b7\"\u003e\u003ccode\u003e22abe43\u003c/code\u003e\u003c/a\u003e Update Github Actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0feaaec3d4394bb3470edd006df933d2b6e64689\"\u003e\u003ccode\u003e0feaaec\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/6629d7d7abe9169543a8ff60a6dc32e6fe7cf91c\"\u003e\u003ccode\u003e6629d7d\u003c/code\u003e\u003c/a\u003e Improve error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9c3bf4f893470cd2418b54862eb9b609efc3d335\"\u003e\u003ccode\u003e9c3bf4f\u003c/code\u003e\u003c/a\u003e Set higher default value for max size of directory listing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/acd3942c81ac27caf998b0ed13f3ce85c0fc6320\"\u003e\u003ccode\u003eacd3942\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/130442932b1ef27a550c915f231c07eae01e665a\"\u003e\u003ccode\u003e1304429\u003c/code\u003e\u003c/a\u003e Offer maxListingBytes as an option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5cb5367e86d8a2991224fb2b82e4933d27c07904\"\u003e\u003ccode\u003e5cb5367\u003c/code\u003e\u003c/a\u003e Add bounded StringWriter\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.4.0 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull...\n\n_Description has been truncated_","html_url":"https://github.com/UniversalStandards/activepieces/pull/91","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/UniversalStandards%2Factivepieces/issues/91","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/91/packages"}}]}