{"id":2535,"name":"ajv","ecosystem":"npm","repository_url":"https://github.com/ajv-validator/ajv","issues_count":6535,"created_at":"2025-06-06T15:02:06.386Z","updated_at":"2025-06-06T15:02:06.386Z","purl":"pkg:npm/ajv","metadata":{"id":1400104,"name":"ajv","ecosystem":"npm","description":"Another JSON Schema Validator","homepage":"https://ajv.js.org","licenses":"MIT","normalized_licenses":["MIT"],"repository_url":"https://github.com/ajv-validator/ajv","keywords_array":["JSON","schema","validator","validation","jsonschema","json-schema","json-schema-validator","json-schema-validation"],"namespace":null,"versions_count":355,"first_release_published_at":"2015-05-29T22:33:14.989Z","latest_release_published_at":"2024-07-12T20:42:13.485Z","latest_release_number":"8.17.1","last_synced_at":"2025-06-05T16:30:56.062Z","created_at":"2022-04-08T23:47:16.659Z","updated_at":"2025-06-05T16:33:29.870Z","registry_url":"https://www.npmjs.com/package/ajv","install_command":"npm install ajv","documentation_url":null,"metadata":{"funding":{"type":"github","url":"https://github.com/sponsors/epoberezkin"},"dist-tags":{"4.x":"4.11.8","beta":"8.11.1","latest":"8.17.1"}},"repo_metadata":{"id":32338582,"uuid":"35914020","full_name":"ajv-validator/ajv","owner":"ajv-validator","description":"The fastest JSON schema Validator. Supports JSON Schema draft-04/06/07/2019-09/2020-12 and JSON Type Definition (RFC8927)","archived":false,"fork":false,"pushed_at":"2024-12-16T00:07:28.000Z","size":37489,"stargazers_count":14218,"open_issues_count":297,"forks_count":893,"subscribers_count":112,"default_branch":"master","last_synced_at":"2025-06-02T18:28:46.021Z","etag":null,"topics":["ajv","json-schema","validator"],"latest_commit_sha":null,"homepage":"https://ajv.js.org","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ajv-validator.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"docs/security.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"epoberezkin","tidelift":"npm/ajv","open_collective":"ajv"}},"created_at":"2015-05-19T23:23:32.000Z","updated_at":"2025-05-31T01:23:31.000Z","dependencies_parsed_at":"2023-12-21T16:45:43.173Z","dependency_job_id":"dc397f74-c592-45e0-84f9-d2434532fd44","html_url":"https://github.com/ajv-validator/ajv","commit_stats":{"total_commits":2282,"total_committers":211,"mean_commits":"10.815165876777252","dds":"0.22830850131463631","last_synced_commit":"82735a15826a30cc51e97a1bbfb59b3d388e4b98"},"previous_names":["epoberezkin/ajv"],"tags_count":211,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ajv-validator","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":257693662,"owners_count":22586991,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"ajv-validator","name":"Ajv JSON schema validator","uuid":"46839968","kind":"organization","description":"Ajv: the fastest JSON validator. Supports JSON Schema draft-04/06/07/2019-09/2020-12 and JSON Type Definition (RFC8927)","email":null,"website":"https://ajv.js.org/","location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/46839968?v=4","repositories_count":15,"last_synced_at":"2024-05-21T03:29:39.099Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/ajv-validator","funding_links":[],"total_stars":14670,"followers":50,"following":0,"created_at":"2022-11-02T16:18:52.648Z","updated_at":"2024-05-21T03:29:41.137Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ajv-validator","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ajv-validator/repositories"},"tags":[{"name":"v8.17.1","sha":"9050ba1359fb87cd7c143f3c79513ea7624ea443","kind":"commit","published_at":"2024-07-11T17:02:58.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.17.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.17.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.17.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.17.1/manifests"},{"name":"v8.17.0","sha":"f7831b41c3a27064c6219f51a1e7371ffb582dfe","kind":"commit","published_at":"2024-07-10T07:56:10.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.17.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.17.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.17.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.17.0/manifests"},{"name":"v8.16.0","sha":"c8b37f448f77448656222a5a5e279432857f7e9f","kind":"commit","published_at":"2024-06-04T18:25:06.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.16.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.16.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.16.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.16.0/manifests"},{"name":"v8.15.0","sha":"accd9f3ee5e0e688244c1accf7bb13745b513177","kind":"commit","published_at":"2024-06-03T08:49:15.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.15.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.15.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.15.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.15.0/manifests"},{"name":"v8.14.0","sha":"9e266399cac65e487d57ec0f50b9eb4005261622","kind":"commit","published_at":"2024-05-25T12:39:29.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.14.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.14.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.14.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.14.0/manifests"},{"name":"v8.13.0","sha":"d123833f610c0dbe033a8b342878f2b44d86b984","kind":"commit","published_at":"2024-04-28T11:13:47.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.13.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.13.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.13.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.13.0/manifests"},{"name":"v8.12.0","sha":"bf1266a5cc13ab4ead21d5b810da48b49e932a49","kind":"tag","published_at":"2023-01-03T14:03:08.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.12.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.12.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.12.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.12.0/manifests"},{"name":"v8.11.2","sha":"1f83903975b8a3bb8dbce079d9292f26895114f1","kind":"tag","published_at":"2022-11-13T22:12:12.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.11.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.11.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.11.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.11.2/manifests"},{"name":"v8.11.1","sha":"92e5a1e82f76123712194a01c46e1fc0e77026ce","kind":"tag","published_at":"2022-11-13T22:00:11.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.11.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.11.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.11.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.11.1/manifests"},{"name":"v8.11.0","sha":"c067d6d9c3285054ea4c0a2d2adbbc8b5d631935","kind":"tag","published_at":"2022-03-22T21:38:21.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.11.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.11.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.11.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.11.0/manifests"},{"name":"v8.10.0","sha":"a27f78264ab1c3951d5131f27181d0a50e54aed0","kind":"tag","published_at":"2022-02-04T18:08:18.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.10.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.10.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.10.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.10.0/manifests"},{"name":"v8.9.0","sha":"979d46b1585a92e4343bf9e4505f61139c3eecf8","kind":"tag","published_at":"2022-01-15T12:46:59.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.9.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.9.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.9.0/manifests"},{"name":"v8.8.2","sha":"b2bf7504bab515db60ad276dc015b9c14f775607","kind":"tag","published_at":"2021-11-21T18:45:08.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.8.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.8.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.8.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.8.2/manifests"},{"name":"v8.8.1","sha":"4cc0cad069a42ef110b8ac01be20c887cc876623","kind":"tag","published_at":"2021-11-16T20:05:42.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.8.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.8.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.8.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.8.1/manifests"},{"name":"v8.8.0","sha":"62048a170893d51451d10b05eb13587a5a27a562","kind":"tag","published_at":"2021-11-13T18:21:14.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.8.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.8.0/manifests"},{"name":"v8.7.1","sha":"8fccddb4161cfe4d63f2b8987d58f6c10a6bf005","kind":"tag","published_at":"2021-11-08T20:43:09.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.7.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.7.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.7.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.7.1/manifests"},{"name":"v8.7.0","sha":"da46e38a0d4bc85e1c891dcc3ab526fc28961d18","kind":"tag","published_at":"2021-11-08T19:51:42.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.7.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.7.0/manifests"},{"name":"v8.6.3","sha":"760fd100cd36df29c7fda41a23aad0ed537dfa58","kind":"tag","published_at":"2021-09-12T18:09:24.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.6.3","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.6.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.6.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.6.3/manifests"},{"name":"v8.6.2","sha":"a04657014022c9ecb9ae0738b2ac07cb0d76cf3f","kind":"commit","published_at":"2021-07-15T19:56:01.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.6.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.6.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.6.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.6.2/manifests"},{"name":"v8.6.1","sha":"9166e38f9ee7e125e283890c60a594d18bb63614","kind":"tag","published_at":"2021-07-04T09:43:16.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.6.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.6.1/manifests"},{"name":"v8.6.0","sha":"f8708387a5be62fbd0becc0cedfc580021a5c5da","kind":"tag","published_at":"2021-06-06T14:48:03.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.6.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.6.0/manifests"},{"name":"v8.5.0","sha":"be07d3d8c0aac8fffe68378d25bdd892c61ba2e5","kind":"tag","published_at":"2021-05-20T13:18:51.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.5.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.5.0/manifests"},{"name":"v8.4.0","sha":"84abab262528969bc19879f86039be116df10964","kind":"tag","published_at":"2021-05-14T19:50:59.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.4.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.4.0/manifests"},{"name":"v8.3.0","sha":"dec89097def11e48d2de94e3e214405f18658986","kind":"tag","published_at":"2021-05-09T11:24:25.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.3.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.3.0/manifests"},{"name":"v8.2.0","sha":"2123bf28c9ce9a948c32301ef5b2ed33359e3742","kind":"tag","published_at":"2021-04-27T14:41:46.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.2.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.2.0/manifests"},{"name":"v8.1.0","sha":"df07f668131c6670e9ed624f60d6419a4da9a3c8","kind":"tag","published_at":"2021-04-11T16:36:51.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.1.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.1.0/manifests"},{"name":"v8.0.5","sha":"b5642ea8655c3922de7f2403cc99d668871d35fb","kind":"tag","published_at":"2021-04-02T15:30:55.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.0.5","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.5/manifests"},{"name":"v8.0.4","sha":"facbb231b726ba4cb5b879432f3dc9a9d9750acb","kind":"tag","published_at":"2021-04-02T12:30:04.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.0.4","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.4/manifests"},{"name":"v8.0.3","sha":"f16edb153976fcb2541144715d309d4f9e94d8ee","kind":"tag","published_at":"2021-04-01T06:52:56.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.0.3","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.3/manifests"},{"name":"v8.0.2","sha":"24dba5c0795f9c01c74e60c7407c5aa33a2da2e9","kind":"tag","published_at":"2021-03-31T07:44:20.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.0.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.2/manifests"},{"name":"v8.0.1","sha":"022874f855feef8ca585407e2bc5190f7bfdc542","kind":"commit","published_at":"2021-03-27T22:33:33.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.0.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.1/manifests"},{"name":"v8.0.0","sha":"d7428bed95f5f1a5863ab501c8a59bddc06f49ff","kind":"commit","published_at":"2021-03-27T11:42:54.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.0.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.0/manifests"},{"name":"v7.2.4","sha":"d6585481ab698d914639c8a7c379c164498fcba6","kind":"tag","published_at":"2021-03-26T08:10:03.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.2.4","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.2.4/manifests"},{"name":"v8.0.0-beta.4","sha":"3570c90881ae609da2a4fd130c728b40ef3ef645","kind":"commit","published_at":"2021-03-23T07:35:24.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.0.0-beta.4","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.0.0-beta.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.0-beta.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.0-beta.4/manifests"},{"name":"v8.0.0-beta.3","sha":"d80b6cde4a585be54c678421af5303b87c229c39","kind":"commit","published_at":"2021-03-21T18:27:35.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.0.0-beta.3","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.0.0-beta.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.0-beta.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.0-beta.3/manifests"},{"name":"v7.2.3","sha":"1b07663f3954b48892c7210196f7c6ba08000091","kind":"tag","published_at":"2021-03-20T06:51:10.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.2.3","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.2.3/manifests"},{"name":"v7.2.2","sha":"678f243d7b54e224f4aa9c61305ddc1a59cc64fd","kind":"tag","published_at":"2021-03-20T06:33:34.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.2.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.2.2/manifests"},{"name":"v8.0.0-beta.2","sha":"261eb3ec7efaca5d817471d64b9931d77f9e23ec","kind":"commit","published_at":"2021-03-16T20:11:21.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.0.0-beta.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.0.0-beta.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.0-beta.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.0-beta.2/manifests"},{"name":"v8.0.0-beta.1","sha":"fbbd2c9e9380f12d52723ed009cf5510e41d3578","kind":"commit","published_at":"2021-03-15T07:40:30.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.0.0-beta.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.0.0-beta.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.0-beta.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.0-beta.1/manifests"},{"name":"v8.0.0-beta.0","sha":"51cbcc2ba07f2d61c47a7a2191913325c8c4a318","kind":"commit","published_at":"2021-03-13T10:48:28.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v8.0.0-beta.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v8.0.0-beta.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.0-beta.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v8.0.0-beta.0/manifests"},{"name":"v7.2.1","sha":"dd0eab50fd718249e3c7a0f5e7ed3227dff10e33","kind":"commit","published_at":"2021-03-07T18:31:16.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.2.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.2.1/manifests"},{"name":"v7.2.0","sha":"9823d1d588762e10a05d5260c83a057eb11be3d8","kind":"commit","published_at":"2021-03-07T09:29:02.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.2.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.2.0/manifests"},{"name":"v7.1.1","sha":"77d788f5827669928e6d3b714585b47e5d70971f","kind":"commit","published_at":"2021-02-16T19:05:31.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.1.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.1.1/manifests"},{"name":"v7.1.0","sha":"8ec80c48384abcf8c46617be27201307a2d7c402","kind":"tag","published_at":"2021-02-11T08:08:34.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.1.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.1.0/manifests"},{"name":"v7.0.4","sha":"63486ce5aa1f9b942775098ae7228cb2408d245f","kind":"tag","published_at":"2021-02-01T20:54:49.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.4","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.4/manifests"},{"name":"v7.0.3","sha":"ca2ae61c489f45fa2ec3ff2ee78b10136cb1ed3c","kind":"tag","published_at":"2021-01-02T10:53:11.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.3","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.3/manifests"},{"name":"v7.0.2","sha":"5c28d853673948c86ab3d876a31c14dae9d63d32","kind":"commit","published_at":"2020-12-19T18:35:37.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.2/manifests"},{"name":"v7.0.1","sha":"616a725993d6d271ada3845f8b050ac226f3a217","kind":"commit","published_at":"2020-12-16T19:35:10.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.1/manifests"},{"name":"v7.0.0","sha":"cd7c6a8385464f818814ebb1e84cc703dc7ef02c","kind":"tag","published_at":"2020-12-15T19:04:15.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0/manifests"},{"name":"v7.0.0-rc.5","sha":"12690aca66cbca594a16d85f2a0ce961f9b1877c","kind":"commit","published_at":"2020-12-14T19:59:44.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.0-rc.5","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.0-rc.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-rc.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-rc.5/manifests"},{"name":"v7.0.0-rc.4","sha":"82d052175ceef1e4b5c1890f60fc4c4b5f6e5ef2","kind":"commit","published_at":"2020-12-14T19:30:45.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.0-rc.4","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.0-rc.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-rc.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-rc.4/manifests"},{"name":"v7.0.0-rc.3","sha":"680532989543b60b449658aec35b33f7c07ca937","kind":"commit","published_at":"2020-12-14T18:50:00.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.0-rc.3","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.0-rc.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-rc.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-rc.3/manifests"},{"name":"v7.0.0-rc.2","sha":"3545374786e1c121b0f4aa65f1c2bedfde9cfa04","kind":"commit","published_at":"2020-12-13T19:17:22.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.0-rc.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.0-rc.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-rc.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-rc.2/manifests"},{"name":"v7.0.0-rc.1","sha":"2721434704ca17edcfa801cad43dc2b79d894f13","kind":"commit","published_at":"2020-12-09T20:05:25.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.0-rc.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.0-rc.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-rc.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-rc.1/manifests"},{"name":"v7.0.0-rc.0","sha":"cf39c22267ce6eaea47640efbf4a6a997e0862cf","kind":"commit","published_at":"2020-12-06T15:31:23.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.0-rc.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.0-rc.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-rc.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-rc.0/manifests"},{"name":"v7.0.0-beta.9","sha":"7b4402e285cc572447013942f58f677b8252a0d7","kind":"commit","published_at":"2020-12-02T07:36:37.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.0-beta.9","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.0-beta.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-beta.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-beta.9/manifests"},{"name":"v7.0.0-beta.8","sha":"2c25b22620a1527b1557f2edaee9b7a226a9877a","kind":"commit","published_at":"2020-11-29T19:22:10.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.0-beta.8","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.0-beta.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-beta.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-beta.8/manifests"},{"name":"v7.0.0-beta.7","sha":"b9f674e3e8156d554595d3d606cfe2ffa4ca56a5","kind":"commit","published_at":"2020-11-22T11:24:34.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.0-beta.7","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.0-beta.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-beta.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-beta.7/manifests"},{"name":"v7.0.0-beta.6","sha":"2c4e5bb89c577a6f2d6f10abf8552b92acd00af1","kind":"commit","published_at":"2020-11-16T20:52:19.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.0-beta.6","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.0-beta.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-beta.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-beta.6/manifests"},{"name":"v7.0.0-beta.5","sha":"5ba3462b5c13a90ab2ff157577a53c12bff9fdc6","kind":"commit","published_at":"2020-11-15T16:34:01.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.0-beta.5","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.0-beta.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-beta.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-beta.5/manifests"},{"name":"v7.0.0-beta.4","sha":"a416acec42beeb8a0e706779b0d40dff77c319e6","kind":"commit","published_at":"2020-11-10T07:31:16.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.0-beta.4","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.0-beta.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-beta.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-beta.4/manifests"},{"name":"v7.0.0-beta.3","sha":"8bedd820360e0f6be3e9a2ae04059546e58dc5b2","kind":"commit","published_at":"2020-11-05T08:08:53.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.0-beta.3","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.0-beta.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-beta.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-beta.3/manifests"},{"name":"v7.0.0-beta.2","sha":"47263dd74119acf246a519805ebf7d12cdf6a44e","kind":"commit","published_at":"2020-10-24T18:02:59.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.0-beta.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.0-beta.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-beta.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-beta.2/manifests"},{"name":"v7.0.0-beta.1","sha":"a010c1f1388df438e220cce4bc7d99dc6042d8af","kind":"commit","published_at":"2020-10-10T17:39:16.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.0-beta.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.0-beta.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-beta.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-beta.1/manifests"},{"name":"v6.12.6","sha":"fe591439f34e24030f69df9eb8d91e6d037a3af7","kind":"tag","published_at":"2020-10-10T16:10:43.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.12.6","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.12.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.12.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.12.6/manifests"},{"name":"v7.0.0-beta.0","sha":"16c905b67fecdeb32d46af9980c13e4b68037504","kind":"commit","published_at":"2020-09-23T19:10:50.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.0-beta.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.0-beta.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-beta.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-beta.0/manifests"},{"name":"v7.0.0-alpha.1","sha":"4bb210de5cd6f1ba9190b80a26e52ec9eb56bff8","kind":"commit","published_at":"2020-09-16T13:36:21.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.0-alpha.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.0-alpha.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-alpha.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-alpha.1/manifests"},{"name":"v7.0.0-alpha.0","sha":"80f6f5dcfd83774e585a7c85f4173e7645d60037","kind":"commit","published_at":"2020-09-15T14:51:59.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v7.0.0-alpha.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v7.0.0-alpha.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-alpha.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v7.0.0-alpha.0/manifests"},{"name":"v6.12.5","sha":"f1c8e45b9cdff918be28becf03bf0b339321c398","kind":"tag","published_at":"2020-09-13T13:13:49.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.12.5","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.12.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.12.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.12.5/manifests"},{"name":"v6.12.4","sha":"cf88d1dc22283dffbfbfed472507fc219b3bdbbb","kind":"tag","published_at":"2020-08-15T07:20:18.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.12.4","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.12.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.12.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.12.4/manifests"},{"name":"v6.12.3","sha":"521c3a53f15f5502fb4a734194932535d311267c","kind":"tag","published_at":"2020-07-04T15:45:38.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.12.3","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.12.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.12.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.12.3/manifests"},{"name":"v6.12.2","sha":"6a671057ea6aae690b5967ee26a0ddf8452c6297","kind":"tag","published_at":"2020-04-19T23:01:07.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.12.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.12.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.12.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.12.2/manifests"},{"name":"v6.12.1","sha":"b511ae230f19519d5f16f55cd8959330327adb7a","kind":"tag","published_at":"2020-04-18T19:29:41.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.12.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.12.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.12.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.12.1/manifests"},{"name":"v6.12.0","sha":"03d0012f0cf35a834933de07d79522fe7ec9e90a","kind":"tag","published_at":"2020-02-22T13:42:02.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.12.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.12.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.12.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.12.0/manifests"},{"name":"v6.11.0","sha":"03198c2b6d52ec5eb7ffbf7623f05db5372689a1","kind":"tag","published_at":"2020-01-18T09:01:56.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.11.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.11.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.11.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.11.0/manifests"},{"name":"v6.10.2","sha":"6e4a3464b935053c0a5b65fa27db454367d23b2b","kind":"commit","published_at":"2019-07-14T13:38:33.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.10.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.10.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.10.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.10.2/manifests"},{"name":"v6.10.1","sha":"8b59052aa517d51c763e5eb8fef51487c7042a91","kind":"commit","published_at":"2019-07-06T18:02:54.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.10.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.10.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.10.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.10.1/manifests"},{"name":"v6.10.0","sha":"6c20483b6690af2c7eb760826f00ed6b37488cbb","kind":"tag","published_at":"2019-03-03T11:11:10.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.10.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.10.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.10.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.10.0/manifests"},{"name":"v6.9.2","sha":"2aa49aebd4e19c4e4e120424a6ed77990c95e591","kind":"tag","published_at":"2019-02-22T19:53:50.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.9.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.9.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.9.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.9.2/manifests"},{"name":"v6.9.1","sha":"2fc78ab32ff5311dd110817feabcfdb526d152b6","kind":"tag","published_at":"2019-02-10T08:41:57.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.9.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.9.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.9.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.9.1/manifests"},{"name":"v6.9.0","sha":"cd404c4c777670b3195a03b9ff6946e35de382db","kind":"tag","published_at":"2019-02-09T22:13:42.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.9.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.9.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.9.0/manifests"},{"name":"v6.8.1","sha":"6d4b31e16923ce5b11b56625b79d5bf6f798574a","kind":"tag","published_at":"2019-02-02T20:06:17.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.8.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.8.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.8.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.8.1/manifests"},{"name":"v6.8.0","sha":"b9f85073382e03fc4d0d6444c42e1673e26d492d","kind":"tag","published_at":"2019-02-02T19:53:51.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.8.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.8.0/manifests"},{"name":"v6.7.0","sha":"38a9ad4cf9498532190f49fac7245930e649fe58","kind":"tag","published_at":"2019-01-13T17:51:25.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.7.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.7.0/manifests"},{"name":"v6.6.2","sha":"78b77b67290f6cafb2066e2a0e8681d81ca74b0c","kind":"tag","published_at":"2018-12-16T20:56:24.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.6.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.6.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.6.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.6.2/manifests"},{"name":"v6.6.1","sha":"1de2a5f5f2f9d412b123a18a0020fb19606456c1","kind":"tag","published_at":"2018-11-29T08:53:18.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.6.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.6.1/manifests"},{"name":"v6.6.0","sha":"d665aab9c9ca9f7ac2eee9c90d268aaa15292038","kind":"tag","published_at":"2018-11-29T06:53:00.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.6.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.6.0/manifests"},{"name":"v6.5.5","sha":"494026e44c3a2f68ae0dae8615549f567b42ba95","kind":"tag","published_at":"2018-11-04T21:31:43.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.5.5","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.5.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.5.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.5.5/manifests"},{"name":"v6.5.4","sha":"8578816435590a9b9f0fc167e677e2ac82b142c0","kind":"tag","published_at":"2018-09-23T10:51:53.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.5.4","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.5.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.5.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.5.4/manifests"},{"name":"v6.5.3","sha":"8e7f47a9f29fc4ba487720c301142d8706a38a8a","kind":"tag","published_at":"2018-08-17T11:34:44.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.5.3","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.5.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.5.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.5.3/manifests"},{"name":"v6.5.2","sha":"88d57fafa25543fd26b11ccf5687c3bd3544f3e8","kind":"tag","published_at":"2018-06-30T18:12:51.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.5.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.5.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.5.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.5.2/manifests"},{"name":"v6.5.1","sha":"0020556493f3d443002596697768f3f047782198","kind":"tag","published_at":"2018-06-10T10:49:06.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.5.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.5.1/manifests"},{"name":"v6.5.0","sha":"b41f940f557aac0c68bdbc0c34209d5fd81bf2a9","kind":"commit","published_at":"2018-05-08T20:18:06.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.5.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.5.0/manifests"},{"name":"v6.4.0","sha":"2a6367426e7dfd5501290891b22ddad8dc628186","kind":"tag","published_at":"2018-03-25T10:25:15.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.4.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.4.0/manifests"},{"name":"v6.3.0","sha":"5c063d8cf6dba00ce43d1054e1d394de7330f576","kind":"tag","published_at":"2018-03-17T19:21:30.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.3.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.3.0/manifests"},{"name":"v6.2.1","sha":"f0836de250bcd57dc0a5730be7ecd3693ecee1eb","kind":"tag","published_at":"2018-03-03T14:30:21.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.2.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.2.1/manifests"},{"name":"v6.2.0","sha":"2abd9919fa69112d76e91942753f6288121437ba","kind":"commit","published_at":"2018-02-25T21:36:42.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.2.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.2.0/manifests"},{"name":"v6.1.1","sha":"4ec60cf49113e8e00774a1fc6d52c8269231a7bc","kind":"tag","published_at":"2018-01-29T21:32:06.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.1.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.1.1/manifests"},{"name":"v6.1.0","sha":"5a1c6802e67fabca610f8d0bd805b4791c1c7475","kind":"tag","published_at":"2018-01-26T18:48:14.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.1.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.1.0/manifests"},{"name":"v6.0.1","sha":"cea2e39b8e27bdc4bdad631b7be666c2baeba934","kind":"tag","published_at":"2018-01-11T21:50:24.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.0.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.0.1/manifests"},{"name":"v6.0.0","sha":"797dfc8c2b0f51aaa405342916cccb5962dd5f21","kind":"commit","published_at":"2018-01-07T14:46:53.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.0.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.0.0/manifests"},{"name":"v5.5.2","sha":"cecd4ecca66abee0441a8277c647856b09454f82","kind":"commit","published_at":"2017-12-16T20:01:47.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v5.5.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v5.5.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.5.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.5.2/manifests"},{"name":"v6.0.0-rc.1","sha":"0cecf17b774e6129b8fe6145e21e21c488e46a2f","kind":"commit","published_at":"2017-12-03T17:35:58.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.0.0-rc.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.0.0-rc.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.0.0-rc.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.0.0-rc.1/manifests"},{"name":"v5.5.1","sha":"63857398b7eb3692515b86e2f51883681c2559c7","kind":"commit","published_at":"2017-12-02T10:09:56.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v5.5.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v5.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.5.1/manifests"},{"name":"v6.0.0-rc.0","sha":"c71fcbf68b7365a16827734b0a01d750d620718b","kind":"commit","published_at":"2017-11-26T10:34:12.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.0.0-rc.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.0.0-rc.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.0.0-rc.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.0.0-rc.0/manifests"},{"name":"v5.5.0","sha":"a53d4e05034bca465640bc235fd97a125e81e1dd","kind":"tag","published_at":"2017-11-24T20:03:16.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v5.5.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v5.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.5.0/manifests"},{"name":"v5.4.0","sha":"f336cdaaaea089e03d3901f95181707125a15edd","kind":"tag","published_at":"2017-11-20T20:57:36.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v5.4.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v5.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.4.0/manifests"},{"name":"v6.0.0-beta.2","sha":"9a0bf759cfdebd3f0d06533fa35d70b51b5a666a","kind":"commit","published_at":"2017-11-12T09:58:46.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.0.0-beta.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.0.0-beta.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.0.0-beta.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.0.0-beta.2/manifests"},{"name":"v6.0.0-beta.1","sha":"a90e574fb6b4bf473151784951ff350bf2f5471e","kind":"commit","published_at":"2017-11-06T09:37:08.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.0.0-beta.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.0.0-beta.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.0.0-beta.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.0.0-beta.1/manifests"},{"name":"v6.0.0-beta.0","sha":"1e6b1a829c179de569db8c1c1752c73486434a84","kind":"commit","published_at":"2017-11-06T07:38:49.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v6.0.0-beta.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v6.0.0-beta.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.0.0-beta.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v6.0.0-beta.0/manifests"},{"name":"v5.3.0","sha":"256100c76a99249ebdf36a1aa7d296348f0af47d","kind":"tag","published_at":"2017-10-24T18:17:55.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v5.3.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v5.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.3.0/manifests"},{"name":"v5.2.5","sha":"991b4bec00480d8abcf6bd7ab6eeab5e4926c3c2","kind":"tag","published_at":"2017-10-24T10:24:27.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v5.2.5","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v5.2.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.2.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.2.5/manifests"},{"name":"v5.2.4","sha":"80470c3fae210697a9630a3af0e181cabea5ebf2","kind":"tag","published_at":"2017-10-22T14:19:18.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v5.2.4","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v5.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.2.4/manifests"},{"name":"v5.2.3","sha":"e98d031fbdafc8c8f7f7974c26cf3e5d11a083ed","kind":"tag","published_at":"2017-09-25T20:27:57.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v5.2.3","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v5.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.2.3/manifests"},{"name":"v5.2.2","sha":"97a3185828bdb4c6649b9786c29949849ce4f73c","kind":"tag","published_at":"2017-07-10T16:54:34.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v5.2.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v5.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.2.2/manifests"},{"name":"v5.2.1","sha":"8c4d3294226dcfc2ced9b5cbdcb3befca2f97782","kind":"tag","published_at":"2017-07-06T23:09:31.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v5.2.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v5.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.2.1/manifests"},{"name":"v5.2.0","sha":"23434252296538b7474892a5df883a9a0cead533","kind":"tag","published_at":"2017-06-16T22:53:59.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v5.2.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v5.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.2.0/manifests"},{"name":"v5.1.6","sha":"ff9f93a71282a7e8a6a71409dd325660730ec765","kind":"tag","published_at":"2017-06-15T21:20:08.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v5.1.6","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v5.1.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.1.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.1.6/manifests"},{"name":"v5.1.5","sha":"526baa57ad0eed295f9571cf0ee84da5847095d3","kind":"tag","published_at":"2017-05-28T19:38:01.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v5.1.5","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v5.1.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.1.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.1.5/manifests"},{"name":"v5.1.4","sha":"5f1a8fd520e79b4bb2bffd9a3aa7cf353e5e5c01","kind":"tag","published_at":"2017-05-25T20:51:00.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v5.1.4","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v5.1.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.1.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.1.4/manifests"},{"name":"v5.1.3","sha":"788bb7be57dbed2ada9e17c4a1956d6e817d0750","kind":"tag","published_at":"2017-05-20T20:58:49.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v5.1.3","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v5.1.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.1.3/manifests"},{"name":"v5.1.2","sha":"29e62388476aae813379ad09485dadf5e08e6f10","kind":"tag","published_at":"2017-05-19T19:26:27.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v5.1.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v5.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.1.2/manifests"},{"name":"v5.1.1","sha":"a454569236c49758840a3a97173263d2c9c5bcf1","kind":"tag","published_at":"2017-05-14T22:42:02.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v5.1.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v5.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.1.1/manifests"},{"name":"v5.1.0","sha":"d2cb328924ccaaf29091e6939ba7fa818efc9731","kind":"tag","published_at":"2017-05-14T10:41:27.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/v5.1.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/v5.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/v5.1.0/manifests"},{"name":"5.0.1","sha":"4504e97b0b94bf61a86a1d1b8ebd2021d7dfb86e","kind":"commit","published_at":"2017-04-28T19:27:04.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/5.0.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/5.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.1/manifests"},{"name":"4.11.8","sha":"de9fad502273ade9bdcf976e418bdd5b61b14a07","kind":"commit","published_at":"2017-04-28T19:05:29.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/4.11.8","html_url":"https://github.com/ajv-validator/ajv/releases/tag/4.11.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.11.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.11.8/manifests"},{"name":"5.0.0","sha":"8641c6b23a04aae7f73ddece698fa598266dc5ae","kind":"commit","published_at":"2017-04-17T14:13:51.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/5.0.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/5.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.0/manifests"},{"name":"4.11.7","sha":"3dd4ff2fee153878881698cf7df3336232a2b5f2","kind":"commit","published_at":"2017-04-17T12:49:18.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/4.11.7","html_url":"https://github.com/ajv-validator/ajv/releases/tag/4.11.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.11.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.11.7/manifests"},{"name":"5.0.4-beta.3","sha":"67dd36a76851dbc0c459e0cfdd9149359b9987d9","kind":"commit","published_at":"2017-04-08T19:51:33.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/5.0.4-beta.3","html_url":"https://github.com/ajv-validator/ajv/releases/tag/5.0.4-beta.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.4-beta.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.4-beta.3/manifests"},{"name":"4.11.6","sha":"75653f78b2a7ef338f8a17a51f0c5cdb79e6e5a3","kind":"commit","published_at":"2017-04-07T22:45:52.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/4.11.6","html_url":"https://github.com/ajv-validator/ajv/releases/tag/4.11.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.11.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.11.6/manifests"},{"name":"5.0.4-beta.1","sha":"3f9ab644908f7d09567c71436db95a4703ff1b21","kind":"commit","published_at":"2017-03-19T18:55:51.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/5.0.4-beta.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/5.0.4-beta.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.4-beta.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.4-beta.1/manifests"},{"name":"5.0.4-beta.0","sha":"2daf58713f8393a42cafb2b08e6e6de2de424dc5","kind":"commit","published_at":"2017-03-12T17:48:36.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/5.0.4-beta.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/5.0.4-beta.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.4-beta.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.4-beta.0/manifests"},{"name":"5.0.3-beta.0","sha":"bca33bf3fedd31218f031143333ca299ffad146b","kind":"commit","published_at":"2017-02-28T20:49:28.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/5.0.3-beta.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/5.0.3-beta.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.3-beta.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.3-beta.0/manifests"},{"name":"5.0.2-beta.0","sha":"1a949eeea3862e8d8898b527baaa594f0f34a654","kind":"commit","published_at":"2017-02-12T19:24:46.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/5.0.2-beta.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/5.0.2-beta.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.2-beta.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.2-beta.0/manifests"},{"name":"5.0.1-beta.3","sha":"3bd2587b043e5e194b7ee23da4c95fdfa5c1f450","kind":"commit","published_at":"2017-02-04T22:47:07.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/5.0.1-beta.3","html_url":"https://github.com/ajv-validator/ajv/releases/tag/5.0.1-beta.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.1-beta.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.1-beta.3/manifests"},{"name":"5.0.1-beta.2","sha":"e949b8462ce3298a92acbb8a532f6ff07d4a47ab","kind":"commit","published_at":"2017-01-23T20:16:38.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/5.0.1-beta.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/5.0.1-beta.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.1-beta.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.1-beta.2/manifests"},{"name":"4.11.0","sha":"9e1c8d7576cdaf9c7ed669cfa6cca25c663b5463","kind":"commit","published_at":"2017-01-20T23:53:44.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/4.11.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/4.11.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.11.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.11.0/manifests"},{"name":"5.0.1-beta.1","sha":"2cc48296f5122da642d248a5a0763f85443bd324","kind":"commit","published_at":"2017-01-20T23:43:21.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/5.0.1-beta.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/5.0.1-beta.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.1-beta.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.1-beta.1/manifests"},{"name":"5.0.1-beta.0","sha":"187ba176f36ab277cd3bcc670279dc54f67431df","kind":"commit","published_at":"2016-12-31T00:12:05.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/5.0.1-beta.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/5.0.1-beta.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.1-beta.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.1-beta.0/manifests"},{"name":"4.10.0","sha":"8a470f32df444e662e84d772424e3fd87c747d04","kind":"commit","published_at":"2016-12-11T12:38:13.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/4.10.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/4.10.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.10.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.10.0/manifests"},{"name":"5.0.0-beta.1","sha":"2a2f8d0e9cfa14144dbb732258efe6b327723cf2","kind":"commit","published_at":"2016-11-30T21:06:57.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/5.0.0-beta.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/5.0.0-beta.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.0-beta.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.0-beta.1/manifests"},{"name":"4.9.0","sha":"c6127ee8354acd991148a629db23f1ae2d68aca7","kind":"commit","published_at":"2016-11-14T20:49:24.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/4.9.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/4.9.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.9.0/manifests"},{"name":"5.0.0-beta.0","sha":"d0c5a3904d4e6248bc4f8ea1a4bf417ce228c3e2","kind":"commit","published_at":"2016-11-08T19:00:41.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/5.0.0-beta.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/5.0.0-beta.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.0-beta.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/5.0.0-beta.0/manifests"},{"name":"4.8.0","sha":"14857ac0253743f455beb7da1585e34ef5ad52ba","kind":"commit","published_at":"2016-10-16T16:30:18.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/4.8.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/4.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.8.0/manifests"},{"name":"4.7.0","sha":"1129dfad0f95619788ce2fd8494d6bbe658e41a9","kind":"commit","published_at":"2016-09-06T21:10:36.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/4.7.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/4.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.7.0/manifests"},{"name":"4.6.0","sha":"76ce06c6f33a0331b8c299836c483533c7fcdc8a","kind":"commit","published_at":"2016-08-29T22:05:34.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/4.6.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/4.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.6.0/manifests"},{"name":"4.5.0","sha":"7e7219212d0999f84dc7531d8b5c0388f5cf6dec","kind":"commit","published_at":"2016-08-15T20:53:09.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/4.5.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/4.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.5.0/manifests"},{"name":"4.4.0","sha":"87c6cc7b713587ded331e28aa23bc9ca9dadac94","kind":"commit","published_at":"2016-08-07T11:32:35.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/4.4.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/4.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.4.0/manifests"},{"name":"4.3.0","sha":"a382ec8edffe3ac1c5edfc96ee527d91853ae681","kind":"commit","published_at":"2016-07-28T21:32:08.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/4.3.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/4.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.3.0/manifests"},{"name":"4.2.0","sha":"b7535d4a6965097d4f2d2cda466e882dc7ea668b","kind":"commit","published_at":"2016-07-22T14:43:09.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/4.2.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/4.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.2.0/manifests"},{"name":"4.1.0","sha":"9a9ba827297fa216f31d483ec75d3036d34d7ad2","kind":"commit","published_at":"2016-05-27T20:21:11.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/4.1.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/4.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.1.0/manifests"},{"name":"4.0.0","sha":"bc8d9a9d3f40819bd72bd5aa6d9b4011590915b8","kind":"commit","published_at":"2016-04-15T22:48:05.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/4.0.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/4.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/4.0.0/manifests"},{"name":"3.8.0","sha":"7399e441d0bea7e8345596f71e7d7750f9dc62e6","kind":"commit","published_at":"2016-02-28T23:00:14.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/3.8.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/3.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.8.0/manifests"},{"name":"3.7.2","sha":"545cfcb187dd2b10b0f4b96d3f56ded4a990b625","kind":"commit","published_at":"2016-02-24T09:23:09.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/3.7.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/3.7.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.7.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.7.2/manifests"},{"name":"3.7.0","sha":"8fa4d0f05f86be95c99f637a23f88e2e768282c2","kind":"commit","published_at":"2016-02-16T10:12:32.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/3.7.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/3.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.7.0/manifests"},{"name":"3.6.0","sha":"a0a172c90a72f13e0bb891ae9903fbd7996899c9","kind":"commit","published_at":"2016-02-13T20:14:04.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/3.6.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/3.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.6.0/manifests"},{"name":"3.5.0","sha":"9c40ac0388f16064399575587c5be69eb9f628df","kind":"commit","published_at":"2016-02-01T18:18:56.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/3.5.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/3.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.5.0/manifests"},{"name":"3.4.0","sha":"d1ca4874c099f9f40956010e7652897d145d2cb8","kind":"commit","published_at":"2016-01-17T15:05:01.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/3.4.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/3.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.4.0/manifests"},{"name":"3.3.0","sha":"c99d6751adca80869ae92567685e21e80cd4ea6e","kind":"commit","published_at":"2016-01-15T06:54:53.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/3.3.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/3.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.3.0/manifests"},{"name":"3.2.2","sha":"37dd0415da585432f2afaa3d24d74c1b20cd548b","kind":"commit","published_at":"2016-01-13T22:23:32.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/3.2.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/3.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.2.2/manifests"},{"name":"3.2.1","sha":"aad43df008360fc970a9f749c8bae3a6c41718cc","kind":"commit","published_at":"2016-01-13T14:23:04.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/3.2.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/3.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.2.1/manifests"},{"name":"3.2.0","sha":"6da67585011992c00e0919a74a7f67bb4b81bc54","kind":"commit","published_at":"2016-01-09T14:51:17.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/3.2.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/3.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.2.0/manifests"},{"name":"3.1.0","sha":"5f2cc30449d81a7d10148567f3f1ed038b00718e","kind":"commit","published_at":"2016-01-02T17:16:01.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/3.1.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/3.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.1.0/manifests"},{"name":"3.0.0","sha":"bb2e1d93c221d4b0037685f7375f5f0f16dee4f3","kind":"commit","published_at":"2015-12-27T21:47:01.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/3.0.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/3.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/3.0.0/manifests"},{"name":"2.5.0","sha":"4ff5662f78b163707050d05e66a47089f321ce8d","kind":"commit","published_at":"2015-12-19T18:59:39.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/2.5.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/2.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/2.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/2.5.0/manifests"},{"name":"2.4.0","sha":"16b6ee5f95bd7298e234846e4f2b3d301a9bf5da","kind":"commit","published_at":"2015-12-12T21:49:24.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/2.4.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/2.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/2.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/2.4.0/manifests"},{"name":"2.3.0","sha":"7c7abbbc747adac02cbbb92cf37c96472a936b5b","kind":"commit","published_at":"2015-12-11T21:35:14.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/2.3.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/2.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/2.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/2.3.0/manifests"},{"name":"2.2.0","sha":"d7fd8229a96e8562561246e44bf1bd142dc038e9","kind":"commit","published_at":"2015-12-05T21:16:28.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/2.2.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/2.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/2.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/2.2.0/manifests"},{"name":"2.1.0","sha":"7d96e1b642406506e780794a7935fe59de852dbb","kind":"commit","published_at":"2015-11-28T14:59:08.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/2.1.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/2.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/2.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/2.1.0/manifests"},{"name":"2.0.0","sha":"f3d053615f3d9c3e768f9264bcfda91a3e9e8115","kind":"commit","published_at":"2015-11-22T01:03:56.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/2.0.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/2.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/2.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/2.0.0/manifests"},{"name":"2.0.0-beta.2","sha":"650505a6e1f16cb5947e8018f688619469e32e30","kind":"commit","published_at":"2015-11-17T22:23:21.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/2.0.0-beta.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/2.0.0-beta.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/2.0.0-beta.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/2.0.0-beta.2/manifests"},{"name":"1.4.10","sha":"9e32fd55eee1612e547a73c3cca95bcd0664eb2e","kind":"commit","published_at":"2015-11-17T20:32:11.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/1.4.10","html_url":"https://github.com/ajv-validator/ajv/releases/tag/1.4.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.10/manifests"},{"name":"2.0.0-beta.1","sha":"00a626b017529c445a1a65684ec719953306e710","kind":"commit","published_at":"2015-11-14T22:47:04.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/2.0.0-beta.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/2.0.0-beta.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/2.0.0-beta.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/2.0.0-beta.1/manifests"},{"name":"2.0.0-beta.0","sha":"417533cb4af4685dc7579df6e5e395f54c02ae91","kind":"commit","published_at":"2015-11-13T12:26:20.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/2.0.0-beta.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/2.0.0-beta.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/2.0.0-beta.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/2.0.0-beta.0/manifests"},{"name":"1.4.9","sha":"368332ab42d7b1cdc708d69ed314490cecc17a74","kind":"commit","published_at":"2015-11-07T13:53:41.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/1.4.9","html_url":"https://github.com/ajv-validator/ajv/releases/tag/1.4.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.9/manifests"},{"name":"1.4.8","sha":"7b142c56bd94ab79d2e1320e6a99703b2dce384a","kind":"commit","published_at":"2015-10-25T21:55:07.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/1.4.8","html_url":"https://github.com/ajv-validator/ajv/releases/tag/1.4.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.8/manifests"},{"name":"1.4.7","sha":"c4bf67cab06dbf306e9b2ff9737f6d9d19f937a9","kind":"commit","published_at":"2015-10-25T11:31:07.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/1.4.7","html_url":"https://github.com/ajv-validator/ajv/releases/tag/1.4.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.7/manifests"},{"name":"1.4.6","sha":"70844207cf920953908547b650c47ea52426ce22","kind":"commit","published_at":"2015-10-25T00:03:19.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/1.4.6","html_url":"https://github.com/ajv-validator/ajv/releases/tag/1.4.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.6/manifests"},{"name":"1.4.5","sha":"50d30a262af7b3ecdd2de1bdc6a85f55e08630e2","kind":"commit","published_at":"2015-10-15T17:53:55.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/1.4.5","html_url":"https://github.com/ajv-validator/ajv/releases/tag/1.4.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.5/manifests"},{"name":"1.4.4","sha":"365945043840ecbb56b4bb76852ed9df8f6d89a3","kind":"commit","published_at":"2015-10-13T18:39:03.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/1.4.4","html_url":"https://github.com/ajv-validator/ajv/releases/tag/1.4.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.4/manifests"},{"name":"1.4.3","sha":"aedc47cbbfb5ffa3bb60d7742e14051ff15d7e6a","kind":"commit","published_at":"2015-10-02T21:15:03.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/1.4.3","html_url":"https://github.com/ajv-validator/ajv/releases/tag/1.4.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.3/manifests"},{"name":"1.4.2","sha":"a67b661e10e6881ee1196273ade4727ab5446a6e","kind":"commit","published_at":"2015-09-23T22:42:33.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/1.4.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/1.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.2/manifests"},{"name":"1.4.1","sha":"9903881a8f496c06ea10f93ed59c603448063a8b","kind":"commit","published_at":"2015-09-22T22:17:00.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/1.4.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/1.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.1/manifests"},{"name":"1.4.0","sha":"34993de951c7b00b05f1a27a6e37e1ccd9a46ef9","kind":"commit","published_at":"2015-09-13T00:01:20.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/1.4.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/1.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.4.0/manifests"},{"name":"1.3.2","sha":"6723287c3e8b4464f5ca65ad68fbb7d604c7012a","kind":"commit","published_at":"2015-09-07T08:58:33.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/1.3.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/1.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.3.2/manifests"},{"name":"1.3.1","sha":"fe097794a989358b030702c154b8937e9d555d7b","kind":"commit","published_at":"2015-09-02T23:17:50.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/1.3.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/1.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.3.1/manifests"},{"name":"1.3.0","sha":"4dc6cbecb9efb2cef8bf5d60916b82cf4cf35837","kind":"commit","published_at":"2015-09-02T22:50:25.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/1.3.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/1.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.3.0/manifests"},{"name":"1.2.1","sha":"d99e707a69543a72abe0ed71505edff4bcbc6db8","kind":"commit","published_at":"2015-08-23T23:40:27.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/1.2.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/1.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.2.1/manifests"},{"name":"1.2.0","sha":"44e1af15f10491528c048397f9bc70fc90bda569","kind":"commit","published_at":"2015-08-23T20:33:21.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/1.2.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/1.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.2.0/manifests"},{"name":"1.1.1","sha":"6d37952a8ab59f4b088b5eb8143b9b8c7b581be6","kind":"commit","published_at":"2015-08-23T10:43:11.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/1.1.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/1.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.1.1/manifests"},{"name":"1.1.0","sha":"14c6426a55f1836915aa9b8331001e691380ecd6","kind":"tag","published_at":"2015-08-22T21:23:02.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/1.1.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/1.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.1.0/manifests"},{"name":"1.0.1","sha":"5c15acc41998f86cc7f1ba5f066055448ee9d89d","kind":"commit","published_at":"2015-08-21T22:38:33.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/1.0.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/1.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.0.1/manifests"},{"name":"1.0.0","sha":"2598a4da84db87337ba5f57538f97cded575c7ef","kind":"commit","published_at":"2015-08-16T22:20:32.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/1.0.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/1.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/1.0.0/manifests"},{"name":"0.7.0","sha":"dfa640a1b2737d711d75dd82dee60b0a3ac0be9f","kind":"commit","published_at":"2015-08-09T11:49:05.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/0.7.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/0.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.7.0/manifests"},{"name":"0.6.11","sha":"62adbbe1ed96899e8f54ac5f3d315dc0370d6c8d","kind":"commit","published_at":"2015-07-31T18:23:35.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/0.6.11","html_url":"https://github.com/ajv-validator/ajv/releases/tag/0.6.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.6.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.6.11/manifests"},{"name":"0.6.10","sha":"232a7aeb495892894b29220b65da520489ddf5fa","kind":"commit","published_at":"2015-07-30T08:21:36.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/0.6.10","html_url":"https://github.com/ajv-validator/ajv/releases/tag/0.6.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.6.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.6.10/manifests"},{"name":"0.6.9","sha":"a7886e31e2b0420c88098ed966500e15f82b7bb9","kind":"commit","published_at":"2015-07-26T09:59:36.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/0.6.9","html_url":"https://github.com/ajv-validator/ajv/releases/tag/0.6.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.6.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.6.9/manifests"},{"name":"0.6.1","sha":"5416eaf86de51bd0991a88dd67a22ae78e9fde9e","kind":"commit","published_at":"2015-06-30T23:30:57.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/0.6.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/0.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.6.1/manifests"},{"name":"0.6.0","sha":"1cbcade81f4ad8a532367e105a48899911eec15f","kind":"commit","published_at":"2015-06-24T00:28:40.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/0.6.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/0.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.6.0/manifests"},{"name":"0.5.11","sha":"391d60482c09193fe78060c67b24409038b78fcb","kind":"commit","published_at":"2015-06-23T16:26:03.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/0.5.11","html_url":"https://github.com/ajv-validator/ajv/releases/tag/0.5.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.5.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.5.11/manifests"},{"name":"0.5.9","sha":"4a26b40e9ff1e7aeb4debb833423abbcda846990","kind":"commit","published_at":"2015-06-20T17:46:51.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/0.5.9","html_url":"https://github.com/ajv-validator/ajv/releases/tag/0.5.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.5.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.5.9/manifests"},{"name":"0.5.6","sha":"4e1f0e54c44f2fe5d3adf1111f3a5c169556e70d","kind":"commit","published_at":"2015-06-18T23:59:53.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/0.5.6","html_url":"https://github.com/ajv-validator/ajv/releases/tag/0.5.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.5.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.5.6/manifests"},{"name":"0.5.2","sha":"9931223dd9434f4dd75b73bd990d7104bcc78cdd","kind":"commit","published_at":"2015-06-17T14:52:24.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/0.5.2","html_url":"https://github.com/ajv-validator/ajv/releases/tag/0.5.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.5.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.5.2/manifests"},{"name":"0.5.1","sha":"5f36f17f63219bcceed2f2f1bf3e758eebe23444","kind":"commit","published_at":"2015-06-17T13:42:13.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/0.5.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/0.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.5.1/manifests"},{"name":"0.5.0","sha":"5b434b426e27953bb82819c3a0037c41e5532fea","kind":"commit","published_at":"2015-06-17T01:05:52.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/0.5.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/0.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.5.0/manifests"},{"name":"0.4.14","sha":"0576ea986e1213bf025f646b6a7bfd3232b4f47a","kind":"commit","published_at":"2015-06-16T21:19:26.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/0.4.14","html_url":"https://github.com/ajv-validator/ajv/releases/tag/0.4.14","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.4.14","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.4.14/manifests"},{"name":"0.4.4","sha":"9dfa073e2822e65193a3bbcc78e69bb13385a43e","kind":"commit","published_at":"2015-06-14T08:04:11.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/0.4.4","html_url":"https://github.com/ajv-validator/ajv/releases/tag/0.4.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.4.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.4.4/manifests"},{"name":"0.4.1","sha":"60b186402f0a4c33bc4fc4684c05892d54334e43","kind":"commit","published_at":"2015-06-13T12:55:23.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/0.4.1","html_url":"https://github.com/ajv-validator/ajv/releases/tag/0.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.4.1/manifests"},{"name":"0.4.0","sha":"0b3806fd18bd1bc30725865502224382264b4702","kind":"commit","published_at":"2015-06-13T12:01:05.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/0.4.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/0.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.4.0/manifests"},{"name":"0.3.8","sha":"80b04dfc4ca9d4ed867008ed6d3549e0c711c642","kind":"commit","published_at":"2015-06-12T10:43:41.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/0.3.8","html_url":"https://github.com/ajv-validator/ajv/releases/tag/0.3.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.3.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.3.8/manifests"},{"name":"0.3.0","sha":"606e81ad4bf918f68b97c15de240005f3230c466","kind":"commit","published_at":"2015-06-07T20:55:40.000Z","download_url":"https://codeload.github.com/ajv-validator/ajv/tar.gz/0.3.0","html_url":"https://github.com/ajv-validator/ajv/releases/tag/0.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajv-validator%2Fajv/tags/0.3.0/manifests"}]},"repo_metadata_updated_at":"2025-06-05T16:33:29.870Z","dependent_packages_count":14548,"downloads":620948870,"downloads_period":"last-month","dependent_repos_count":1087714,"rankings":{"downloads":0.0009035345450005381,"dependent_repos_count":0.03143205023213993,"dependent_packages_count":0.007858012558034982,"stargazers_count":0.9029048088025073,"forks_count":1.3165045917351779,"docker_downloads_count":0.00355937851060818,"average":0.37719372939724477},"purl":"pkg:npm/ajv","advisories":[{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY4OGctY2dtdy12NXh3","url":"https://github.com/advisories/GHSA-v88g-cgmw-v5xw","title":"Prototype Pollution in Ajv","description":"An issue was discovered in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. (While untrusted schemas are recommended against, the worst case of an untrusted schema should be a denial of service, not execution of code.)","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-02-10T23:30:59.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2020-15366","https://github.com/ajv-validator/ajv/commit/65b2f7d76b190ac63a0d4e9154c712d7aa37049f","https://github.com/ajv-validator/ajv/releases/tag/v6.12.3","https://hackerone.com/bugs?subject=user\u0026report_id=894259","https://github.com/ajv-validator/ajv/tags","https://security.netapp.com/advisory/ntap-20240621-0007","https://github.com/advisories/GHSA-v88g-cgmw-v5xw"],"source_kind":"github","identifiers":["GHSA-v88g-cgmw-v5xw","CVE-2020-15366"],"repository_url":"https://github.com/ajv-validator/ajv","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"6.12.3","vulnerable_version_range":"\u003c 6.12.3"}],"ecosystem":"npm","package_name":"ajv"}],"created_at":"2022-12-21T16:13:04.527Z","updated_at":"2025-04-21T01:15:31.342Z","epss_percentage":0.00451,"epss_percentile":0.62466}],"docker_usage_url":"https://docker.ecosyste.ms/usage/npm/ajv","docker_dependents_count":52090,"docker_downloads_count":14670535026,"usage_url":"https://repos.ecosyste.ms/usage/npm/ajv","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/npm/ajv/dependencies","status":null,"funding_links":["https://github.com/sponsors/epoberezkin","https://tidelift.com/funding/github/npm/ajv","https://opencollective.com/ajv"],"critical":true,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/ajv/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/ajv/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/ajv/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/ajv/related_packages","maintainers":[{"uuid":"esp","login":"esp","name":null,"email":"e.poberezkin@me.com","url":null,"packages_count":67,"html_url":"https://www.npmjs.com/~esp","role":null,"created_at":"2022-11-10T11:25:17.872Z","updated_at":"2022-11-10T11:25:17.872Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/esp/packages"},{"uuid":"blakeembrey","login":"blakeembrey","name":null,"email":"hello@blakeembrey.com","url":null,"packages_count":233,"html_url":"https://www.npmjs.com/~blakeembrey","role":null,"created_at":"2022-11-10T11:25:17.869Z","updated_at":"2022-11-10T11:25:17.869Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/blakeembrey/packages"}],"registry":{"name":"npmjs.org","url":"https://registry.npmjs.org","ecosystem":"npm","default":true,"packages_count":5006541,"maintainers_count":1012935,"namespaces_count":295512,"keywords_count":700181,"github":"npm","metadata":{"funded_packages_count":150239},"icon_url":"https://github.com/npm.png","created_at":"2022-04-04T15:19:23.081Z","updated_at":"2025-06-06T05:58:05.971Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/namespaces"}},"unique_repositories_count":4688,"unique_repositories_count_past_30_days":138,"recent_issues":[{"uuid":"4661365883","node_id":"PR_kwDONJpy787mWEqE","number":639,"state":"open","title":"fix(deps): bump ajv from 8.18.0 to 8.20.0 in /apps/web/site","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T01:28:01.000Z","updated_at":"2026-06-15T01:28:08.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"fix(deps)","packages":[{"name":"ajv","old_version":"8.18.0","new_version":"8.20.0","repository_url":"https://github.com/ajv-validator/ajv"}],"path":"/apps/web/site","ecosystem":"npm"},"body":"Bumps [ajv](https://github.com/ajv-validator/ajv) from 8.18.0 to 8.20.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ajv-validator/ajv/releases\"\u003eajv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.20.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add support for node 22/24, drop node 16/21 by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2580\"\u003eajv-validator/ajv#2580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: add ES2022.RegExp for RegExpIndicesArray by \u003ca href=\"https://github.com/SignpostMarv\"\u003e\u003ccode\u003e@​SignpostMarv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2604\"\u003eajv-validator/ajv#2604\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.19.0...v8.20.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.19.0...v8.20.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix prototype pollution via format keyword using $data ref by \u003ca href=\"https://github.com/epoberezkin\"\u003e\u003ccode\u003e@​epoberezkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2607\"\u003eajv-validator/ajv#2607\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.18.0...v8.19.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.18.0...v8.19.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/0fba0b8e649909613cfce0999b149cd08f4a4987\"\u003e\u003ccode\u003e0fba0b8\u003c/code\u003e\u003c/a\u003e 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/9caf8d64409b05e2c670b3ff09cf7ca07937342e\"\u003e\u003ccode\u003e9caf8d6\u003c/code\u003e\u003c/a\u003e fix: add ES2022.RegExp for RegExpIndicesArray; fixes \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2603\"\u003eajv-validator/ajv#2603\u003c/a\u003e (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/206535071f776f57737394c8896d4b2dc2bfb9a3\"\u003e\u003ccode\u003e2065350\u003c/code\u003e\u003c/a\u003e fix: add support for node 22/24, drop node 16/21 (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2580\"\u003e#2580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/154b58d690c6596e09ca676e12720ab8234ee3d2\"\u003e\u003ccode\u003e154b58d\u003c/code\u003e\u003c/a\u003e 8.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e8d2bdc501b3ba6f03922db5e595770d4763d9da\"\u003e\u003ccode\u003ee8d2bdc\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2607\"\u003e#2607\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.18.0...v8.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ajv\u0026package-manager=npm_and_yarn\u0026previous-version=8.18.0\u0026new-version=8.20.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/mlorentedev/kubelab/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/mlorentedev/kubelab/pull/639","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mlorentedev%2Fkubelab/issues/639","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/639/packages"},{"uuid":"4661268248","node_id":"PR_kwDOR9eYC87mVx3U","number":38,"state":"open","title":"chore(deps): bump the minor-and-patch group across 1 directory with 26 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T00:58:56.000Z","updated_at":"2026-06-15T00:59:39.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"minor-and-patch","update_count":26,"packages":[{"name":"@ai-sdk/react","old_version":"3.0.170","new_version":"3.0.207","repository_url":"https://github.com/vercel/ai"},{"name":"border-beam","old_version":"1.0.1","new_version":"1.2.0","repository_url":"https://github.com/Jakubantalik/border-beam"},{"name":"lucide-react","old_version":"1.8.0","new_version":"1.18.0","repository_url":"https://github.com/lucide-icons/lucide"},{"name":"maplibre-gl","old_version":"5.23.0","new_version":"5.24.0","repository_url":"https://github.com/maplibre/maplibre-gl-js"},{"name":"motion","old_version":"12.38.0","new_version":"12.40.0","repository_url":"https://github.com/motiondivision/motion"},{"name":"react","old_version":"19.2.5","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"@types/react","old_version":"19.2.14","new_version":"19.2.17","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"react-dom","old_version":"19.2.5","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"react-router-dom","old_version":"7.14.2","new_version":"7.17.0","repository_url":"https://github.com/remix-run/react-router"},{"name":"@playwright/test","old_version":"1.59.1","new_version":"1.60.0","repository_url":"https://github.com/microsoft/playwright"},{"name":"@tailwindcss/postcss","old_version":"4.2.4","new_version":"4.3.1","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@vitejs/plugin-react","old_version":"6.0.1","new_version":"6.0.2","repository_url":"https://github.com/vitejs/vite-plugin-react"},{"name":"@vitest/coverage-v8","old_version":"4.1.5","new_version":"4.1.8","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"ajv","old_version":"8.18.0","new_version":"8.20.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"eslint-plugin-react-hooks","old_version":"7.0.1","new_version":"7.1.1","repository_url":"https://github.com/facebook/react"},{"name":"eslint-plugin-react-refresh","old_version":"0.5.2","new_version":"0.5.3","repository_url":"https://github.com/ArnaudBarre/eslint-plugin-react-refresh"},{"name":"globals","old_version":"17.5.0","new_version":"17.6.0","repository_url":"https://github.com/sindresorhus/globals"},{"name":"happy-dom","old_version":"20.9.0","new_version":"20.10.3","repository_url":"https://github.com/capricorn86/happy-dom"},{"name":"proj4","old_version":"2.20.8","new_version":"2.20.9","repository_url":"https://github.com/proj4js/proj4js"},{"name":"@types/proj4","old_version":"2.5.6","new_version":"2.19.0","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"tsx","old_version":"4.21.0","new_version":"4.22.4","repository_url":"https://github.com/privatenumber/tsx"},{"name":"typescript-eslint","old_version":"8.59.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"vite","old_version":"8.0.9","new_version":"8.0.16","repository_url":"https://github.com/vitejs/vite"}],"path":null,"ecosystem":"npm"},"body":"Bumps the minor-and-patch group with 23 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@ai-sdk/react](https://github.com/vercel/ai/tree/HEAD/packages/react) | `3.0.170` | `3.0.207` |\n| [border-beam](https://github.com/Jakubantalik/border-beam) | `1.0.1` | `1.2.0` |\n| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.8.0` | `1.18.0` |\n| [maplibre-gl](https://github.com/maplibre/maplibre-gl-js) | `5.23.0` | `5.24.0` |\n| [motion](https://github.com/motiondivision/motion) | `12.38.0` | `12.40.0` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.5` | `19.2.7` |\n| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.17` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.5` | `19.2.7` |\n| [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `7.14.2` | `7.17.0` |\n| [@playwright/test](https://github.com/microsoft/playwright) | `1.59.1` | `1.60.0` |\n| [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss) | `4.2.4` | `4.3.1` |\n| [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) | `6.0.1` | `6.0.2` |\n| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.1.5` | `4.1.8` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.18.0` | `8.20.0` |\n| [eslint-plugin-react-hooks](https://github.com/facebook/react/tree/HEAD/packages/eslint-plugin-react-hooks) | `7.0.1` | `7.1.1` |\n| [eslint-plugin-react-refresh](https://github.com/ArnaudBarre/eslint-plugin-react-refresh) | `0.5.2` | `0.5.3` |\n| [globals](https://github.com/sindresorhus/globals) | `17.5.0` | `17.6.0` |\n| [happy-dom](https://github.com/capricorn86/happy-dom) | `20.9.0` | `20.10.3` |\n| [proj4](https://github.com/proj4js/proj4js) | `2.20.8` | `2.20.9` |\n| [@types/proj4](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/proj4) | `2.5.6` | `2.19.0` |\n| [tsx](https://github.com/privatenumber/tsx) | `4.21.0` | `4.22.4` |\n| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.59.0` | `8.61.0` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.0.9` | `8.0.16` |\n\n\nUpdates `@ai-sdk/react` from 3.0.170 to 3.0.207\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.207\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.205\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.205\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [bfa5864]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [f42aa79]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [5291f7e]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [b4b575a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/provider-utils\u003c/code\u003e\u003ca href=\"https://github.com/4\"\u003e\u003ccode\u003e@​4\u003c/code\u003e\u003c/a\u003e.0.29\u003c/li\u003e\n\u003cli\u003eai@6.0.203\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/react@3.0.207/packages/react/CHANGELOG.md\"\u003e@​ai-sdk/react's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.207\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.205\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.206\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.204\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.205\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [bfa5864]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [f42aa79]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [5291f7e]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [b4b575a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/provider-utils\u003c/code\u003e\u003ca href=\"https://github.com/4\"\u003e\u003ccode\u003e@​4\u003c/code\u003e\u003c/a\u003e.0.29\u003c/li\u003e\n\u003cli\u003eai@6.0.203\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.204\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [942f2f8]\n\u003cul\u003e\n\u003cli\u003eai@6.0.202\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/provider-utils\u003c/code\u003e\u003ca href=\"https://github.com/4\"\u003e\u003ccode\u003e@​4\u003c/code\u003e\u003c/a\u003e.0.28\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.203\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [0c8c0ed]\n\u003cul\u003e\n\u003cli\u003eai@6.0.201\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.202\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [14098e7]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [2cabe9c]\n\u003cul\u003e\n\u003cli\u003eai@6.0.200\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.201\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/55486720c5be0238b9d477a778b0428e5e48d9d4\"\u003e\u003ccode\u003e5548672\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/16097\"\u003e#16097\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/63b3f6081df232ff3b2a84b27cc3eda33f215586\"\u003e\u003ccode\u003e63b3f60\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/16086\"\u003e#16086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/bae9babb22e195e74a9a0c0e26a5e52c8ba8e7f2\"\u003e\u003ccode\u003ebae9bab\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/16026\"\u003e#16026\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/9ef2c3cfadfc4a469e9eec6a6e8a0ac0fc80a1e5\"\u003e\u003ccode\u003e9ef2c3c\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15998\"\u003e#15998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/dca8c38b09acba1a5eebf354b532833ab055413a\"\u003e\u003ccode\u003edca8c38\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15992\"\u003e#15992\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a340536d4cd232c42757bf04c3ec35f589f6fe35\"\u003e\u003ccode\u003ea340536\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15965\"\u003e#15965\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/f6e588173713842794c619f9554a4b341c6e97f5\"\u003e\u003ccode\u003ef6e5881\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15902\"\u003e#15902\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/8ad68fe1569329bc4fcb578d57fb7a7a0509af26\"\u003e\u003ccode\u003e8ad68fe\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15898\"\u003e#15898\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/de852ab79aac88345c8a9ae54003fb206e1a64b4\"\u003e\u003ccode\u003ede852ab\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15821\"\u003e#15821\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/7aca1fc2004800171233ae16c2456ef297552441\"\u003e\u003ccode\u003e7aca1fc\u003c/code\u003e\u003c/a\u003e backport: chore: update TypeScript references and fix `pnpm update-references...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/react@3.0.207/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​ai-sdk/react\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `border-beam` from 1.0.1 to 1.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Jakubantalik/border-beam/releases\"\u003eborder-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.2.0\u003c/h2\u003e\n\u003ch2\u003ePulse: dynamic colors + synced glow\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePulse \u003ccode\u003einner\u003c/code\u003e/\u003ccode\u003eoutside\u003c/code\u003e hue now rotates a full 360° continuously, so colors are no longer pinned to fixed edges (previously a ±30° ping-pong left red/orange in the top-right and green/blue on the left).\u003c/li\u003e\n\u003cli\u003eThe wide bloom halo now shares the same hue rotation as the core/stroke, keeping the large and small glows color-matched (most visible on blue/green transitions).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Jakubantalik/border-beam/blob/main/CHANGELOG.md\"\u003eborder-beam's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e1.1.0\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRetuned the \u003ccode\u003epulse-outside\u003c/code\u003e and \u003ccode\u003epulse-inner\u003c/code\u003e presets to match the latest prototype values (opacities, brightness/saturation, glow/bloom blur, drift, and glow sizing).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epulse-outside\u003c/code\u003e no longer paints its own idle hairline (\u003ccode\u003ehairlineOpacity\u003c/code\u003e defaults to \u003ccode\u003e0\u003c/code\u003e). The colored stroke now rides directly on the wrapped element's own 1px border instead of doubling it, matching the prototype's single-hairline look.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epulse-inner\u003c/code\u003e bloom alignment: the bloom ring used a 2px padding while the stroke used 1px, so the bloom sat 1px further inward than the stroke. Both now share the same 1px edge ring.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe pulse breathing motion is driven from a single shared, ~30fps \u003ccode\u003erequestAnimationFrame\u003c/code\u003e loop (\u003ccode\u003epulseDriver.ts\u003c/code\u003e) instead of per-instance CSS \u003ccode\u003e@property\u003c/code\u003e keyframes. This reduces repaint frequency, works without \u003ccode\u003e@property\u003c/code\u003e support, and pauses automatically when the instance is inactive, offscreen, or the user prefers reduced motion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/Jakubantalik/border-beam/commits/v1.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lucide-react` from 1.8.0 to 1.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lucide-icons/lucide/releases\"\u003elucide-react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 1.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(site): Remove survey from site by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4417\"\u003elucide-icons/lucide#4417\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003eplay-off\u003c/code\u003e icon by \u003ca href=\"https://github.com/Ahmed-Dghaies\"\u003e\u003ccode\u003e@​Ahmed-Dghaies\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4412\"\u003elucide-icons/lucide#4412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(metadata): add missing use-cases prop on play-off.json by \u003ca href=\"https://github.com/karsa-mistmere\"\u003e\u003ccode\u003e@​karsa-mistmere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4423\"\u003elucide-icons/lucide#4423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(docs): force hide #bb-banner, if html.has-bb-banner is missing by \u003ca href=\"https://github.com/karsa-mistmere\"\u003e\u003ccode\u003e@​karsa-mistmere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4422\"\u003elucide-icons/lucide#4422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(docs): Remove \u003ccode\u003e@next\u003c/code\u003e from installation instructions for\u003ccode\u003e@lucide/svelte\u003c/code\u003e by \u003ca href=\"https://github.com/alecglassford\"\u003e\u003ccode\u003e@​alecglassford\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4432\"\u003elucide-icons/lucide#4432\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(packages/angular): add support for Angular v22 and onwards by \u003ca href=\"https://github.com/karsa-mistmere\"\u003e\u003ccode\u003e@​karsa-mistmere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4450\"\u003elucide-icons/lucide#4450\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(ci): add check to skip release if latest tag was created today by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4085\"\u003elucide-icons/lucide#4085\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003ewebcam-off\u003c/code\u003e icon by \u003ca href=\"https://github.com/jordan-burnett\"\u003e\u003ccode\u003e@​jordan-burnett\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4242\"\u003elucide-icons/lucide#4242\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/alecglassford\"\u003e\u003ccode\u003e@​alecglassford\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4432\"\u003elucide-icons/lucide#4432\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jordan-burnett\"\u003e\u003ccode\u003e@​jordan-burnett\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4242\"\u003elucide-icons/lucide#4242\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lucide-icons/lucide/compare/1.17.0...1.18.0\"\u003ehttps://github.com/lucide-icons/lucide/compare/1.17.0...1.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(lucide-vue-next|lucide-svelte|lucide-angular): Remove deprecated packages by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4376\"\u003elucide-icons/lucide#4376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(repo): Update issue templates and documentation for package ren… by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4379\"\u003elucide-icons/lucide#4379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(site): Adds survey overlay to website by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4380\"\u003elucide-icons/lucide#4380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(site): Certificate dev links by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4390\"\u003elucide-icons/lucide#4390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(icons): changed \u003ccode\u003emartini\u003c/code\u003e icon by \u003ca href=\"https://github.com/jamiemlaw\"\u003e\u003ccode\u003e@​jamiemlaw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4335\"\u003elucide-icons/lucide#4335\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump brace-expansion from 1.1.11 to 5.0.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4386\"\u003elucide-icons/lucide#4386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump \u003ccode\u003e@​tootallnate/once\u003c/code\u003e from 2.0.0 to 2.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4404\"\u003elucide-icons/lucide#4404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump devalue from 5.8.0 to 5.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4391\"\u003elucide-icons/lucide#4391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump ws from 8.18.0 to 8.20.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4392\"\u003elucide-icons/lucide#4392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(gh-icon): limit icon size to a maximum of 256 pixels by \u003ca href=\"https://github.com/jguddas\"\u003e\u003ccode\u003e@​jguddas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4398\"\u003elucide-icons/lucide#4398\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(dependencies): Update dependencies by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4377\"\u003elucide-icons/lucide#4377\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(copilot): Adding copilot instructions by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4407\"\u003elucide-icons/lucide#4407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): add \u003ccode\u003eglobe-check\u003c/code\u003e by \u003ca href=\"https://github.com/Barakudum\"\u003e\u003ccode\u003e@​Barakudum\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4342\"\u003elucide-icons/lucide#4342\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(metadata): Require use-cases in meta json by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4321\"\u003elucide-icons/lucide#4321\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003eparasol\u003c/code\u003e icon by \u003ca href=\"https://github.com/karsa-mistmere\"\u003e\u003ccode\u003e@​karsa-mistmere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4347\"\u003elucide-icons/lucide#4347\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lucide-icons/lucide/compare/1.16.0...1.17.0\"\u003ehttps://github.com/lucide-icons/lucide/compare/1.16.0...1.17.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003eblender\u003c/code\u003e icon by \u003ca href=\"https://github.com/rrod497\"\u003e\u003ccode\u003e@​rrod497\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/3884\"\u003elucide-icons/lucide#3884\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lucide-icons/lucide/compare/1.15.0...1.16.0\"\u003ehttps://github.com/lucide-icons/lucide/compare/1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.15.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: remove 'less' from brand stopwords by \u003ca href=\"https://github.com/jguddas\"\u003e\u003ccode\u003e@​jguddas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4331\"\u003elucide-icons/lucide#4331\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(\u003ccode\u003e@​lucide/vue\u003c/code\u003e): Clone slots before passing to icon by \u003ca href=\"https://github.com/axtho\"\u003e\u003ccode\u003e@​axtho\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4339\"\u003elucide-icons/lucide#4339\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(icons): changed \u003ccode\u003etext-cursor\u003c/code\u003e icon by \u003ca href=\"https://github.com/jamiemlaw\"\u003e\u003ccode\u003e@​jamiemlaw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4340\"\u003elucide-icons/lucide#4340\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lucide-icons/lucide/commit/07c885e6c1f9952965ba388b7fd2bb7c4d416a67\"\u003e\u003ccode\u003e07c885e\u003c/code\u003e\u003c/a\u003e fix(docs): fix zephyr-cloud URL in readmes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lucide-icons/lucide/commit/50d8af5a1012e188f3d71ac8f1fc0fba1aab5357\"\u003e\u003ccode\u003e50d8af5\u003c/code\u003e\u003c/a\u003e docs(readme): Update readme files (\u003ca href=\"https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react/issues/4320\"\u003e#4320\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lucide-icons/lucide/commit/653e44b83293567ff24dcb90ca1094a9cf0a042a\"\u003e\u003ccode\u003e653e44b\u003c/code\u003e\u003c/a\u003e feat(packages): use .mjs for ESM bundles (\u003ca href=\"https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react/issues/4285\"\u003e#4285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/lucide-icons/lucide/commits/1.18.0/packages/lucide-react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `maplibre-gl` from 5.23.0 to 5.24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/maplibre/maplibre-gl-js/releases\"\u003emaplibre-gl's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.24.0\u003c/h2\u003e\n\u003ch3\u003e✨ Features and improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGPU performance optimization: Render halo and glyph in a single pass (-40% Time Reduction) (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/pull/7436\"\u003e#7436\u003c/a\u003e) (by \u003ca href=\"https://github.com/xavierjs\"\u003e\u003ccode\u003e@​xavierjs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize matrix inversions and reduce GPU stalls (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/pull/7367\"\u003e#7367\u003c/a\u003e) (by \u003ca href=\"https://github.com/xavierjs\"\u003e\u003ccode\u003e@​xavierjs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd example showing how to measure map performance using built-in events (\u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eidle\u003c/code\u003e, \u003ccode\u003erender\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/pull/7077\"\u003e#7077\u003c/a\u003e) (by \u003ca href=\"https://github.com/CommanderStorm\"\u003e\u003ccode\u003e@​CommanderStorm\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🐞 Bug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003ePopup\u003c/code\u003e not updating its position when switching between terrain/globe projections (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/pull/7468\"\u003e#7468\u003c/a\u003e) (by \u003ca href=\"https://github.com/CommanderStorm\"\u003e\u003ccode\u003e@​CommanderStorm\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip fog computation when fog opacity is zero (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/pull/7476\"\u003e#7476\u003c/a\u003e) (by \u003ca href=\"https://github.com/CommanderStorm\"\u003e\u003ccode\u003e@​CommanderStorm\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/maplibre/maplibre-gl-js/blob/main/CHANGELOG.md\"\u003emaplibre-gl's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.24.0\u003c/h2\u003e\n\u003ch3\u003e✨ Features and improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGPU performance optimization: Render halo and glyph in a single pass (-40% Time Reduction) (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/pull/7436\"\u003e#7436\u003c/a\u003e) (by \u003ca href=\"https://github.com/xavierjs\"\u003e\u003ccode\u003e@​xavierjs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize matrix inversions and reduce GPU stalls (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/pull/7367\"\u003e#7367\u003c/a\u003e) (by \u003ca href=\"https://github.com/xavierjs\"\u003e\u003ccode\u003e@​xavierjs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd example showing how to measure map performance using built-in events (\u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eidle\u003c/code\u003e, \u003ccode\u003erender\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/pull/7077\"\u003e#7077\u003c/a\u003e) (by \u003ca href=\"https://github.com/CommanderStorm\"\u003e\u003ccode\u003e@​CommanderStorm\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🐞 Bug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003ePopup\u003c/code\u003e not updating its position when switching between terrain/globe projections (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/pull/7468\"\u003e#7468\u003c/a\u003e) (by \u003ca href=\"https://github.com/CommanderStorm\"\u003e\u003ccode\u003e@​CommanderStorm\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip fog computation when fog opacity is zero (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/pull/7476\"\u003e#7476\u003c/a\u003e) (by \u003ca href=\"https://github.com/CommanderStorm\"\u003e\u003ccode\u003e@​CommanderStorm\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maplibre/maplibre-gl-js/commit/fd31bd85967c19446d836236e93021fb10ffe30d\"\u003e\u003ccode\u003efd31bd8\u003c/code\u003e\u003c/a\u003e Bump js version to 5.24.0 (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/issues/7509\"\u003e#7509\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maplibre/maplibre-gl-js/commit/859e6fa2c6905146205d418dfbe6dba4274c4182\"\u003e\u003ccode\u003e859e6fa\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump rollup from 4.60.1 to 4.60.2 (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/issues/7508\"\u003e#7508\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maplibre/maplibre-gl-js/commit/1401f2db49354715376a65b633b24c1b2ebc1c45\"\u003e\u003ccode\u003e1401f2d\u003c/code\u003e\u003c/a\u003e chore(deps): bump actions/setup-node from 6.3.0 to 6.4.0 (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/issues/7507\"\u003e#7507\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maplibre/maplibre-gl-js/commit/57f77d34be01c2029adf3c462d59ec763f13d4ca\"\u003e\u003ccode\u003e57f77d3\u003c/code\u003e\u003c/a\u003e chore(deps): bump dependabot/fetch-metadata from 3.0.0 to 3.1.0 (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/issues/7506\"\u003e#7506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maplibre/maplibre-gl-js/commit/1d3c3f45649ed4fc0e48a6a08c5d4b97a7f05822\"\u003e\u003ccode\u003e1d3c3f4\u003c/code\u003e\u003c/a\u003e Update PR template to include AI policy confirmation (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/issues/7505\"\u003e#7505\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maplibre/maplibre-gl-js/commit/b30f01171cb01966eeb0b46cb918e9aadbbef160\"\u003e\u003ccode\u003eb30f011\u003c/code\u003e\u003c/a\u003e docs: Improve documentation for MapOptions hash parameter (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/issues/7503\"\u003e#7503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maplibre/maplibre-gl-js/commit/d1614ef5da6ed43ecd3a2a51fb275912269df640\"\u003e\u003ccode\u003ed1614ef\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump devtools-protocol from 0.0.1616338 to 0.0.1617013 (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/issues/7504\"\u003e#7504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maplibre/maplibre-gl-js/commit/d44f14b4c382ecb827967281a4d6342dfc30bb35\"\u003e\u003ccode\u003ed44f14b\u003c/code\u003e\u003c/a\u003e Fix author attribution for touchZoomRotate features (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/issues/7502\"\u003e#7502\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maplibre/maplibre-gl-js/commit/018c3a089e8e4dad35eaab10ddd9b3137ed6c364\"\u003e\u003ccode\u003e018c3a0\u003c/code\u003e\u003c/a\u003e Symbol SDF Performance Optimization: Render Halo and Glyph in a Single Pass (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maplibre/maplibre-gl-js/commit/38f6798244fa7d05f9eea8daf758addc3f38dd89\"\u003e\u003ccode\u003e38f6798\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump diff from 8.0.4 to 9.0.0 (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/issues/7497\"\u003e#7497\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/maplibre/maplibre-gl-js/compare/v5.23.0...v5.24.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `motion` from 12.38.0 to 12.40.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/motiondivision/motion/blob/main/CHANGELOG.md\"\u003emotion's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[12.40.0] 2026-05-21\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epath\u003c/code\u003e option to \u003ccode\u003etransition\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003earc()\u003c/code\u003e for motion along an arc.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[12.39.0] 2026-05-18\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for \u003ccode\u003erepeatType\u003c/code\u003e and \u003ccode\u003erepeatDelay\u003c/code\u003e in animation sequences.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eVariants: Re-run keyframe animations when switching between variant labels even when they share identical keyframe arrays.\u003c/li\u003e\n\u003cli\u003eDrag: Preserve in-flight motion value animations across React 19 reorder unmount/remount so \u003ccode\u003edragSnapToOrigin\u003c/code\u003e no longer leaves the drag transform stranded after a layout swap.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eLazyMotion\u003c/code\u003e: Share React contexts between the \u003ccode\u003eframer-motion\u003c/code\u003e and \u003ccode\u003eframer-motion/m\u003c/code\u003e (and therefore \u003ccode\u003emotion/react\u003c/code\u003e and \u003ccode\u003emotion/react-m\u003c/code\u003e) CJS bundles so that \u003ccode\u003e\u0026lt;m.div\u0026gt;\u003c/code\u003e from the \u003ccode\u003e/m\u003c/code\u003e subpath picks up features loaded by \u003ccode\u003e\u0026lt;LazyMotion\u0026gt;\u003c/code\u003e from the main entry point.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseScroll\u003c/code\u003e: Support hydrating \u003ccode\u003etarget\u003c/code\u003e and \u003ccode\u003econtainer\u003c/code\u003e refs from anywhere in the tree.\u003c/li\u003e\n\u003cli\u003eDrag: Gesture no longer starts from incorrect start point when rendered inside \u003ccode\u003e\u0026lt;AnimatePresence initial={false} /\u0026gt;\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eDrag: \u003ccode\u003edragConstraints\u003c/code\u003e, when set as viewport-relative ref, no longer break on scroll.§\u003c/li\u003e\n\u003cli\u003eUpdated \u003ccode\u003evisualElement\u003c/code\u003e hydration order.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseAnimate\u003c/code\u003e: Now respects \u003ccode\u003eskipAnimations\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAnimatePresence\u003c/code\u003e: Fix object-form \u003ccode\u003einitial\u003c/code\u003e values not applied on re-entry after exit completes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003escroll\u003c/code\u003e: Fixed callback progress when tracking an element.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseScroll\u003c/code\u003e: Fix hardware acceleration when tracking an element.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motiondivision/motion/commit/38ebb9480e5b25a51e09e2ec866c101d01d82c60\"\u003e\u003ccode\u003e38ebb94\u003c/code\u003e\u003c/a\u003e v12.40.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motiondivision/motion/commit/b1f766c7221cfdbf868e2f66675d6d2e2ff8f50e\"\u003e\u003ccode\u003eb1f766c\u003c/code\u003e\u003c/a\u003e Latest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motiondivision/motion/commit/bca554401519e8ef45db1dcc8c52580998251c73\"\u003e\u003ccode\u003ebca5544\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/motiondivision/motion/issues/3699\"\u003e#3699\u003c/a\u003e from motiondivision/lochie/arcs-injectable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motiondivision/motion/commit/f1a96cfaff8de87712539bf250205134c8e121d9\"\u003e\u003ccode\u003ef1a96cf\u003c/code\u003e\u003c/a\u003e arc(): rename amp/rotate, expose MotionPath, fix explicit cw/ccw\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motiondivision/motion/commit/b4aaba0d161cce6db7b2070ec3fd141e1dbcda95\"\u003e\u003ccode\u003eb4aaba0\u003c/code\u003e\u003c/a\u003e pathRotation: non-destructive orientToPath rotation channel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motiondivision/motion/commit/8604ef3d9048127d61a8bbd94698e56368e70926\"\u003e\u003ccode\u003e8604ef3\u003c/code\u003e\u003c/a\u003e Make arcs injectable via \u003ccode\u003etransition.path = arc()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motiondivision/motion/commit/f90fe294c559c3bd7b13e762b0b2aefe837dc000\"\u003e\u003ccode\u003ef90fe29\u003c/code\u003e\u003c/a\u003e add \u003ccode\u003eorientToPath\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motiondivision/motion/commit/9ebe999fe93e6431ce026a998cb2aeabe690d03b\"\u003e\u003ccode\u003e9ebe999\u003c/code\u003e\u003c/a\u003e fix: test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motiondivision/motion/commit/bc2107e8963b35c0f264810d8dcb8b7b96ac7cb5\"\u003e\u003ccode\u003ebc2107e\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;no should\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motiondivision/motion/commit/6eeb92dc2228419a1d2ba33bec5df36c3357683a\"\u003e\u003ccode\u003e6eeb92d\u003c/code\u003e\u003c/a\u003e no should\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/motiondivision/motion/compare/v12.38.0...v12.40.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react` from 19.2.5 to 19.2.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/releases\"\u003ereact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.7 (June 1st, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed missing \u003ccode\u003eFormData\u003c/code\u003e entries in Server Actions which regressed in 19.2.6\n(\u003ca href=\"https://redirect.github.com/facebook/react/pull/36566\"\u003e#36566\u003c/a\u003e by \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.6 (May 6th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eType hardening and performance improvements\n(\u003ca href=\"https://redirect.github.com/facebook/react/pull/36425\"\u003e#36425\u003c/a\u003e by \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react/react/commit/6117d7cca4906492c51fe6a03381e35adfd86e7d\"\u003e\u003ccode\u003e6117d7c\u003c/code\u003e\u003c/a\u003e Version 19.2.7 (\u003ca href=\"https://github.com/facebook/react/tree/HEAD/packages/react/issues/36591\"\u003e#36591\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react/react/commit/eaf3e95ca92be7a23d3c9cc8ffd6f199a40be401\"\u003e\u003ccode\u003eeaf3e95\u003c/code\u003e\u003c/a\u003e Version 19.2.6\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/facebook/react/commits/v19.2.7/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for react since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/react` from 19.2.14 to 19.2.17\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-dom` from 19.2.5 to 19.2.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/releases\"\u003ereact-dom's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.7 (June 1st, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed missing \u003ccode\u003eFormData\u003c/code\u003e entries in Server Actions which regressed in 19.2.6\n(\u003ca href=\"https://redirect.github.com/facebook/react/pull/36566\"\u003e#36566\u003c/a\u003e by \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.6 (May 6th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eType hardening and performance improvements\n(\u003ca href=\"https://redirect.github.com/facebook/react/pull/36425\"\u003e#36425\u003c/a\u003e by \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react/react/commit/6117d7cca4906492c51fe6a03381e35adfd86e7d\"\u003e\u003ccode\u003e6117d7c\u003c/code\u003e\u003c/a\u003e Version 19.2.7 (\u003ca href=\"https://github.com/facebook/react/tree/HEAD/packages/react-dom/issues/36591\"\u003e#36591\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react/react/commit/eaf3e95ca92be7a23d3c9cc8ffd6f199a40be401\"\u003e\u003ccode\u003eeaf3e95\u003c/code\u003e\u003c/a\u003e Version 19.2.6\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/facebook/react/commits/v19.2.7/packages/react-dom\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for react-dom since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-router-dom` from 7.14.2 to 7.17.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md\"\u003ereact-router-dom's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.17.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/releases/tag/react-router@7.17.0\"\u003e\u003ccode\u003ereact-router@7.17.0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.16.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove stale/invalid \u003ccode\u003eunpkg\u003c/code\u003e field from \u003ccode\u003epackage.json\u003c/code\u003e. This was removed from other packages with the release of v7 but missed in the \u003ccode\u003ereact-router-dom\u003c/code\u003e re-export package (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15075\"\u003e#15075\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/releases/tag/react-router@7.16.0\"\u003e\u003ccode\u003ereact-router@7.16.0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.15.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/releases/tag/react-router@7.15.1\"\u003e\u003ccode\u003ereact-router@7.15.1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.15.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/releases/tag/react-router@7.15.0\"\u003e\u003ccode\u003ereact-router@7.15.0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/195a0d03c1417127ccee73853058c8521beb4fce\"\u003e\u003ccode\u003e195a0d0\u003c/code\u003e\u003c/a\u003e Release v7.17.0 (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/15145\"\u003e#15145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/8984d23f86ca7ae5655711744b77816090bda4e6\"\u003e\u003ccode\u003e8984d23\u003c/code\u003e\u003c/a\u003e Release v7.16.0 (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/15105\"\u003e#15105\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/3ed77afcde0ad9aea79f1afe5f05a700b201f289\"\u003e\u003ccode\u003e3ed77af\u003c/code\u003e\u003c/a\u003e chore: format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/e96962bc6159a2290632849b55872a3878753342\"\u003e\u003ccode\u003ee96962b\u003c/code\u003e\u003c/a\u003e fix: remove stale unpkg field from react-router-dom (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/15075\"\u003e#15075\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/587d08fca6ca61e00f44c1eda95bf6e6a9ab76ef\"\u003e\u003ccode\u003e587d08f\u003c/code\u003e\u003c/a\u003e Release v7.15.1 (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/15038\"\u003e#15038\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/97c8de79c38f107acd15f74d8295c7bf75894a5d\"\u003e\u003ccode\u003e97c8de7\u003c/code\u003e\u003c/a\u003e Release v7.15.0 (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/15018\"\u003e#15018\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/remix-run/react-router/commits/react-router-dom@7.17.0/packages/react-router-dom\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@playwright/test` from 1.59.1 to 1.60.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/microsoft/playwright/releases\"\u003e@​playwright/test's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.60.0\u003c/h2\u003e\n\u003ch2\u003e🌐 HAR recording on Tracing\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://playwright.dev/docs/api/class-tracing#tracing-start-har\"\u003etracing.startHar()\u003c/a\u003e / \u003ca href=\"https://playwright.dev/docs/api/class-tracing#tracing-stop-har\"\u003etracing.stopHar()\u003c/a\u003e expose HAR recording as a first-class tracing API, with the same \u003ccode\u003econtent\u003c/code\u003e, \u003ccode\u003emode\u003c/code\u003e and \u003ccode\u003eurlFilter\u003c/code\u003e options as \u003ccode\u003erecordHar\u003c/code\u003e. The returned \u003ca href=\"https://playwright.dev/docs/api/class-disposable\"\u003eDisposable\u003c/a\u003e makes it easy to scope a recording with \u003ccode\u003eawait using\u003c/code\u003e:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait using har = await context.tracing.startHar('trace.har');\r\nconst page = await context.newPage();\r\nawait page.goto('https://playwright.dev');\r\n// HAR is finalized when `har` goes out of scope.\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003e🪝 Drop API\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-locator#locator-drop\"\u003elocator.drop()\u003c/a\u003e simulates an external drag-and-drop of files or clipboard-like data onto an element. Playwright dispatches \u003ccode\u003edragenter\u003c/code\u003e, \u003ccode\u003edragover\u003c/code\u003e, and \u003ccode\u003edrop\u003c/code\u003e with a synthetic [DataTransfer] in the page context — works cross-browser and is great for testing upload zones:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait page.locator('#dropzone').drop({\r\n  files: { name: 'note.txt', mimeType: 'text/plain', buffer: Buffer.from('hello') },\r\n});\r\n\u003cp\u003eawait page.locator('#dropzone').drop({\ndata: {\n'text/plain': 'hello world',\n'text/uri-list': '\u003ca href=\"https://example.com\"\u003ehttps://example.com\u003c/a\u003e',\n},\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003ch2\u003e🎯 Aria snapshots\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://playwright.dev/docs/api/class-pageassertions#page-assertions-to-match-aria-snapshot\"\u003eexpect(page).toMatchAriaSnapshot()\u003c/a\u003e now works on a \u003ca href=\"https://playwright.dev/docs/api/class-page\"\u003ePage\u003c/a\u003e, in addition to a \u003ca href=\"https://playwright.dev/docs/api/class-locator\"\u003eLocator\u003c/a\u003e — equivalent to asserting against \u003ccode\u003epage.locator('body')\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eNew \u003ccode\u003eboxes\u003c/code\u003e option on \u003ca href=\"https://playwright.dev/docs/api/class-locator#locator-aria-snapshot\"\u003elocator.ariaSnapshot()\u003c/a\u003e / \u003ca href=\"https://playwright.dev/docs/api/class-page#page-aria-snapshot\"\u003epage.ariaSnapshot()\u003c/a\u003e appends each element's bounding box as \u003ccode\u003e[box=x,y,width,height]\u003c/code\u003e, useful for AI consumption.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🛑 test.abort()\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-test#test-abort\"\u003etest.abort()\u003c/a\u003e aborts the currently running test from a fixture, hook, or route handler with an optional message. Use it when you have detected an unrecoverable misuse and want to fail the test right away:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003etest('does not publish to the shared page', async ({ page }) =\u0026gt; {\r\n  await page.route('**/publish', route =\u0026gt; {\r\n    test.abort('Tests must not publish to the shared page. Use the `clone` option.');\r\n    return route.abort();\r\n  });\r\n  // ...\r\n});\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eNew APIs\u003c/h2\u003e\n\u003ch3\u003eBrowser, Context and Page\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/87bb9ddbd78f329df18c2b24847bc9409240cd07\"\u003e\u003ccode\u003e87bb9dd\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40747\"\u003e#40747\u003c/a\u003e): fix(yauzl): vendor yauzl with destroy-lifecycle fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9a9c51cb7d1b39fab51ca288e59f8ca38fd19910\"\u003e\u003ccode\u003e9a9c51c\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40733\"\u003e#40733\u003c/a\u003e): chore(electron): revert \u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40184\"\u003e#40184\u003c/a\u003e (move Electron API to a s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/4b3b628663031bcaaeca907e337892263524634d\"\u003e\u003ccode\u003e4b3b628\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40736\"\u003e#40736\u003c/a\u003e): Revert \u0026quot;feat(electron): add timeout option to electronAp...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/f869f96bbe6607cc3b88b4ca96fd82f17b301b50\"\u003e\u003ccode\u003ef869f96\u003c/code\u003e\u003c/a\u003e chore: bump version to v1.60.0 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40714\"\u003e#40714\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/7eb6918afadfb0dd5c7e94ca9ffbddd84d8fbb39\"\u003e\u003ccode\u003e7eb6918\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40710\"\u003e#40710\u003c/a\u003e): docs: release notes v1.60\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/118d2aa6076d82840decca15d96b48611b08e392\"\u003e\u003ccode\u003e118d2aa\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40693\"\u003e#40693\u003c/a\u003e): chore(python): formdata path type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/54012f5dcc586da2e5d6cccd75f13ca367b94579\"\u003e\u003ccode\u003e54012f5\u003c/code\u003e\u003c/a\u003e chore(deps): bump ip-address and express-rate-limit (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40680\"\u003e#40680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9fa531da5677a3807d6e1dccd22c5137339a44f7\"\u003e\u003ccode\u003e9fa531d\u003c/code\u003e\u003c/a\u003e fix(screencast): unblock frame ack when an async client disconnects (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40674\"\u003e#40674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/3649db560ff943e724185784d34f7db131a11961\"\u003e\u003ccode\u003e3649db5\u003c/code\u003e\u003c/a\u003e chore(mcp): bump default extension protocol to v2 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40678\"\u003e#40678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/bb6c00957f47ba04caad7fca75d426309a2d32d4\"\u003e\u003ccode\u003ebb6c009\u003c/code\u003e\u003c/a\u003e chore(extension): mark 0.2.1 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40679\"\u003e#40679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/playwright/compare/v1.59.1...v1.60.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tailwindcss/postcss` from 4.2.4 to 4.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tailwindlabs/tailwindcss/releases\"\u003e@​tailwindcss/postcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--silent\u003c/code\u003e option to suppress output in \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20100\"\u003e#20100\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove deprecation warnings by using \u003ccode\u003eModule#registerHooks\u003c/code\u003e instead of \u003ccode\u003eModule#register\u003c/code\u003e on Node 26+ (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20028\"\u003e#20028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't crash when plugin utilities throw for unsupported values (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20052\"\u003e#20052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@apply\u003c/code\u003e to be used with CSS mixins (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19427\"\u003e#19427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003enot-*\u003c/code\u003e correctly negates \u003ccode\u003e@container\u003c/code\u003e queries, including \u003ccode\u003estyle(…)\u003c/code\u003e queries (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20059\"\u003e#20059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003edrop-shadow-*\u003c/code\u003e color utilities work with custom shadow values containing \u003ccode\u003ecalc(…)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20080\"\u003e#20080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix 'Sourcemap is likely to be incorrect' warnings when using \u003ccode\u003e@tailwindcss/vite\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20103\"\u003e#20103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/webpack\u003c/code\u003e can be installed in Rspack projects without requiring \u003ccode\u003ewebpack\u003c/code\u003e as a peer dependency (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20027\"\u003e#20027\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't suggest invalid \u003ccode\u003ecalc(…)\u003c/code\u003e expressions (e.g. \u003ccode\u003epx-[calc(1rem+0px)]\u003c/code\u003e → \u003ccode\u003epx-[calc(1rem+0)]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20127\"\u003e#20127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. \u003ccode\u003eleft-[99999px]\u003c/code\u003e → \u003ccode\u003eleft-[99999px]\u003c/code\u003e, not \u003ccode\u003eleft-24999.75\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20130\"\u003e#20130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e in \u003ccode\u003e--watch\u003c/code\u003e mode recovers when a tracked dependency is deleted and restored (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20137\"\u003e#20137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure standalone \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e binaries are ignored when scanning for class candidates (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20139\"\u003e#20139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure class candidates are extracted from Twig \u003ccode\u003eaddClass(…)\u003c/code\u003e and \u003ccode\u003eremoveClass(…)\u003c/code\u003e calls (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20198\"\u003e#20198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19588\"\u003e#19588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@variant\u003c/code\u003e to be used inside \u003ccode\u003eaddBase\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19480\"\u003e#19480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs with symlinks are preserved (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure later \u003ccode\u003e@source\u003c/code\u003e rules can re-include files excluded by earlier \u003ccode\u003e@source not\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpgrade: don't migrate empty class rules to invalid \u003ccode\u003e@utility\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20205\"\u003e#20205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure transitions between \u003ccode\u003einset-shadow-none\u003c/code\u003e and other inset shadows work correctly (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20208\"\u003e#20208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure explicitly referenced \u003ccode\u003e@source\u003c/code\u003e directories are scanned even when ignored by git (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20214\"\u003e#20214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs ending in \u003ccode\u003e**/*\u003c/code\u003e preserve dynamic path segments to avoid scanning too many files (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20217\"\u003e#20217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't fold \u003ccode\u003ecalc(…)\u003c/code\u003e divisions when the result would require high precision (e.g. \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e → \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e, not \u003ccode\u003ew-[28.571428571428573%]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20221\"\u003e#20221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eServe ESM type declarations to ESM importers of \u003ccode\u003e@tailwindcss/postcss\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20228\"\u003e#20228\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGenerate \u003ccode\u003e0\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 0)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-0\u003c/code\u003e and \u003ccode\u003eleft-0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGenerate \u003ccode\u003evar(--spacing)\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 1)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-1\u003c/code\u003e and \u003ccode\u003eleft-1\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e@container-size\u003c/code\u003e utility (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/18901\"\u003e#18901\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003escrollbar-{auto,thin,none}\u003c/code\u003e utilities for \u003ccode\u003escrollbar-width\u003c/code\u003e, and \u003ccode\u003escrollbar-thumb-*\u003c/code\u003e / \u003ccode\u003escrollbar-track-*\u003c/code\u003e color utilities for \u003ccode\u003escrollbar-color\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19981\"\u003e#19981\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20019\"\u003e#20019\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003escrollbar-gutter-*\u003c/code\u003e utilities (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20018\"\u003e#20018\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ezoom-*\u003c/code\u003e utilities (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20020\"\u003e#20020\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003etab-*\u003c/code\u003e utilities (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20022\"\u003e#20022\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow using \u003ccode\u003e@variant\u003c/code\u003e with stacked variants (e.g. \u003ccode\u003e@variant hover:focus { … }\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19996\"\u003e#19996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow using \u003ccode\u003e@variant\u003c/code\u003e with compound variants (e.g. \u003ccode\u003e@variant hover, focus { … }\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19996\"\u003e#19996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e--default(…)\u003c/code\u003e in \u003ccode\u003e--value(…)\u003c/code\u003e and \u003ccode\u003e--modifier(…)\u003c/code\u003e for functional \u003ccode\u003e@utility\u003c/code\u003e definitions (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19989\"\u003e#19989\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@plugin\u003c/code\u003e resolves package JavaScript entries instead of browser CSS entries when using \u003ccode\u003e@tailwindcss/vite\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19949\"\u003e#19949\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md\"\u003e@​tailwindcss/postcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.3.1] - 2026-06-12\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--silent\u003c/code\u003e option to suppress output in \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20100\"\u003e#20100\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove deprecation warnings by using \u003ccode\u003eModule#registerHooks\u003c/code\u003e instead of \u003ccode\u003eModule#register\u003c/code\u003e on Node 26+ (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20028\"\u003e#20028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't crash when plugin utilities throw for unsupported values (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20052\"\u003e#20052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@apply\u003c/code\u003e to be used with CSS mixins (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19427\"\u003e#19427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003enot-*\u003c/code\u003e correctly negates \u003ccode\u003e@container\u003c/code\u003e queries, including \u003ccode\u003estyle(…)\u003c/code\u003e queries (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20059\"\u003e#20059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003edrop-shadow-*\u003c/code\u003e color utilities work with custom shadow values containing \u003ccode\u003ecalc(…)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20080\"\u003e#20080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix 'Sourcemap is likely to be incorrect' warnings when using \u003ccode\u003e@tailwindcss/vite\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20103\"\u003e#20103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/webpack\u003c/code\u003e can be installed in Rspack projects without requiring \u003ccode\u003ewebpack\u003c/code\u003e as a peer dependency (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20027\"\u003e#20027\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't suggest invalid \u003ccode\u003ecalc(…)\u003c/code\u003e expressions (e.g. \u003ccode\u003epx-[calc(1rem+0px)]\u003c/code\u003e → \u003ccode\u003epx-[calc(1rem+0)]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20127\"\u003e#20127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. \u003ccode\u003eleft-[99999px]\u003c/code\u003e → \u003ccode\u003eleft-[99999px]\u003c/code\u003e, not \u003ccode\u003eleft-24999.75\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20130\"\u003e#20130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e in \u003ccode\u003e--watch\u003c/code\u003e mode recovers when a tracked dependency is deleted and restored (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20137\"\u003e#20137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure standalone \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e binaries are ignored when scanning for class candidates (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20139\"\u003e#20139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure class candidates are extracted from Twig \u003ccode\u003eaddClass(…)\u003c/code\u003e and \u003ccode\u003eremoveClass(…)\u003c/code\u003e calls (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20198\"\u003e#20198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19588\"\u003e#19588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@variant\u003c/code\u003e to be used inside \u003ccode\u003eaddBase\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19480\"\u003e#19480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs with symlinks are preserved (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure later \u003ccode\u003e@source\u003c/code\u003e rules can re-include files excluded by earlier \u003ccode\u003e@source not\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpgrade: don't migrate empty class rules to invalid \u003ccode\u003e@utility\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20205\"\u003e#20205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure transitions between \u003ccode\u003einset-shadow-none\u003c/code\u003e and other inset shadows work correctly (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20208\"\u003e#20208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure explicitly referenced \u003ccode\u003e@source\u003c/code\u003e directories are scanned even when ignored by git (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20214\"\u003e#20214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs ending in \u003ccode\u003e**/*\u003c/code\u003e preserve dynamic path segments to avoid scanning too many files (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20217\"\u003e#20217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't fold \u003ccode\u003ecalc(…)\u003c/code\u003e divisions when the result would require high precision (e.g. \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e → \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e, not \u003ccode\u003ew-[28.571428571428573%]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20221\"\u003e#20221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eServe ESM type declarations to ESM importers of \u003ccode\u003e@tailwindcss/postcss\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20228\"\u003e#20228\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGenerate \u003ccode\u003e0\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 0)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-0\u003c/code\u003e and \u003ccode\u003eleft-0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGenerate \u003ccode\u003evar(--spacing)\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 1)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-1\u003c/code\u003e and \u003ccode\u003eleft-1\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.3.0] - 2026-05-08\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e@container-size\u003c/code\u003e utility (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/18901\"\u003e#18901\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003escrollbar-{auto,thin,none}\u003c/code\u003e utilities for \u003ccode\u003escrollbar-width\u003c/code\u003e, and \u003ccode\u003escrollbar-thumb-*\u003c/code\u003e / \u003ccode\u003escrollbar-track-*\u003c/code\u003e color utilities for \u003ccode\u003escrollbar-color\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19981\"\u003e#19981\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20019\"\u003e#20019\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003escrollbar-gutter-*\u003c/code\u003e utilities (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20018\"\u003e#20018\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ezoom-*\u003c/code\u003e utilities (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20020\"\u003e#20020\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003etab-*\u003c/code\u003e utilities (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20022\"\u003e#20022\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow using \u003ccode\u003e@variant\u003c/code\u003e with stacked variants (e.g. \u003ccode\u003e@variant hover:focus { … }\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19996\"\u003e#19996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow using \u003ccode\u003e@variant\u003c/code\u003e with compound variants (e.g. \u003ccode\u003e@variant hover, focus { … }\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19996\"\u003e#19996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e--default(…)\u003c/code\u003e in \u003ccode\u003e--value(…)\u003c/code\u003e and \u003ccode\u003e--modifier(…)\u003c/code\u003e for functional \u003ccode\u003e@utility\u003c/code\u003e definitions (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19989\"\u003e#19989\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/8a14a710102cae195f6811e8578bef9477bc6be9\"\u003e\u003ccode\u003e8a14a71\u003c/code\u003e\u003c/a\u003e 4.3.1 (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20226\"\u003e#20226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/522288ca08c7ed0e7e9d3256f40fd36981d451a3\"\u003e\u003ccode\u003e522288c\u003c/code\u003e\u003c/a\u003e Serve ESM type declarations to ESM importers of \u003ccode\u003e@tailwindcss/postcss\u003c/code\u003e (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20228\"\u003e#20228\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/8dcdb66e8a58b9df621ed1a9cb59396e0ddb6dd7\"\u003e\u003ccode\u003e8dcdb66\u003c/code\u003e\u003c/a\u003e Bump dependencies (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20095\"\u003e#20095\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/588bd7371f4cae96426e1387819b7fd1d99765f9\"\u003e\u003ccode\u003e588bd73\u003c/code\u003e\u003c/a\u003e 4.3.0 (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20023\"\u003e#20023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/12eb5ae7b6026ff64c04f889b2221418d772da72\"\u003e\u003ccode\u003e12eb5ae\u003c/code\u003e\u003c/a\u003e Cleanup noisy test output (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20015\"\u003e#20015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/4255671c5f792c42808ecd6b2dec27c16e3c559e\"\u003e\u003ccode\u003e4255671\u003c/code\u003e\u003c/a\u003e Improve snapshot tests (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20013\"\u003e#20013\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/52f94c74bb491e9c3641ce322a0ef90fb3c45de6\"\u003e\u003ccode\u003e52f94c7\u003c/code\u003e\u003c/a\u003e Improve codebase quality (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/19999\"\u003e#19999\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/d194d4c3e656313421f1cfa1954db8f58eec0fcd\"\u003e\u003ccode\u003ed194d4c\u003c/code\u003e\u003c/a\u003e docs: fix various typos in comments and documentation (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/19878\"\u003e#19878\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/bfb5732b0b948d89c6803cb537bca168ec8e0a46\"\u003e\u003ccode\u003ebfb5732\u003c/code\u003e\u003c/a\u003e Fall back to the plugin \u003ccode\u003ebase\u003c/code\u003e when PostCSS has no \u003ccode\u003efrom\u003c/code\u003e option (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/19980\"\u003e#19980\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/3a890c35727fe0630c59b72dbec799d02e3c4800\"\u003e\u003ccode\u003e3a890c3\u003c/code\u003e\u003c/a\u003e Bump dependencies (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/19957\"\u003e#19957\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commits/v4.3.1/packages/@tailwindcss-postcss\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/react` from 19.2.14 to 19.2.17\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@vitejs/plugin-react` from 6.0.1 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite-plugin-react/releases\"\u003e@​vitejs/plugin-react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eplugin-react@6.0.2\u003c/h2\u003e\n\u003ch3\u003eAllow all options in reactCompilerPreset (\u003ca href=\"https://redirect.github.com/vitejs/vite-plugin-react/pull/1189\"\u003e#1189\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003eThis is a type only change. Only \u003ccode\u003ecompilationMode\u003c/code\u003e and \u003ccode\u003etarget\u003c/code\u003e options were available for \u003ccode\u003ereactCompilerPreset\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md\"\u003e@​vitejs/plugin-react's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.0.2 (2026-05-14)\u003c/h2\u003e\n\u003ch3\u003eAllow all options in reactCompilerPreset (\u003ca href=\"https://redirect.github.com/vitejs/vite-plugin-react/pull/1189\"\u003e#1189\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003eThis is a type only change. Only \u003ccode\u003ecompilationMode\u003c/code\u003e and \u003ccode\u003etarget\u003c/code\u003e options were available for \u003ccode\u003ereactCompilerPreset\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/6535b55e956b425e6650ffc2cc98fd23cca1d231\"\u003e\u003ccode\u003e6535b55\u003c/code\u003e\u003c/a\u003e release: plugin-react@6.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/bf0e43b756e3be81f8572d59727c218311f431ef\"\u003e\u003ccode\u003ebf0e43b\u003c/code\u003e\u003c/a\u003e feat(react): whitelist debugging-options (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1189\"\u003e#1189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/3bd1f08ae0b82ee0e96feb2ff265e61c6fe74b54\"\u003e\u003ccode\u003e3bd1f08\u003c/code\u003e\u003c/a\u003e feat: use carets for rolldown versions (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1216\"\u003e#1216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/2b8df67323265d1ff5ddf47b2db9ab0b9de5c688\"\u003e\u003ccode\u003e2b8df67\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1218\"\u003e#1218\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/8fa9619e1b1f51b079f4c1df6bcf076dcafc5aed\"\u003e\u003ccode\u003e8fa9619\u003c/code\u003e\u003c/a\u003e fix(deps): update react 19.2.6 (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1211\"\u003e#1211\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/a4296ad2995a8d493528b8d5450a1209de2943cb\"\u003e\u003ccode\u003ea4296ad\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1209\"\u003e#1209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/323ccd72576be636b50baa7d9ce816cc94d5991e\"\u003e\u003ccode\u003e323ccd7\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1196\"\u003e#1196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/a7506e105df00cdadc58c0aecc4512d8cfdd9765\"\u003e\u003ccode\u003ea7506e1\u003c/code\u003e\u003c/a\u003e chore(deps): update vite 8.0.10 (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1198\"\u003e#1198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/02cff2a0cf5c7e9792b1612baa380228f5e4d3c1\"\u003e\u003ccode\u003e02cff2a\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1184\"\u003e#1184\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/4b9c890cdb21078ac45a86873b24f7e8613b8526\"\u003e\u003ccode\u003e4b9c890\u003c/code\u003e\u003c/a\u003e fix(deps): update react 19.2.5 (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1181\"\u003e#1181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite-plugin-react/commits/plugin-react@6.0.2/packages/plugin-react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@vitest/coverage-v8` from 4.1.5 to 4.1.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003e@​vitest/coverage-v8's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.8\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eDisable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v4]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10450\"\u003evitest-dev/vitest#10450\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b1\"\u003e\u003c!-- raw HTML omitted --\u003e(e4067)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove orphaned Playwright route when same module is mocked via multiple ids [backport to v4]  -  by \u003ca href=\"https://github.com/toxik\"\u003e\u003ccode\u003e@​toxik\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Zelys-DFKH\"\u003e\u003ccode\u003e@​Zelys-DFKH\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10474\"\u003evitest-dev/vitest#10474\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/675b4343f\"\u003e\u003c!-- raw HTML omitted --\u003e(675b4)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.7...v4.1.8\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner\u003c/strong\u003e: Limit concurrency per task branch in addition to per leaf callbacks (backport)  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10384\"\u003evitest-dev/vitest#10384\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/4...\n\n_Description has been truncated_","html_url":"https://github.com/carlostoledo1891/aether-os/pull/38","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/carlostoledo1891%2Faether-os/issues/38","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/38/packages"},{"uuid":"4660814148","node_id":"PR_kwDOFVdqbM7mUZJj","number":1197,"state":"closed","title":"Bump the npm_and_yarn group across 1 directory with 9 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":7,"pull_request":true,"closed_at":"2026-06-14T22:18:44.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-14T22:14:11.000Z","updated_at":"2026-06-14T22:18:52.000Z","time_to_close":273,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":9,"packages":[{"name":"vue","old_version":"2.7.14","new_version":"3.0.0","repository_url":"https://github.com/vuejs/core"},{"name":"minimatch","old_version":"3.0.4","new_version":"3.1.5"},{"name":"ajv","old_version":"4.11.8","new_version":"6.15.0"},{"name":"cross-spawn","old_version":"5.1.0","new_version":"7.0.6"},{"name":"debug","old_version":"2.2.0","new_version":"4.4.3"},{"name":"fsevents","old_version":"1.2.4","new_version":"2.3.3"},{"name":"js-yaml","old_version":"3.12.0","new_version":"4.2.0"},{"name":"ms","old_version":"0.7.1","new_version":"2.1.3"},{"name":"semver","old_version":"4.3.6","new_version":"7.8.4"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /client directory: [vue](https://github.com/vuejs/core).\n\nUpdates `vue` from 2.7.14 to 3.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vuejs/core/blob/v3.0.0/CHANGELOG.md\"\u003evue's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/vuejs/vue-next/compare/v3.0.0-rc.13...v3.0.0\"\u003e3.0.0\u003c/a\u003e (2020-09-18)\u003c/h1\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/vuejs/vue-next/compare/v3.0.0-rc.12...v3.0.0-rc.13\"\u003e3.0.0-rc.13\u003c/a\u003e (2020-09-18)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ehmr:\u003c/strong\u003e make hmr working with class components (\u003ca href=\"https://redirect.github.com/vuejs/vue-next/issues/2144\"\u003e#2144\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue-next/commit/422f05e085036e23ea3632c2ce75d86181a087b8\"\u003e422f05e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ereactivity:\u003c/strong\u003e avoid length mutating array methods causing infinite updates (\u003ca href=\"https://redirect.github.com/vuejs/vue-next/issues/2138\"\u003e#2138\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue-next/commit/f316a332b055d3f448dc735365551d89041f1098\"\u003ef316a33\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue-next/issues/2137\"\u003e#2137\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esuspense:\u003c/strong\u003e should discard unmount effects of invalidated pending branch (\u003ca href=\"https://github.com/vuejs/vue-next/commit/5bfcad155b444b2f7ffaac171c1f61bc23909287\"\u003e5bfcad1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e component instance inference without props (\u003ca href=\"https://redirect.github.com/vuejs/vue-next/issues/2145\"\u003e#2145\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue-next/commit/57bdaa2220afefbde21118659c1ce2377d6b86d6\"\u003e57bdaa2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCode Refactoring\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ewatch APIs default to trigger pre-flush (\u003ca href=\"https://github.com/vuejs/vue-next/commit/49bb44756fda0a7019c69f2fa6b880d9e41125aa\"\u003e49bb447\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com//redirect.github.com/vuejs/vue-next/issues/1706/issues/issuecomment-666258948\"\u003evuejs/vue-next#1706\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eruntime-core:\u003c/strong\u003e support using inject() inside props default functions (\u003ca href=\"https://github.com/vuejs/vue-next/commit/58c31e36992d2647e5247de4904246fb2d6112ed\"\u003e58c31e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewatch:\u003c/strong\u003e support dot-delimited path in watch option (\u003ca href=\"https://github.com/vuejs/vue-next/commit/1c9a0b3e195d144ac90d22d2cc2cef6a3fd8276d\"\u003e1c9a0b3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ewatch APIs now default to use \u003ccode\u003eflush: 'pre'\u003c/code\u003e instead of\n\u003ccode\u003eflush: 'post'\u003c/code\u003e. This change affects \u003ccode\u003ewatch\u003c/code\u003e, \u003ccode\u003ewatchEffect\u003c/code\u003e, the \u003ccode\u003ewatch\u003c/code\u003e component option, and \u003ccode\u003ethis.$watch\u003c/code\u003e. See (\u003ca href=\"https://github.com/vuejs/vue-next/commit/49bb44756fda0a7019c69f2fa6b880d9e41125aa\"\u003e49bb447\u003c/a\u003e) for more details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/vuejs/vue-next/compare/v3.0.0-rc.11...v3.0.0-rc.12\"\u003e3.0.0-rc.12\u003c/a\u003e (2020-09-16)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ereactivity:\u003c/strong\u003e effect should only recursively self trigger with explicit options (\u003ca href=\"https://github.com/vuejs/vue-next/commit/3810de7d6bd0044177f043285228c2e988093883\"\u003e3810de7\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue-next/issues/2125\"\u003e#2125\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eruntime-core:\u003c/strong\u003e ensure root stable fragments inherit elements for moving (\u003ca href=\"https://github.com/vuejs/vue-next/commit/bebd44f793ccd13bfdf90c7e45eac320a340650c\"\u003ebebd44f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue-next/issues/2134\"\u003e#2134\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eruntime-core:\u003c/strong\u003e should still do full traverse of stable fragment children in dev + hmr (\u003ca href=\"https://github.com/vuejs/vue-next/commit/dd40ad8fca47af0e1f0a963be2f48c23f7457952\"\u003edd40ad8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eruntime-core/async-component:\u003c/strong\u003e fix error component when there are no error handlers (\u003ca href=\"https://github.com/vuejs/vue-next/commit/c7b4a379cf8627c79a01d61039d3e3b283477dc1\"\u003ec7b4a37\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue-next/issues/2129\"\u003e#2129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes/tsx:\u003c/strong\u003e optional props from Mixin/Extends are treated as required (\u003ca href=\"https://redirect.github.com/vuejs/vue-next/issues/2048\"\u003e#2048\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue-next/commit/89e9ab8a2a387f26a370848db0b1ffb1d0ab9549\"\u003e89e9ab8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecompiler-sfc:\u003c/strong\u003e \u003ccode\u003eadditionalData\u003c/code\u003e support for css preprocessors (\u003ca href=\"https://redirect.github.com/vuejs/vue-next/issues/2126\"\u003e#2126\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue-next/commit/066d514d757fb7e8844104210d7d04cc11598fef\"\u003e066d514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/vuejs/vue-next/compare/v3.0.0-rc.10...v3.0.0-rc.11\"\u003e3.0.0-rc.11\u003c/a\u003e (2020-09-15)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vuejs/core/commits/v3.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.0.4 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 4.11.8 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ajv-validator/ajv/releases\"\u003eajv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.12.6\u003c/h2\u003e\n\u003cp\u003eFix performance issue of \u0026quot;url\u0026quot; format.\u003c/p\u003e\n\u003ch2\u003ev6.12.5\u003c/h2\u003e\n\u003cp\u003eFix uri scheme validation (\u003ca href=\"https://github.com/ChALkeR\"\u003e\u003ccode\u003e@​ChALkeR\u003c/code\u003e\u003c/a\u003e).\nFix boolean schemas with strictKeywords option (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1270\"\u003e#1270\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003ev6.12.4\u003c/h2\u003e\n\u003cp\u003eFix: coercion of one-item arrays to scalar that should fail validation (\u003ca href=\"https://runkit.com/esp/5f3672ba2f6642001ae27411\"\u003efailing example\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003ev6.12.3\u003c/h2\u003e\n\u003cp\u003ePass schema object to processCode function\nOption for strictNumbers (\u003ca href=\"https://github.com/issacgerges\"\u003e\u003ccode\u003e@​issacgerges\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1128\"\u003e#1128\u003c/a\u003e)\nFixed vulnerability related to untrusted schemas (\u003ca href=\"https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-15366\"\u003eCVE-2020-15366\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003ev6.12.2\u003c/h2\u003e\n\u003cp\u003eRemoved post-install script\u003c/p\u003e\n\u003ch2\u003ev6.12.1\u003c/h2\u003e\n\u003cp\u003eDocs and dependency updates\u003c/p\u003e\n\u003ch2\u003ev6.12.0\u003c/h2\u003e\n\u003cp\u003eImproved hostname validation (\u003ca href=\"https://github.com/sambauers\"\u003e\u003ccode\u003e@​sambauers\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1143\"\u003e#1143\u003c/a\u003e)\nOption \u003ccode\u003ekeywords\u003c/code\u003e to add custom keywords (\u003ca href=\"https://github.com/franciscomorais\"\u003e\u003ccode\u003e@​franciscomorais\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1137\"\u003e#1137\u003c/a\u003e)\nTypes fixes (\u003ca href=\"https://github.com/boenrobot\"\u003e\u003ccode\u003e@​boenrobot\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/MattiAstedrone\"\u003e\u003ccode\u003e@​MattiAstedrone\u003c/code\u003e\u003c/a\u003e)\nDocs:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/epoberezkin/ajv#error-logging\"\u003eerror logging\u003c/a\u003e example (\u003ca href=\"https://github.com/RadiationSickness\"\u003e\u003ccode\u003e@​RadiationSickness\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTypeScript usage notes (\u003ca href=\"https://github.com/thetric\"\u003e\u003ccode\u003e@​thetric\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.11.0\u003c/h2\u003e\n\u003cp\u003eTime formats support two digit and colon-less variants of timezone offset (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1061\"\u003e#1061\u003c/a\u003e , \u003ca href=\"https://github.com/cjpillsbury\"\u003e\u003ccode\u003e@​cjpillsbury\u003c/code\u003e\u003c/a\u003e)\nDocs: RegExp related security considerations\nTests: Disabled failing typescript test\u003c/p\u003e\n\u003ch2\u003ev6.10.2\u003c/h2\u003e\n\u003cp\u003eFix: the unknown keywords were ignored with the option \u003ccode\u003estrictKeywords: true\u003c/code\u003e (instead of failing compilation) in some sub-schemas (e.g. anyOf), when the sub-schema didn't have known keywords.\u003c/p\u003e\n\u003ch2\u003ev6.10.1\u003c/h2\u003e\n\u003cp\u003eFix types\nFix addSchema (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1001\"\u003e#1001\u003c/a\u003e)\nUpdate dependencies\u003c/p\u003e\n\u003ch2\u003ev6.10.0\u003c/h2\u003e\n\u003cp\u003eOption \u003ccode\u003estrictDefaults\u003c/code\u003e to report ignored defaults (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/957\"\u003e#957\u003c/a\u003e, \u003ca href=\"https://github.com/not-an-aardvark\"\u003e\u003ccode\u003e@​not-an-aardvark\u003c/code\u003e\u003c/a\u003e)\nOption \u003ccode\u003estrictKeywords\u003c/code\u003e to report unknown keywords (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/781\"\u003e#781\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003ev6.9.0\u003c/h2\u003e\n\u003cp\u003eOpenAPI keyword \u003ccode\u003enullable\u003c/code\u003e can be any boolean (and not only \u003ccode\u003etrue\u003c/code\u003e).\nCustom keyword definition changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003edependencies\u003c/code\u003e option in  to require the presence of keywords in the same schema.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fe591439f34e24030f69df9eb8d91e6d037a3af7\"\u003e\u003ccode\u003efe59143\u003c/code\u003e\u003c/a\u003e 6.12.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/4.11.8...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 5.1.0 to 7.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.5...v7.0.6\"\u003e7.0.6\u003c/a\u003e (2024-11-18)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate cross-spawn version to 7.0.5 in package-lock.json (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003ef700743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.4...v7.0.5\"\u003e7.0.5\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix escaping bug introduced by backtracking (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e640d391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.4\"\u003e7.0.4\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e5ff3a07\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.2...v7.0.3\"\u003e7.0.3\u003c/a\u003e (2020-05-25)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edetect path key based on correct environment (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/133\"\u003e#133\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/159e7e9785e57451cba034ae51719f97135074ae\"\u003e159e7e9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.1...v7.0.2\"\u003e7.0.2\u003c/a\u003e (2020-04-04)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix worker threads in Node \u0026gt;=11.10.0 (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/132\"\u003e#132\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/6c5b4f015814a6c4f6b33230dfd1a860aedc0aaf\"\u003e6c5b4f0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.0...v7.0.1\"\u003e7.0.1\u003c/a\u003e (2019-10-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e support worker threads (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/127\"\u003e#127\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/cfd49c9\"\u003ecfd49c9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v6.0.5...v7.0.0\"\u003e7.0.0\u003c/a\u003e (2019-09-03)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003edrop support for Node.js \u0026lt; 8\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003edrop support for versions below Node.js 8 (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/125\"\u003e#125\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/16feb53\"\u003e16feb53\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/77cd97f3ca7b62c904a63a698fc4a79bf41977d0\"\u003e\u003ccode\u003e77cd97f\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/6717de49ff1e5de49622488dcb9c33fb25370c85\"\u003e\u003ccode\u003e6717de4\u003c/code\u003e\u003c/a\u003e chore: upgrade standard-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003e\u003ccode\u003ef700743\u003c/code\u003e\u003c/a\u003e fix: update cross-spawn version to 7.0.5 in package-lock.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9a7e3b2165917367f74b8365faad9873b30d7263\"\u003e\u003ccode\u003e9a7e3b2\u003c/code\u003e\u003c/a\u003e chore: fix build status badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/085268352dcbcad8064c64c5efb25268b4023184\"\u003e\u003ccode\u003e0852683\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e\u003ccode\u003e640d391\u003c/code\u003e\u003c/a\u003e fix: fix escaping bug introduced by backtracking\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/bff0c87c8b627c4e6d04ec2449e733048bebb464\"\u003e\u003ccode\u003ebff0c87\u003c/code\u003e\u003c/a\u003e chore: remove codecov\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/a7c6abc6fee79641d45b452fe6217deaa1bd0973\"\u003e\u003ccode\u003ea7c6abc\u003c/code\u003e\u003c/a\u003e chore: replace travis with github workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9b9246e0969e86656d7ccd527716bc3c18842a19\"\u003e\u003ccode\u003e9b9246e\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e\u003ccode\u003e5ff3a07\u003c/code\u003e\u003c/a\u003e fix: disable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/5.1.0...v7.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `debug` from 2.2.0 to 4.4.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/debug-js/debug/releases\"\u003edebug's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.4.3\u003c/h2\u003e\n\u003cp\u003eFunctionally identical release to \u003ccode\u003e4.4.1\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eVersion \u003ccode\u003e4.4.2\u003c/code\u003e is \u003cstrong\u003ecompromised\u003c/strong\u003e. Please see \u003ca href=\"https://redirect.github.com/debug-js/debug/issues/1005\"\u003edebug-js/debug#1005\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e4.4.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(Issue-996): replace whitespaces in namespaces string with commas globally by \u003ca href=\"https://github.com/pdahal-cx\"\u003e\u003ccode\u003e@​pdahal-cx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/debug-js/debug/pull/997\"\u003edebug-js/debug#997\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efixes \u003ca href=\"https://redirect.github.com/debug-js/debug/issues/987\"\u003e#987\u003c/a\u003e fallback to localStorage.DEBUG if debug is not defined by \u003ca href=\"https://github.com/lzilioli\"\u003e\u003ccode\u003e@​lzilioli\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/debug-js/debug/pull/988\"\u003edebug-js/debug#988\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pdahal-cx\"\u003e\u003ccode\u003e@​pdahal-cx\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/debug-js/debug/pull/997\"\u003edebug-js/debug#997\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lzilioli\"\u003e\u003ccode\u003e@​lzilioli\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/debug-js/debug/pull/988\"\u003edebug-js/debug#988\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/debug-js/debug/compare/4.4.0...4.4.1\"\u003ehttps://github.com/debug-js/debug/compare/4.4.0...4.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.4.0\u003c/h2\u003e\n\u003cp\u003eFixes (hopefully) the inefficient regex warnings in \u003ccode\u003e.enable()\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eMinor version as this is invariably going to break certain users who misuse the \u003ccode\u003e.enable()\u003c/code\u003e API and expected it to work with regexes, which was never supported nor documented. That's on you, sorry - that functionality won't be added back.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/debug-js/debug/compare/4.3.7...4.4.0\"\u003ehttps://github.com/debug-js/debug/compare/4.3.7...4.4.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade ms to version 2.1.3 by \u003ca href=\"https://github.com/realityking\"\u003e\u003ccode\u003e@​realityking\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/debug-js/debug/pull/819\"\u003edebug-js/debug#819\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/debug-js/debug/compare/4.3.6...4.3.7\"\u003ehttps://github.com/debug-js/debug/compare/4.3.6...4.3.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.3.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid using deprecated RegExp.$1 by \u003ca href=\"https://github.com/bluwy\"\u003e\u003ccode\u003e@​bluwy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/debug-js/debug/pull/969\"\u003edebug-js/debug#969\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bluwy\"\u003e\u003ccode\u003e@​bluwy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/debug-js/debug/pull/969\"\u003edebug-js/debug#969\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/debug-js/debug/compare/4.3.5...4.3.6\"\u003ehttps://github.com/debug-js/debug/compare/4.3.5...4.3.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.3.5\u003c/h2\u003e\n\u003ch1\u003ePatch\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003ecac39b1c5b018b0fe93a53a05f084eee543d17f5 Fix/debug depth (\u003ca href=\"https://redirect.github.com/debug-js/debug/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you \u003ca href=\"https://github.com/calvintwr\"\u003e\u003ccode\u003e@​calvintwr\u003c/code\u003e\u003c/a\u003e for the fix.\u003c/p\u003e\n\u003ch2\u003e4.3.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd section about configuring JS console to show debug messages by \u003ca href=\"https://github.com/gitname\"\u003e\u003ccode\u003e@​gitname\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/debug-js/debug/pull/866\"\u003edebug-js/debug#866\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace deprecated String.prototype.substr() by \u003ca href=\"https://github.com/CommanderRoot\"\u003e\u003ccode\u003e@​CommanderRoot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/debug-js/debug/pull/876\"\u003edebug-js/debug#876\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/6b2c5fbdb7d414483d9e306ef234acb4cd7ea67c\"\u003e\u003ccode\u003e6b2c5fb\u003c/code\u003e\u003c/a\u003e 4.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/33330fa8616b9b33f29f7674747be77266878ba6\"\u003e\u003ccode\u003e33330fa\u003c/code\u003e\u003c/a\u003e 4.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/98df33ed9d5215c1d801b74e6ab00969759a6839\"\u003e\u003ccode\u003e98df33e\u003c/code\u003e\u003c/a\u003e remove istanbul\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/bf2f574c3e588ce4b660bf4e392e7a5e788640c0\"\u003e\u003ccode\u003ebf2f574\u003c/code\u003e\u003c/a\u003e fixes \u003ca href=\"https://redirect.github.com/debug-js/debug/issues/987\"\u003e#987\u003c/a\u003e fallback to localStorage.DEBUG if debug is not defined (\u003ca href=\"https://redirect.github.com/debug-js/debug/issues/988\"\u003e#988\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/a0497bd46dacb701437f62cfc065dc72bf0952c7\"\u003e\u003ccode\u003ea0497bd\u003c/code\u003e\u003c/a\u003e Replace whitespaces in namespaces string with commas globally instead of just...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/7e3814cc603bf64fdd69e714e0cf5611ec31f43b\"\u003e\u003ccode\u003e7e3814c\u003c/code\u003e\u003c/a\u003e 4.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/d2d6bf0bab3a0eeeb3a9ce7113cb0a31d8da678f\"\u003e\u003ccode\u003ed2d6bf0\u003c/code\u003e\u003c/a\u003e fix inefficient .enable() regex and .enabled() test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/bc60914816e5e45a5fff1cd638410438fc317521\"\u003e\u003ccode\u003ebc60914\u003c/code\u003e\u003c/a\u003e 4.3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/c63e96e6495cdb8e15d2affa8dad105c48a21c92\"\u003e\u003ccode\u003ec63e96e\u003c/code\u003e\u003c/a\u003e Upgrade ms to version 2.1.3 (\u003ca href=\"https://redirect.github.com/debug-js/debug/issues/819\"\u003e#819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/382864a45a782a84b29e457211c27704df77a75f\"\u003e\u003ccode\u003e382864a\u003c/code\u003e\u003c/a\u003e remove archaic badges from readme\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/debug-js/debug/compare/2.2.0...4.4.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~qix\"\u003eqix\u003c/a\u003e, a new releaser for debug since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fsevents` from 1.2.4 to 2.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fsevents/fsevents/releases\"\u003efsevents's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease v2.3.3\u003c/h2\u003e\n\u003cp\u003eReleased to npm as v2.3.3\u003c/p\u003e\n\u003ch2\u003eRelease v2.3.2\u003c/h2\u003e\n\u003cp\u003eReleased to npm as v2.3.2\u003c/p\u003e\n\u003ch2\u003eRelease v2.3.1\u003c/h2\u003e\n\u003cp\u003eReleased to npm as v2.3.1\u003c/p\u003e\n\u003cp\u003eRelease contains universal binary for x86 \u0026amp; amd64 (m1) chips\u003c/p\u003e\n\u003ch2\u003eRelease v2.2.2\u003c/h2\u003e\n\u003cp\u003eReleased to npm as v2.2.2\u003c/p\u003e\n\u003cp\u003eUniversal Binary Support x86-64 \u0026amp; amd64(m1)\u003c/p\u003e\n\u003ch2\u003eRelease v2.2.0\u003c/h2\u003e\n\u003cp\u003eElectron Enabled (no static functions/variables)\u003c/p\u003e\n\u003ch2\u003eRelease v1.2.3\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eRelease v2.1.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003e2.1.0\u003c/h2\u003e\n\u003cp\u003eLatest stable release\u003c/p\u003e\n\u003ch2\u003eRelease NAPI v2.0.6\u003c/h2\u003e\n\u003cp\u003eInclude essential files only.\u003c/p\u003e\n\u003ch2\u003eRelease NAPI v2.0.5\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eRelease NAPI v2.0.4\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eRelease NAPI v2.0.3\u003c/h2\u003e\n\u003cp\u003eMoved NAPI version out of experimental.\u003c/p\u003e\n\u003ch2\u003eNAPI release\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003edeprecated\u003c/h2\u003e\n\u003cp\u003eFixing the API for chokidar since it was calling FSEvents as a constructor\u003c/p\u003e\n\u003ch2\u003edeprecated\u003c/h2\u003e\n\u003cp\u003eWe have upgraded to N-API. For that reason we have also dropped support for node \u0026lt; 6.\u003c/p\u003e\n\u003cp\u003eFor that reason, we have made this a major version bump so dependents have to opt in. The actual API remains entirely the same, so if you are depending on \u003cem\u003efsevents\u003c/em\u003e, it should be as simple as changing the version number in your \u003ccode\u003epackage.json\u003c/code\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fsevents/fsevents/commit/2db891e51aa0f2975c5eaaf6aa30f13d720a830a\"\u003e\u003ccode\u003e2db891e\u003c/code\u003e\u003c/a\u003e Release v2.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fsevents/fsevents/commit/8ec87bf026f476d7f8c1c84ec2400bc4a9834378\"\u003e\u003ccode\u003e8ec87bf\u003c/code\u003e\u003c/a\u003e Update nodejs.yml (\u003ca href=\"https://redirect.github.com/fsevents/fsevents/issues/392\"\u003e#392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fsevents/fsevents/commit/c20c3af6adfa98d8160a569be4b02180ab3af9aa\"\u003e\u003ccode\u003ec20c3af\u003c/code\u003e\u003c/a\u003e readme\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fsevents/fsevents/commit/63709df0fd91549050e2e3f38b1695f49f6387a8\"\u003e\u003ccode\u003e63709df\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/fsevents/fsevents/issues/384\"\u003e#384\u003c/a\u003e from aleksanb/subdirs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fsevents/fsevents/commit/a77340f4f96a6e02cd5bfabaaebd4e10535ee533\"\u003e\u003ccode\u003ea77340f\u003c/code\u003e\u003c/a\u003e Handle MustScanSubDirs for large projects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fsevents/fsevents/commit/66be5194c536a4a394a963ab5034696f9059fbab\"\u003e\u003ccode\u003e66be519\u003c/code\u003e\u003c/a\u003e Update README.md (\u003ca href=\"https://redirect.github.com/fsevents/fsevents/issues/371\"\u003e#371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fsevents/fsevents/commit/2f2a85852feb4dd20c74ba6e36529e712807f543\"\u003e\u003ccode\u003e2f2a858\u003c/code\u003e\u003c/a\u003e Update README.md (\u003ca href=\"https://redirect.github.com/fsevents/fsevents/issues/364\"\u003e#364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fsevents/fsevents/commit/a7f5d00939b74e141a73131468c4ce48ee0f2197\"\u003e\u003ccode\u003ea7f5d00\u003c/code\u003e\u003c/a\u003e Release v2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fsevents/fsevents/commit/fab136ace9f7f7a7a7856c2d684956aeac938856\"\u003e\u003ccode\u003efab136a\u003c/code\u003e\u003c/a\u003e fix: issue \u003ca href=\"https://redirect.github.com/fsevents/fsevents/issues/355\"\u003e#355\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/fsevents/fsevents/issues/356\"\u003e#356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fsevents/fsevents/commit/328ae396700969fd8345f13cc4fb88c495517cd9\"\u003e\u003ccode\u003e328ae39\u003c/code\u003e\u003c/a\u003e Release v2.3.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fsevents/fsevents/compare/v1.2.4...v2.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003einstall\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.12.0 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.2.0] - 2026-06-01\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003edocs/safety.md\u003c/code\u003e with notes about processing untrusted YAML.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003emaxDepth\u003c/code\u003e (100) loader option. Not a problem, but gives a better\nexception instead of RangeError on stack overflow.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003emaxMergeSeqLength\u003c/code\u003e (20) loader option. Not a problem after \u003ccode\u003emerge\u003c/code\u003e fix,\nbut an additional restriction for safety.\u003c/li\u003e\n\u003cli\u003eAdded sourcemaps to \u003ccode\u003edist/\u003c/code\u003e builds.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStop resolving numbers with underscores as numeric scalars, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/627\"\u003e#627\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eSwitched dev toolchains to Vite / neostandard.\u003c/li\u003e\n\u003cli\u003eUpdated demo.\u003c/li\u003e\n\u003cli\u003eReorganized tests.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edist/\u003c/code\u003e files are no longer kept in the repository.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix parsing of properties on the first implicit block mapping key, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/62\"\u003e#62\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix trailing whitespace handling when folding flow scalar lines, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/307\"\u003e#307\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eReject top-level block scalars without content indentation, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/280\"\u003e#280\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnsure numbers survive round-trip, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/737\"\u003e#737\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix test coverage for issue \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/221\"\u003e#221\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix flow scalar trailing whitespace folding, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/307\"\u003e#307\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix digits in YAML named tag handles.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix potential DoS via quadratic complexity in merge - deduplicate repeated\nelements (makes sense for malformed files \u0026gt; 10K).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ms` from 0.7.1 to 2.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ms/releases\"\u003ems's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.1.3\u003c/h2\u003e\n\u003ch3\u003ePatches\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRename zeit to vercel: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/151\"\u003e#151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint from 4.12.1 to 4.18.2: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/122\"\u003e#122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd prettier as a dev dependency: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/135\"\u003e#135\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vercel/ms/issues/153\"\u003e#153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse GitHub Actions CI: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/154\"\u003e#154\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/getsnoopy\"\u003e\u003ccode\u003e@​getsnoopy\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003e2.1.2\u003c/h2\u003e\n\u003ch3\u003ePatches\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed negative decimals less than -10 don\u0026amp;\u003ca href=\"https://redirect.github.com/vercel/ms/issues/39\"\u003e#39\u003c/a\u003e;t work: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/111\"\u003e#111\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport error in case of Infinity: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/116\"\u003e#116\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate regexp for \u003ccode\u003e10-.5\u003c/code\u003e is invalid input: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/117\"\u003e#117\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate chat badge: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/119\"\u003e#119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/yuler\"\u003e\u003ccode\u003e@​yuler\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/7ma7X\"\u003e\u003ccode\u003e@​7ma7X\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003e2.1.1\u003c/h2\u003e\n\u003ch3\u003ePatches\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd full support for negative numbers: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/104\"\u003e#104\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/thevtm\"\u003e\u003ccode\u003e@​thevtm\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003e2.1.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u0026quot;week\u0026quot; / \u0026quot;w\u0026quot; support: a2caead13ac7f9931338a1a51ab4e36ddb505e00\u003c/li\u003e\n\u003cli\u003eFixed match regex to support negative numbers: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/96\"\u003e#96\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatches\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApplied a few text improvements: 15dc8c5b5a9e8372555400485a749ec04cc02444\u003c/li\u003e\n\u003cli\u003eFixed spelling of “millisecond” in description: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/95\"\u003e#95\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLockfile added: 2425ebdefcdd1c2b726c06f6a65c4f2dea58dee7\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/yoavmmn\"\u003e\u003ccode\u003e@​yoavmmn\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/binki\"\u003e\u003ccode\u003e@​binki\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003e2.0.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ms/commit/1c6264b795492e8fdecbc82cb8802fcfbfc08d26\"\u003e\u003ccode\u003e1c6264b\u003c/code\u003e\u003c/a\u003e 2.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ms/commit/82495ad75797223f11bd0c30427b3b5e94847e64\"\u003e\u003ccode\u003e82495ad\u003c/code\u003e\u003c/a\u003e Use GitHub Actions CI (\u003ca href=\"https://redirect.github.com/vercel/ms/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ms/commit/1a13a88f8c74604a96be3f4930fefe9765ea3613\"\u003e\u003ccode\u003e1a13a88\u003c/code\u003e\u003c/a\u003e Run prettier 2.x (\u003ca href=\"https://redirect.github.com/vercel/ms/issues/153\"\u003e#153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ms/commit/1048042000b85eb406ce0f261a39cadfc8e072a5\"\u003e\u003ccode\u003e1048042\u003c/code\u003e\u003c/a\u003e Add prettier as a dev dependency (\u003ca href=\"https://redirect.github.com/vercel/ms/issues/135\"\u003e#135\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ms/commit/f2bfb40e7a245fcfa14d787c3c9e5cc3e5884332\"\u003e\u003ccode\u003ef2bfb40\u003c/code\u003e\u003c/a\u003e Rename zeit to vercel (\u003ca href=\"https://redirect.github.com/vercel/ms/issues/151\"\u003e#151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ms/commit/adf1eb282d29fe3c405d205a3854177b86a97c1f\"\u003e\u003ccode\u003eadf1eb2\u003c/code\u003e\u003c/a\u003e Bump eslint from 4.12.1 to 4.18.2 (\u003ca href=\"https://redirect.github.com/vercel/ms/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ms/commit/7920885eb232fbe7a5efdab956d3e7c507c92ddf\"\u003e\u003ccode\u003e7920885\u003c/code\u003e\u003c/a\u003e 2.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ms/commit/199ff786421c00d0ffbb2f2ef9da52805d17fa57\"\u003e\u003ccode\u003e199ff78\u003c/code\u003e\u003c/a\u003e Update chat badge (\u003ca href=\"https://redirect.github.com/vercel/ms/issues/119\"\u003e#119\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ms/commit/d1add60365fe2340b750b1f7a254b83bea34e52d\"\u003e\u003ccode\u003ed1add60\u003c/code\u003e\u003c/a\u003e Update regexp for \u003ccode\u003e10-.5\u003c/code\u003e is invalid input (\u003ca href=\"https://redirect.github.com/vercel/ms/issues/117\"\u003e#117\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ms/commit/d95e17fd75a93708c8a3daf5bb07bf649cd5931c\"\u003e\u003ccode\u003ed95e17f\u003c/code\u003e\u003c/a\u003e Support error in case of Infinity (\u003ca href=\"https://redirect.github.com/vercel/ms/issues/116\"\u003e#116\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ms/compare/0.7.1...2.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~styfle\"\u003estyfle\u003c/a\u003e, a new releaser for ms since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `semver` from 4.3.6 to 7.8.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/releases\"\u003esemver's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.8.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.8.3...v7.8.4\"\u003e7.8.4\u003c/a\u003e (2026-06-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e583226b165edd6530502cf731eda334527af6fe\"\u003e\u003ccode\u003ee583226\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/874\"\u003e#874\u003c/a\u003e reject numeric segments after x-ranges (\u003ca href=\"https://github.com/pupuking723\"\u003e\u003ccode\u003e@​pupuking723\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.8.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.8.2...v7.8.3\"\u003e7.8.3\u003c/a\u003e (2026-06-08)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/046da7f527cc72a482b5dea8cb59392be65bf186\"\u003e\u003ccode\u003e046da7f\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/872\"\u003e#872\u003c/a\u003e align caret includePrerelease lower bounds (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/872\"\u003e#872\u003c/a\u003e) (\u003ca href=\"https://github.com/wayyoungboy\"\u003e\u003ccode\u003e@​wayyoungboy\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3485ddadb2ca0d0691392ee5ce620072e1b1e040\"\u003e\u003ccode\u003e3485dda\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/866\"\u003e#866\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 6.0.1 to 7.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/866\"\u003e#866\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.8.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.8.1...v7.8.2\"\u003e7.8.2\u003c/a\u003e (2026-06-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/bea6028694a75e840f48b288ac019e9644cfe6e8\"\u003e\u003ccode\u003ebea6028\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/870\"\u003e#870\u003c/a\u003e increment dotted prerelease identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/870\"\u003e#870\u003c/a\u003e) (\u003ca href=\"https://github.com/liuzemei\"\u003e\u003ccode\u003e@​liuzemei\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/SheldonNeo\"\u003e\u003ccode\u003e@​SheldonNeo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.8.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.8.0...v7.8.1\"\u003e7.8.1\u003c/a\u003e (2026-05-21)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/17aa702d91166472b197a2ea768f085083bee2e4\"\u003e\u003ccode\u003e17aa702\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/869\"\u003e#869\u003c/a\u003e strip build metadata before comparator trimming (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/869\"\u003e#869\u003c/a\u003e) (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5f3ca133e040210b6ea80c350a1d61d9da02e722\"\u003e\u003ccode\u003e5f3ca13\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/867\"\u003e#867\u003c/a\u003e handle prerelease bounds in subset (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/867\"\u003e#867\u003c/a\u003e) (\u003ca href=\"https://github.com/puneetdixit200\"\u003e\u003ccode\u003e@​puneetdixit200\u003c/code\u003e\u003c/a\u003e, Puneet Dixit)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.8.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.4...v7.8.0\"\u003e7.8.0\u003c/a\u003e (2026-05-08)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/855\"\u003e#855\u003c/a\u003e Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e) (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/859\"\u003e#859\u003c/a\u003e Warn when defaulting to --inc=patch in CLI (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/853\"\u003e#853\u003c/a\u003e fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e) (\u003ca href=\"https://github.com/ankitkumar572005\"\u003e\u003ccode\u003e@​ankitkumar572005\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/846\"\u003e#846\u003c/a\u003e fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e) (\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e template-oss-apply (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e \u003ccode\u003etemplate-oss-apply@5.0.0\u003c/code\u003e (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/852\"\u003e#852\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/blob/main/CHANGELOG.md\"\u003esemver's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.8.3...v7.8.4\"\u003e7.8.4\u003c/a\u003e (2026-06-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e583226b165edd6530502cf731eda334527af6fe\"\u003e\u003ccode\u003ee583226\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/874\"\u003e#874\u003c/a\u003e reject numeric segments after x-ranges (\u003ca href=\"https://github.com/pupuking723\"\u003e\u003ccode\u003e@​pupuking723\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.8.2...v7.8.3\"\u003e7.8.3\u003c/a\u003e (2026-06-08)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/046da7f527cc72a482b5dea8cb59392be65bf186\"\u003e\u003ccode\u003e046da7f\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/872\"\u003e#872\u003c/a\u003e align caret includePrerelease lower bounds (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/872\"\u003e#872\u003c/a\u003e) (\u003ca href=\"https://github.com/wayyoungboy\"\u003e\u003ccode\u003e@​wayyoungboy\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3485ddadb2ca0d0691392ee5ce620072e1b1e040\"\u003e\u003ccode\u003e3485dda\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/866\"\u003e#866\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 6.0.1 to 7.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/866\"\u003e#866\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.8.1...v7.8.2\"\u003e7.8.2\u003c/a\u003e (2026-06-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/bea6028694a75e840f48b288ac019e9644cfe6e8\"\u003e\u003ccode\u003ebea6028\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/870\"\u003e#870\u003c/a\u003e increment dotted prerelease identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/870\"\u003e#870\u003c/a\u003e) (\u003ca href=\"https://github.com/liuzemei\"\u003e\u003ccode\u003e@​liuzemei\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/SheldonNeo\"\u003e\u003ccode\u003e@​SheldonNeo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.8.0...v7.8.1\"\u003e7.8.1\u003c/a\u003e (2026-05-21)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/17aa702d91166472b197a2ea768f085083bee2e4\"\u003e\u003ccode\u003e17aa702\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/869\"\u003e#869\u003c/a\u003e strip build metadata before comparator trimming (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/869\"\u003e#869\u003c/a\u003e) (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5f3ca133e040210b6ea80c350a1d61d9da02e722\"\u003e\u003ccode\u003e5f3ca13\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/867\"\u003e#867\u003c/a\u003e handle prerelease bounds in subset (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/867\"\u003e#867\u003c/a\u003e) (\u003ca href=\"https://github.com/puneetdixit200\"\u003e\u003ccode\u003e@​puneetdixit200\u003c/code\u003e\u003c/a\u003e, Puneet Dixit)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.4...v7.8.0\"\u003e7.8.0\u003c/a\u003e (2026-05-08)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/855\"\u003e#855\u003c/a\u003e Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e) (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/859\"\u003e#859\u003c/a\u003e Warn when defaulting to --inc=patch in CLI (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/853\"\u003e#853\u003c/a\u003e fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e) (\u003ca href=\"https://github.com/ankitkumar572005\"\u003e\u003ccode\u003e@​ankitkumar572005\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/846\"\u003e#846\u003c/a\u003e fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e) (\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e template-oss-apply (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e \u003ccode\u003etemplate-oss-apply@5.0.0\u003c/code\u003e (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/852\"\u003e#852\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3\"\u003e7.7.3\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e37e0ca0b5fc910d2b1948d25dbc83cc3a0921ea\"\u003e\u003ccode\u003ee37e0ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/813\"\u003e#813\u003c/a\u003e faster paths for compare (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/813\"\u003e#813\u003c/a\u003e) (\u003ca href=\"https://github.com/H4ad\"\u003e\u003ccode\u003e@​H4ad\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2471d7543e2e63d9d95358e2405e7e1cde926c36\"\u003e\u003ccode\u003e2471d75\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/811\"\u003e#811\u003c/a\u003e x-range build metadata support (i529015)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8f05c87f56a4123259b8c6d9324f53eadb02e48f\"\u003e\u003ccode\u003e8f05c87\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/807\"\u003e#807\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.25.0 to 4.25.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8640bd68f1653e504b53e9be4030eccdfe4c307a\"\u003e\u003ccode\u003e8640bd6\u003c/code\u003e\u003c/a\u003e chore: release 7.8.4 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/875\"\u003e#875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e583226b165edd6530502cf731eda334527af6fe\"\u003e\u003ccode\u003ee583226\u003c/code\u003e\u003c/a\u003e fix: reject numeric segments after x-ranges\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6b77aa84a648a4b54ea32a21e6db60ebd54d5040\"\u003e\u003ccode\u003e6b77aa8\u003c/code\u003e\u003c/a\u003e chore: release 7.8.3 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/873\"\u003e#873\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3485ddadb2ca0d0691392ee5ce620072e1b1e040\"\u003e\u003ccode\u003e3485dda\u003c/code\u003e\u003c/a\u003e chore: bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 6.0.1 to 7.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/866\"\u003e#866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/046da7f527cc72a482b5dea8cb59392be65bf186\"\u003e\u003ccode\u003e046da7f\u003c/code\u003e\u003c/a\u003e fix: align caret includePrerelease lower bounds (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/872\"\u003e#872\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/efafcf8d029faa3d1ab74b5ec98d620112af859d\"\u003e\u003ccode\u003eefafcf8\u003c/code\u003e\u003c/a\u003e chore: release 7.8.2 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/871\"\u003e#871\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/bea6028694a75e840f48b288ac019e9644cfe6e8\"\u003e\u003ccode\u003ebea6028\u003c/code\u003e\u003c/a\u003e fix: increment dotted prerelease identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/870\"\u003e#870\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/76416081a8413383cf6e24c82cafa438bd076d41\"\u003e\u003ccode\u003e7641608\u003c/code\u003e\u003c/a\u003e chore: release 7.8.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/868\"\u003e#868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/17aa702d91166472b197a2ea768f085083bee2e4\"\u003e\u003ccode\u003e17aa702\u003c/code\u003e\u003c/a\u003e fix: strip build metadata before comparator trimming (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/869\"\u003e#869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5f3ca133e040210b6ea80c350a1d61d9da02e722\"\u003e\u003ccode\u003e5f3ca13\u003c/code\u003e\u003c/a\u003e fix: handle prerelease bounds in subset (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/867\"\u003e#867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/npm/node-semver/compare/v4.3.6...v7.8.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for semver since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/dreamteamprod/DigiScript/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/dreamteamprod/DigiScript/pull/1197","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dreamteamprod%2FDigiScript/issues/1197","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1197/packages"},{"uuid":"4658463387","node_id":"PR_kwDOR6Hr587mNNTI","number":5,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 7 directories with 22 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-14T08:37:40.000Z","updated_at":"2026-06-14T08:38:56.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":22,"packages":[{"name":"@modelcontextprotocol/sdk","old_version":"1.18.0","new_version":"1.26.0","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"vitest","old_version":"3.2.4","new_version":"3.2.6","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"smol-toml","old_version":"1.4.2","new_version":"1.6.1","repository_url":"https://github.com/squirrelchat/smol-toml"},{"name":"uuid","old_version":"13.0.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"ws","old_version":"8.18.3","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"@anthropic-ai/claude-code","old_version":"1.0.128","new_version":"2.1.84","repository_url":"https://github.com/anthropics/claude-code"},{"name":"esbuild","old_version":"0.25.9","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"},{"name":"@hono/node-server","old_version":"1.19.2","new_version":"1.19.13","repository_url":"https://github.com/honojs/node-server"},{"name":"hono","old_version":"4.9.7","new_version":"4.12.21","repository_url":"https://github.com/honojs/hono"},{"name":"@react-router/node","old_version":"7.9.1","new_version":"7.9.4","repository_url":"https://github.com/remix-run/react-router"},{"name":"react-router","old_version":"7.9.1","new_version":"7.15.0","repository_url":"https://github.com/remix-run/react-router"},{"name":"vite","old_version":"6.3.6","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"undici","old_version":"6.21.3","new_version":"6.24.0","repository_url":"https://github.com/nodejs/undici"},{"name":"minimatch","old_version":"10.0.3","new_version":"10.2.3","repository_url":"https://github.com/isaacs/minimatch"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"ip-address","old_version":"10.0.1","new_version":"10.2.0","repository_url":"https://github.com/beaugunderson/ip-address"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"rollup","old_version":"4.50.1","new_version":"4.62.0","repository_url":"https://github.com/rollup/rollup"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.16","repository_url":"https://github.com/isaacs/node-tar"},{"name":"yaml","old_version":"2.8.1","new_version":"2.9.0","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 22 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.18.0` | `1.26.0` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `3.2.4` | `3.2.6` |\n| [smol-toml](https://github.com/squirrelchat/smol-toml) | `1.4.2` | `1.6.1` |\n| [uuid](https://github.com/uuidjs/uuid) | `13.0.0` | `14.0.0` |\n| [ws](https://github.com/websockets/ws) | `8.18.3` | `8.20.1` |\n| [@anthropic-ai/claude-code](https://github.com/anthropics/claude-code) | `1.0.128` | `2.1.84` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.25.9` | `0.28.1` |\n| [@hono/node-server](https://github.com/honojs/node-server) | `1.19.2` | `1.19.13` |\n| [hono](https://github.com/honojs/hono) | `4.9.7` | `4.12.21` |\n| [@react-router/node](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node) | `7.9.1` | `7.9.4` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `7.9.1` | `7.15.0` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.3.6` | `6.4.2` |\n| [undici](https://github.com/nodejs/undici) | `6.21.3` | `6.24.0` |\n| [minimatch](https://github.com/isaacs/minimatch) | `10.0.3` | `10.2.3` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [ip-address](https://github.com/beaugunderson/ip-address) | `10.0.1` | `10.2.0` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [rollup](https://github.com/rollup/rollup) | `4.50.1` | `4.62.0` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.16` |\n| [yaml](https://github.com/eemeli/yaml) | `2.8.1` | `2.9.0` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/commands/js-debugger directory: [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 1 update in the /packages/commands/npm-lookup directory: [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 1 update in the /packages/commands/ts-validate directory: [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 1 update in the /packages/commands/vitest directory: [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 3 updates in the /packages/mcp directory: [uuid](https://github.com/uuidjs/uuid), [@anthropic-ai/claude-code](https://github.com/anthropics/claude-code) and [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 1 update in the /packages/server directory: [esbuild](https://github.com/evanw/esbuild).\n\nUpdates `@modelcontextprotocol/sdk` from 1.18.0 to 1.26.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e@​modelcontextprotocol/sdk's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.26.0\u003c/h2\u003e\n\u003cp\u003eAddresses \u0026quot;Sharing server/transport instances can leak cross-client response data\u0026quot; in this GHSA \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: bump v1.25.3 for backport fixes by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1412\"\u003emodelcontextprotocol/typescript-sdk#1412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by \u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) by \u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.26.0 by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1479\"\u003emodelcontextprotocol/typescript-sdk#1479\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v1.x backport] Use correct schema for client sampling validation when tools are present by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1407\"\u003emodelcontextprotocol/typescript-sdk#1407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent Hono from overriding global Response object (v1.x) by \u003ca href=\"https://github.com/mattzcarey\"\u003e\u003ccode\u003e@​mattzcarey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1411\"\u003emodelcontextprotocol/typescript-sdk#1411\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: trigger workflow on v1.x branch by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1319\"\u003emodelcontextprotocol/typescript-sdk#1319\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: README badges links destinations by \u003ca href=\"https://github.com/antonpk1\"\u003e\u003ccode\u003e@​antonpk1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/907\"\u003emodelcontextprotocol/typescript-sdk#907\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent ReDoS in UriTemplate regex patterns (v1.x backport) by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1365\"\u003emodelcontextprotocol/typescript-sdk#1365\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/antonpk1\"\u003e\u003ccode\u003e@​antonpk1\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/907\"\u003emodelcontextprotocol/typescript-sdk#907\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.1...v1.25.2\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.1...v1.25.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.25.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003espec types - backwards compatibility changes by \u003ca href=\"https://github.com/KKonstantinov\"\u003e\u003ccode\u003e@​KKonstantinov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1306\"\u003emodelcontextprotocol/typescript-sdk#1306\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version for patch fix by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1307\"\u003emodelcontextprotocol/typescript-sdk#1307\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.0...1.25.1\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.0...1.25.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.25.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003elist changed handlers on client constructor by \u003ca href=\"https://github.com/mattzcarey\"\u003e\u003ccode\u003e@​mattzcarey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1206\"\u003emodelcontextprotocol/typescript-sdk#1206\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRole - moved from inline to reusable type by \u003ca href=\"https://github.com/KKonstantinov\"\u003e\u003ccode\u003e@​KKonstantinov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1221\"\u003emodelcontextprotocol/typescript-sdk#1221\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: use versioned npm tag for non-main branch releases by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1236\"\u003emodelcontextprotocol/typescript-sdk#1236\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNo automatic completion support unless needed - Revisited yet again by \u003ca href=\"https://github.com/cliffhall\"\u003e\u003ccode\u003e@​cliffhall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1237\"\u003emodelcontextprotocol/typescript-sdk#1237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Support updating output schema by \u003ca href=\"https://github.com/vincent0426\"\u003e\u003ccode\u003e@​vincent0426\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1048\"\u003emodelcontextprotocol/typescript-sdk#1048\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/fe9c07b465871394c7069207c86513df9c1194a4\"\u003e\u003ccode\u003efe9c07b\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.26.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1479\"\u003e#1479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/4f01e7e0708e1a85ccc7dbf39e850005f2d9ff03\"\u003e\u003ccode\u003e4f01e7e\u003c/code\u003e\u003c/a\u003e fix: add non-null assertions for optional setupServer fields in stateful test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/a05be176cabeae1f933b676e3ce024bf02e2314d\"\u003e\u003ccode\u003ea05be17\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/50d9fa3cd12e807e7963bcb9e1548786d3d5d941\"\u003e\u003ccode\u003e50d9fa3\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1442\"\u003e#1442\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/aa81a66556fb4434d8a6d1b70f7ac9fc40b5d325\"\u003e\u003ccode\u003eaa81a66\u003c/code\u003e\u003c/a\u003e fix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x back...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/6aba0659654e1ff0699844524595922a61e44cb9\"\u003e\u003ccode\u003e6aba065\u003c/code\u003e\u003c/a\u003e chore: bump v1.25.3 for backport fixes (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1412\"\u003e#1412\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/6e8f7e1a43a819ae230373c62b82228dafd892c6\"\u003e\u003ccode\u003e6e8f7e1\u003c/code\u003e\u003c/a\u003e fix: prevent Hono from overriding global Response object (v1.x) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1411\"\u003e#1411\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/12ae856cee6ca58499cce24e80f650e78a0c7610\"\u003e\u003ccode\u003e12ae856\u003c/code\u003e\u003c/a\u003e [v1.x backport] Use correct schema for client sampling validation when tools ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/b392f02ffcf37c088dbd114fedf25026ec3913d3\"\u003e\u003ccode\u003eb392f02\u003c/code\u003e\u003c/a\u003e fix: prevent ReDoS in UriTemplate regex patterns (v1.x backport) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1365\"\u003e#1365\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/a0c9b13484748acab9e5dc8317a7e89c06b52e37\"\u003e\u003ccode\u003ea0c9b13\u003c/code\u003e\u003c/a\u003e fix: README badges links destinations (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/907\"\u003e#907\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.18.0...v1.26.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~pcarleton\"\u003epcarleton\u003c/a\u003e, a new releaser for \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 3.2.4 to 3.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.6\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePin last supported vite-node version  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/16f120d05\"\u003e\u003c!-- raw HTML omitted --\u003e(16f12)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.5...v3.2.6\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev3.2.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Add \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e [backport to v3]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10445\"\u003evitest-dev/vitest#10445\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/af88b1f5d\"\u003e\u003c!-- raw HTML omitted --\u003e(af88b)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v3]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10456\"\u003evitest-dev/vitest#10456\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/385a1aefd\"\u003e\u003c!-- raw HTML omitted --\u003e(385a1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.4...v3.2.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/b6d56f8171ae814ee7571df63a35a0da5203dbaa\"\u003e\u003ccode\u003eb6d56f8\u003c/code\u003e\u003c/a\u003e chore: release v3.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/16f120d0585677f6a32bcb3dd01fa61c140e2588\"\u003e\u003ccode\u003e16f120d\u003c/code\u003e\u003c/a\u003e fix: pin last supported vite-node version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/2cbad0a923c48c6144266df3cd25f93547cb5221\"\u003e\u003ccode\u003e2cbad0a\u003c/code\u003e\u003c/a\u003e chore: release v3.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/385a1aefd4c2bfa5e7d58bf7c6834c929969f2c7\"\u003e\u003ccode\u003e385a1ae\u003c/code\u003e\u003c/a\u003e fix(browser): disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/af88b1f5d82844a4761ea9a977156c98e2b14ca8\"\u003e\u003ccode\u003eaf88b1f\u003c/code\u003e\u003c/a\u003e feat(api): add \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e [backport to v3]...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v3.2.6/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for vitest since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `smol-toml` from 1.4.2 to 1.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/squirrelchat/smol-toml/releases\"\u003esmol-toml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.6.1\u003c/h2\u003e\n\u003cp\u003eThis release addresses a minor security vulnerability where an attacker-controlled TOML document can exploit an unrestricted recustion and cause a stack overflow error with a document that contains thousands of sucessive commented lines. Security advisory: \u003ca href=\"https://github.com/advisories/GHSA-v3rj-xjv7-4jmq\"\u003eGHSA-v3rj-xjv7-4jmq\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.6.0\u003c/h2\u003e\n\u003cp\u003eAs of this version, smol-toml now supports the newly released TOML 1.1.0 specification!\u003c/p\u003e\n\u003ch2\u003eHighlights\u003c/h2\u003e\n\u003ch3\u003eMultiline inline tables\u003c/h3\u003e\n\u003cp\u003eTOML 1.1.0 now allows inline tables to have newlines, as well as trailing commas.\u003c/p\u003e\n\u003cpre lang=\"toml\"\u003e\u003ccode\u003edatabase = {\r\n  driver = \u0026quot;postgresql\u0026quot;,\r\n  server = {\r\n    host = \u0026quot;127.0.0.1\u0026quot;,\r\n    port = 3307,\r\n  },\r\n}\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eOmitting seconds in datetime and time\u003c/h3\u003e\n\u003cp\u003eTOML 1.1.0 renders the seconds component of time elements optional.\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003edatetime-tz = 1979-05-27 07:32Z\r\ndatetime = 2001-09-21 10:17\r\ntime = 13:37\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eNew string escapes\u003c/h3\u003e\n\u003cp\u003eStrings now support 2 additional escape sequences:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e\\xHH\u003c/code\u003e for code points between 0 and 255\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e\\e\u003c/code\u003e for the escape character (\u003ccode\u003eU+001B\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: toml 1.1 support by \u003ca href=\"https://github.com/cyyynthia\"\u003e\u003ccode\u003e@​cyyynthia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/squirrelchat/smol-toml/pull/49\"\u003esquirrelchat/smol-toml#49\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/squirrelchat/smol-toml/compare/v1.5.2...v1.6.0\"\u003ehttps://github.com/squirrelchat/smol-toml/compare/v1.5.2...v1.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.2\u003c/h2\u003e\n\u003cp\u003eHot fix for v1.5.1... 🙃\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: properly stringify arrays of tables by \u003ca href=\"https://github.com/cyyynthia\"\u003e\u003ccode\u003e@​cyyynthia\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/squirrelchat/smol-toml/compare/v1.5.1...v1.5.2\"\u003ehttps://github.com/squirrelchat/smol-toml/compare/v1.5.1...v1.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.1\u003c/h2\u003e\n\u003cp\u003eSmol fix that makes newlines actually consistent when stringifying objects to TOML.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/072b64fd0094b1d7d3bb1a124d282828069a7aa0\"\u003e\u003ccode\u003e072b64f\u003c/code\u003e\u003c/a\u003e chore: version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/19a5dc74cb49f9fe809dd73c2b8934b4192b8393\"\u003e\u003ccode\u003e19a5dc7\u003c/code\u003e\u003c/a\u003e chore: upgrade dependencies and actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/f286f87778200504061a428b24d5e27ef5e1f360\"\u003e\u003ccode\u003ef286f87\u003c/code\u003e\u003c/a\u003e fix: don't use recursion in skipVoid\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/399c54527643c97bbd58931f452325ab32456180\"\u003e\u003ccode\u003e399c545\u003c/code\u003e\u003c/a\u003e chore: version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/06521caba8be8a7d67a7a9ed7f105134c2dce8b1\"\u003e\u003ccode\u003e06521ca\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/squirrelchat/smol-toml/issues/49\"\u003e#49\u003c/a\u003e from squirrelchat/toml-110\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/f3a68a76a4be2e4a0e9ed9add167b15591262ade\"\u003e\u003ccode\u003ef3a68a7\u003c/code\u003e\u003c/a\u003e fix: properly test \\e escape\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/9743a8645acef45711f87c0996a20051f262dbbd\"\u003e\u003ccode\u003e9743a86\u003c/code\u003e\u003c/a\u003e fix: properly run toml-test v2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/1ec5303d56b8735a2ddf15a07f2cba1c1b4aa2e2\"\u003e\u003ccode\u003e1ec5303\u003c/code\u003e\u003c/a\u003e docs: toml 1.1.0 in the readme\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/8bc0e2bc709e4c54b87db2ce534b4411e2217b63\"\u003e\u003ccode\u003e8bc0e2b\u003c/code\u003e\u003c/a\u003e chore: upgrade dependencies, actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/24618dbac52bd2ff7145b2206f24a1ef14791885\"\u003e\u003ccode\u003e24618db\u003c/code\u003e\u003c/a\u003e feat: allow omitting seconds in datetime and time values\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/squirrelchat/smol-toml/compare/v1.4.2...v1.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for smol-toml since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 13.0.0 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.18.3 to 8.20.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an uninitialized memory disclosure issue in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\n(c0327ec1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding a \u003ccode\u003eTypedArray\u003c/code\u003e (e.g. \u003ccode\u003eFloat32Array\u003c/code\u003e) as the \u003ccode\u003ereason\u003c/code\u003e argument for\n\u003ccode\u003ewebsocket.close()\u003c/code\u003e, rather than the supported string or \u003ccode\u003eBuffer\u003c/code\u003e types, caused\nuninitialized memory to be disclosed to the remote peer.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { deepStrictEqual } from 'node:assert';\r\nimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer(\n{ port: 0, skipUTF8Validation: true },\nfunction () {\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e, {\nskipUTF8Validation: true\n});\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ews.on('close', function (code, reason) {\r\n  deepStrictEqual(reason, Buffer.alloc(80));\r\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e}\n);\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.close(1000, new Float32Array(20));\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe issue was privately reported by \u003ca href=\"https://github.com/ChALkeR\"\u003eNikita Skovoroda\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e8.20.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded exports for the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and utilities for the\n\u003ccode\u003eSec-WebSocket-Extensions\u003c/code\u003e and \u003ccode\u003eSec-WebSocket-Protocol\u003c/code\u003e headers (d3503c1f).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.19.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecloseTimeout\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2308\"\u003e#2308\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eHandled a forthcoming breaking change in Node.js core (19984854).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/3ee5349a0b1580f6e1f347b59ec3371011bd8481\"\u003e\u003ccode\u003e3ee5349\u003c/code\u003e\u003c/a\u003e [api] Convert the \u003ccode\u003eisServer\u003c/code\u003e and \u003ccode\u003emaxPayload\u003c/code\u003e parameters to options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/91707b470ebd803aaa3fd1e896217740f39267d4\"\u003e\u003ccode\u003e91707b4\u003c/code\u003e\u003c/a\u003e [doc] Add missing space\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8b553192268810a83253e2a4a39ac16768e75bb3\"\u003e\u003ccode\u003e8b55319\u003c/code\u003e\u003c/a\u003e [pkg] Update eslint to version 10.0.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.18.3...8.20.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@anthropic-ai/claude-code` from 1.0.128 to 2.1.84\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/anthropics/claude-code/releases\"\u003e@​anthropic-ai/claude-code's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.84\u003c/h2\u003e\n\u003ch2\u003eWhat's changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded PowerShell tool for Windows as an opt-in preview. Learn more at \u003ca href=\"https://code.claude.com/docs/en/tools-reference#powershell-tool\"\u003ehttps://code.claude.com/docs/en/tools-reference#powershell-tool\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eANTHROPIC_DEFAULT_{OPUS,SONNET,HAIKU}_MODEL_SUPPORTS\u003c/code\u003e env vars to override effort/thinking capability detection for pinned default models for 3p (Bedrock, Vertex, Foundry), and \u003ccode\u003e_MODEL_NAME\u003c/code\u003e/\u003ccode\u003e_DESCRIPTION\u003c/code\u003e to customize the \u003ccode\u003e/model\u003c/code\u003e picker label\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eCLAUDE_STREAM_IDLE_TIMEOUT_MS\u003c/code\u003e env var to configure the streaming idle watchdog threshold (default 90s)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eTaskCreated\u003c/code\u003e hook that fires when a task is created via \u003ccode\u003eTaskCreate\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eWorktreeCreate\u003c/code\u003e hook support for \u003ccode\u003etype: \u0026quot;http\u0026quot;\u003c/code\u003e — return the created worktree path via \u003ccode\u003ehookSpecificOutput.worktreePath\u003c/code\u003e in the response JSON\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eallowedChannelPlugins\u003c/code\u003e managed setting for team/enterprise admins to define a channel plugin allowlist\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ex-client-request-id\u003c/code\u003e header to API requests for debugging timeouts\u003c/li\u003e\n\u003cli\u003eAdded idle-return prompt that nudges users returning after 75+ minutes to \u003ccode\u003e/clear\u003c/code\u003e, reducing unnecessary token re-caching on stale sessions\u003c/li\u003e\n\u003cli\u003eDeep links (\u003ccode\u003eclaude-cli://\u003c/code\u003e) now open in your preferred terminal instead of whichever terminal happens to be first in the detection list\u003c/li\u003e\n\u003cli\u003eRules and skills \u003ccode\u003epaths:\u003c/code\u003e frontmatter now accepts a YAML list of globs\u003c/li\u003e\n\u003cli\u003eMCP tool descriptions and server instructions are now capped at 2KB to prevent OpenAPI-generated servers from bloating context\u003c/li\u003e\n\u003cli\u003eMCP servers configured both locally and via claude.ai connectors are now deduplicated — the local config wins\u003c/li\u003e\n\u003cli\u003eBackground bash tasks that appear stuck on an interactive prompt now surface a notification after ~45 seconds\u003c/li\u003e\n\u003cli\u003eToken counts ≥1M now display as \u0026quot;1.5m\u0026quot; instead of \u0026quot;1512.6k\u0026quot;\u003c/li\u003e\n\u003cli\u003eGlobal system-prompt caching now works when \u003ccode\u003eToolSearch\u003c/code\u003e is enabled, including for users with MCP tools configured\u003c/li\u003e\n\u003cli\u003eFixed voice push-to-talk: holding the voice key no longer leaks characters into the text input, and transcripts now insert at the correct position\u003c/li\u003e\n\u003cli\u003eFixed up/down arrow keys being unresponsive when a footer item is focused\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCtrl+U\u003c/code\u003e (kill-to-line-start) being a no-op at line boundaries in multiline input, so repeated \u003ccode\u003eCtrl+U\u003c/code\u003e now clears across lines\u003c/li\u003e\n\u003cli\u003eFixed null-unbinding a default chord binding (e.g. \u003ccode\u003e\u0026quot;ctrl+x ctrl+k\u0026quot;: null\u003c/code\u003e) still entering chord-wait mode instead of freeing the prefix key\u003c/li\u003e\n\u003cli\u003eFixed mouse events inserting literal \u0026quot;mouse\u0026quot; text into transcript search input\u003c/li\u003e\n\u003cli\u003eFixed workflow subagents failing with API 400 when the outer session uses \u003ccode\u003e--json-schema\u003c/code\u003e and the subagent also specifies a schema\u003c/li\u003e\n\u003cli\u003eFixed missing background color behind certain emoji in user message bubbles on some terminals\u003c/li\u003e\n\u003cli\u003eFixed the \u0026quot;allow Claude to edit its own settings for this session\u0026quot; permission option not sticking for users with \u003ccode\u003eEdit(.claude)\u003c/code\u003e allow rules\u003c/li\u003e\n\u003cli\u003eFixed a hang when generating attachment snippets for large edited files\u003c/li\u003e\n\u003cli\u003eFixed MCP tool/resource cache leak on server reconnect\u003c/li\u003e\n\u003cli\u003eFixed a startup performance issue where partial clone repositories (Scalar/GVFS) triggered mass blob downloads\u003c/li\u003e\n\u003cli\u003eFixed native terminal cursor not tracking the text input caret, so IME composition (CJK input) now renders inline and screen readers can follow the input position\u003c/li\u003e\n\u003cli\u003eFixed spurious \u0026quot;Not logged in\u0026quot; errors on macOS caused by transient keychain read failures\u003c/li\u003e\n\u003cli\u003eFixed cold-start race where core tools could be deferred without their bypass active, causing Edit/Write to fail with InputValidationError on typed parameters\u003c/li\u003e\n\u003cli\u003eImproved detection for dangerous removals of Windows drive roots (\u003ccode\u003eC:\\\u003c/code\u003e, \u003ccode\u003eC:\\Windows\u003c/code\u003e, etc.)\u003c/li\u003e\n\u003cli\u003eImproved interactive startup by ~30ms by running \u003ccode\u003esetup()\u003c/code\u003e in parallel with slash command and agent loading\u003c/li\u003e\n\u003cli\u003eImproved startup for \u003ccode\u003eclaude \u0026quot;prompt\u0026quot;\u003c/code\u003e with MCP servers — the REPL now renders immediately instead of blocking until all servers connect\u003c/li\u003e\n\u003cli\u003eImproved Remote Control to show a specific reason when blocked instead of a generic \u0026quot;not yet enabled\u0026quot; message\u003c/li\u003e\n\u003cli\u003eImproved p90 prompt cache rate\u003c/li\u003e\n\u003cli\u003eReduced scroll-to-top resets in long sessions by making the message window immune to compaction and grouping changes\u003c/li\u003e\n\u003cli\u003eReduced terminal flickering when animated tool progress scrolls above the viewport\u003c/li\u003e\n\u003cli\u003eChanged issue/PR references to only become clickable links when written as \u003ccode\u003eowner/repo#123\u003c/code\u003e — bare \u003ccode\u003e[#123](https://github.com/anthropics/claude-code/issues/123)\u003c/code\u003e is no longer auto-linked\u003c/li\u003e\n\u003cli\u003eSlash commands unavailable for the current auth setup (\u003ccode\u003e/voice\u003c/code\u003e, \u003ccode\u003e/mobile\u003c/code\u003e, \u003ccode\u003e/chrome\u003c/code\u003e, \u003ccode\u003e/upgrade\u003c/code\u003e, etc.) are now hidden instead of shown\u003c/li\u003e\n\u003cli\u003e[VSCode] Added rate limit warning banner with usage percentage and reset time\u003c/li\u003e\n\u003cli\u003eStats screenshot (Ctrl+S in /stats) now works in all builds and is 16× faster\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.83\u003c/h2\u003e\n\u003ch2\u003eWhat's changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003emanaged-settings.d/\u003c/code\u003e drop-in directory alongside \u003ccode\u003emanaged-settings.json\u003c/code\u003e, letting separate teams deploy independent policy fragments that merge alphabetically\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eCwdChanged\u003c/code\u003e and \u003ccode\u003eFileChanged\u003c/code\u003e hook events for reactive environment management (e.g., direnv)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003esandbox.failIfUnavailable\u003c/code\u003e setting to exit with an error when sandbox is enabled but cannot start, instead of running unsandboxed\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/anthropics/claude-code/blob/main/CHANGELOG.md\"\u003e@​anthropic-ai/claude-code's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.1.84\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded PowerShell tool for Windows as an opt-in preview. Learn more at \u003ca href=\"https://code.claude.com/docs/en/tools-reference#powershell-tool\"\u003ehttps://code.claude.com/docs/en/tools-reference#powershell-tool\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eANTHROPIC_DEFAULT_{OPUS,SONNET,HAIKU}_MODEL_SUPPORTS\u003c/code\u003e env vars to override effort/thinking capability detection for pinned default models for 3p (Bedrock, Vertex, Foundry), and \u003ccode\u003e_MODEL_NAME\u003c/code\u003e/\u003ccode\u003e_DESCRIPTION\u003c/code\u003e to customize the \u003ccode\u003e/model\u003c/code\u003e picker label\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eCLAUDE_STREAM_IDLE_TIMEOUT_MS\u003c/code\u003e env var to configure the streaming idle watchdog threshold (default 90s)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eTaskCreated\u003c/code\u003e hook that fires when a task is created via \u003ccode\u003eTaskCreate\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eWorktreeCreate\u003c/code\u003e hook support for \u003ccode\u003etype: \u0026quot;http\u0026quot;\u003c/code\u003e — return the created worktree path via \u003ccode\u003ehookSpecificOutput.worktreePath\u003c/code\u003e in the response JSON\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eallowedChannelPlugins\u003c/code\u003e managed setting for team/enterprise admins to define a channel plugin allowlist\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ex-client-request-id\u003c/code\u003e header to API requests for debugging timeouts\u003c/li\u003e\n\u003cli\u003eAdded idle-return prompt that nudges users returning after 75+ minutes to \u003ccode\u003e/clear\u003c/code\u003e, reducing unnecessary token re-caching on stale sessions\u003c/li\u003e\n\u003cli\u003eDeep links (\u003ccode\u003eclaude-cli://\u003c/code\u003e) now open in your preferred terminal instead of whichever terminal happens to be first in the detection list\u003c/li\u003e\n\u003cli\u003eRules and skills \u003ccode\u003epaths:\u003c/code\u003e frontmatter now accepts a YAML list of globs\u003c/li\u003e\n\u003cli\u003eMCP tool descriptions and server instructions are now capped at 2KB to prevent OpenAPI-generated servers from bloating context\u003c/li\u003e\n\u003cli\u003eMCP servers configured both locally and via claude.ai connectors are now deduplicated — the local config wins\u003c/li\u003e\n\u003cli\u003eBackground bash tasks that appear stuck on an interactive prompt now surface a notification after ~45 seconds\u003c/li\u003e\n\u003cli\u003eToken counts ≥1M now display as \u0026quot;1.5m\u0026quot; instead of \u0026quot;1512.6k\u0026quot;\u003c/li\u003e\n\u003cli\u003eGlobal system-prompt caching now works when \u003ccode\u003eToolSearch\u003c/code\u003e is enabled, including for users with MCP tools configured\u003c/li\u003e\n\u003cli\u003eFixed voice push-to-talk: holding the voice key no longer leaks characters into the text input, and transcripts now insert at the correct position\u003c/li\u003e\n\u003cli\u003eFixed up/down arrow keys being unresponsive when a footer item is focused\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCtrl+U\u003c/code\u003e (kill-to-line-start) being a no-op at line boundaries in multiline input, so repeated \u003ccode\u003eCtrl+U\u003c/code\u003e now clears across lines\u003c/li\u003e\n\u003cli\u003eFixed null-unbinding a default chord binding (e.g. \u003ccode\u003e\u0026quot;ctrl+x ctrl+k\u0026quot;: null\u003c/code\u003e) still entering chord-wait mode instead of freeing the prefix key\u003c/li\u003e\n\u003cli\u003eFixed mouse events inserting literal \u0026quot;mouse\u0026quot; text into transcript search input\u003c/li\u003e\n\u003cli\u003eFixed workflow subagents failing with API 400 when the outer session uses \u003ccode\u003e--json-schema\u003c/code\u003e and the subagent also specifies a schema\u003c/li\u003e\n\u003cli\u003eFixed missing background color behind certain emoji in user message bubbles on some terminals\u003c/li\u003e\n\u003cli\u003eFixed the \u0026quot;allow Claude to edit its own settings for this session\u0026quot; permission option not sticking for users with \u003ccode\u003eEdit(.claude)\u003c/code\u003e allow rules\u003c/li\u003e\n\u003cli\u003eFixed a hang when generating attachment snippets for large edited files\u003c/li\u003e\n\u003cli\u003eFixed MCP tool/resource cache leak on server reconnect\u003c/li\u003e\n\u003cli\u003eFixed a startup performance issue where partial clone repositories (Scalar/GVFS) triggered mass blob downloads\u003c/li\u003e\n\u003cli\u003eFixed native terminal cursor not tracking the text input caret, so IME composition (CJK input) now renders inline and screen readers can follow the input position\u003c/li\u003e\n\u003cli\u003eFixed spurious \u0026quot;Not logged in\u0026quot; errors on macOS caused by transient keychain read failures\u003c/li\u003e\n\u003cli\u003eFixed cold-start race where core tools could be deferred without their bypass active, causing Edit/Write to fail with InputValidationError on typed parameters\u003c/li\u003e\n\u003cli\u003eImproved detection for dangerous removals of Windows drive roots (\u003ccode\u003eC:\\\u003c/code\u003e, \u003ccode\u003eC:\\Windows\u003c/code\u003e, etc.)\u003c/li\u003e\n\u003cli\u003eImproved interactive startup by ~30ms by running \u003ccode\u003esetup()\u003c/code\u003e in parallel with slash command and agent loading\u003c/li\u003e\n\u003cli\u003eImproved startup for \u003ccode\u003eclaude \u0026quot;prompt\u0026quot;\u003c/code\u003e with MCP servers — the REPL now renders immediately instead of blocking until all servers connect\u003c/li\u003e\n\u003cli\u003eImproved Remote Control to show a specific reason when blocked instead of a generic \u0026quot;not yet enabled\u0026quot; message\u003c/li\u003e\n\u003cli\u003eImproved p90 prompt cache rate\u003c/li\u003e\n\u003cli\u003eReduced scroll-to-top resets in long sessions by making the message window immune to compaction and grouping changes\u003c/li\u003e\n\u003cli\u003eReduced terminal flickering when animated tool progress scrolls above the viewport\u003c/li\u003e\n\u003cli\u003eChanged issue/PR references to only become clickable links when written as \u003ccode\u003eowner/repo#123\u003c/code\u003e — bare \u003ccode\u003e[#123](https://github.com/anthropics/claude-code/issues/123)\u003c/code\u003e is no longer auto-linked\u003c/li\u003e\n\u003cli\u003eSlash commands unavailable for the current auth setup (\u003ccode\u003e/voice\u003c/code\u003e, \u003ccode\u003e/mobile\u003c/code\u003e, \u003ccode\u003e/chrome\u003c/code\u003e, \u003ccode\u003e/upgrade\u003c/code\u003e, etc.) are now hidden instead of shown\u003c/li\u003e\n\u003cli\u003e[VSCode] Added rate limit warning banner with usage percentage and reset time\u003c/li\u003e\n\u003cli\u003eStats screenshot (Ctrl+S in /stats) now works in all builds and is 16× faster\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.83\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003emanaged-settings.d/\u003c/code\u003e drop-in directory alongside \u003ccode\u003emanaged-settings.json\u003c/code\u003e, letting separate teams deploy independent policy fragments that merge alphabetically\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eCwdChanged\u003c/code\u003e and \u003ccode\u003eFileChanged\u003c/code\u003e hook events for reactive environment management (e.g., direnv)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003esandbox.failIfUnavailable\u003c/code\u003e setting to exit with an error when sandbox is enabled but cannot start, instead of running unsandboxed\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003edisableDeepLinkRegistration\u003c/code\u003e setting to prevent \u003ccode\u003eclaude-cli://\u003c/code\u003e protocol handler registration\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eCLAUDE_CODE_SUBPROCESS_ENV_SCRUB=1\u003c/code\u003e to strip Anthropic and cloud provider credentials from subprocess environments (Bash tool, hooks, MCP stdio servers)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/anthropics/claude-code/commits/v2.1.84\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.25.9 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2025.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog: 2025\u003c/h1\u003e\n\u003cp\u003eThis changelog documents all esbuild versions published in the year 2025 (versions 0.25.0 through 0.27.2).\u003c/p\u003e\n\u003ch2\u003e0.27.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow import path specifiers starting with \u003ccode\u003e#/\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4361\"\u003e#4361\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously the specification for \u003ccode\u003epackage.json\u003c/code\u003e disallowed import path specifiers starting with \u003ccode\u003e#/\u003c/code\u003e, but this restriction \u003ca href=\"https://redirect.github.com/nodejs/node/pull/60864\"\u003ehas recently been relaxed\u003c/a\u003e and support for it is being added across the JavaScript ecosystem. One use case is using it for a wildcard pattern such as mapping \u003ccode\u003e#/*\u003c/code\u003e to \u003ccode\u003e./src/*\u003c/code\u003e (previously you had to use another character such as \u003ccode\u003e#_*\u003c/code\u003e instead, which was more confusing). There is some more context in \u003ca href=\"https://redirect.github.com/nodejs/node/issues/49182\"\u003enodejs/node#49182\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis change was contributed by \u003ca href=\"https://github.com/hybrist\"\u003e\u003ccode\u003e@​hybrist\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAutomatically add the \u003ccode\u003e-webkit-mask\u003c/code\u003e prefix (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4357\"\u003e#4357\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4358\"\u003e#4358\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release automatically adds the \u003ccode\u003e-webkit-\u003c/code\u003e vendor prefix for the \u003ca href=\"https://developer.mozilla.org/en-US/docs/Web/CSS/Reference/Properties/mask\"\u003e\u003ccode\u003emask\u003c/code\u003e\u003c/a\u003e CSS shorthand property:\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\nmain {\n  mask: url(x.png) center/5rem no-repeat\n}\n\u003cp\u003e/* Old output (with --target=chrome110) */\u003cbr /\u003e\nmain {\u003cbr /\u003e\nmask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e/* New output (with --target=chrome110) */\u003cbr /\u003e\nmain {\u003cbr /\u003e\n-webkit-mask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\nmask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\n}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThis change was contributed by \u003ca href=\"https://github.com/BPJEnnova\"\u003e\u003ccode\u003e@​BPJEnnova\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdditional minification of \u003ccode\u003eswitch\u003c/code\u003e statements (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4176\"\u003e#4176\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4359\"\u003e#4359\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release contains additional minification patterns for reducing \u003ccode\u003eswitch\u003c/code\u003e statements. Here is an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nswitch (x) {\n  case 0:\n    foo()\n    break\n  case 1:\n  default:\n    bar()\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.25.9...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for esbuild since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@hono/node-server` from 1.19.2 to 1.19.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/node-server/releases\"\u003e@​hono/node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.13\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an issue in Serve Static Middleware where inconsistent handling of repeated slashes (\u003ccode\u003e//\u003c/code\u003e) between the router and static file resolution could allow middleware to be bypassed. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-92pp-h63x-v22m for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.12\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: ignore claude setting by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/314\"\u003ehonojs/node-server#314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: request draining for early 413 responses by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/329\"\u003ehonojs/node-server#329\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.11\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: do not overwrite Content-Length in the fast path pattern if Content-Length already exists. by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/309\"\u003ehonojs/node-server#309\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.10...v1.19.11\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.10...v1.19.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.10\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an authorization bypass in Serve Static Middleware caused by inconsistent URL decoding (\u003ccode\u003e%2F\u003c/code\u003e handling) between the router and static file resolution. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-wc8c-qw6v-h7f6 for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.9\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(globals): Stop overwriting global.fetch by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/295\"\u003ehonojs/node-server#295\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.8...v1.19.9\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.8...v1.19.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: add guide for listening to UNIX domain socket by \u003ca href=\"https://github.com/TransparentLC\"\u003e\u003ccode\u003e@​TransparentLC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/292\"\u003ehonojs/node-server#292\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(serve-static): Use Readable.toWeb in serveStatic by \u003ca href=\"https://github.com/otya128\"\u003e\u003ccode\u003e@​otya128\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/293\"\u003ehonojs/node-server#293\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TransparentLC\"\u003e\u003ccode\u003e@​TransparentLC\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/292\"\u003ehonojs/node-server#292\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/otya128\"\u003e\u003ccode\u003e@​otya128\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/293\"\u003ehonojs/node-server#293\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.7...v1.19.8\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.7...v1.19.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Fix for hono issue 4563 - incorrect content-length after following symlink by \u003ca href=\"https://github.com/tshmieldev\"\u003e\u003ccode\u003e@​tshmieldev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/290\"\u003ehonojs/node-server#290\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/fd64e659a34ec661fd9ccda00d1b9dff88dfaf90\"\u003e\u003ccode\u003efd64e65\u003c/code\u003e\u003c/a\u003e 1.19.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/025c30f55d589ddbe6048b151d77e904f67a8cc2\"\u003e\u003ccode\u003e025c30f\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/6cdb5a724952f3df5748e435637792068ebea6d9\"\u003e\u003ccode\u003e6cdb5a7\u003c/code\u003e\u003c/a\u003e 1.19.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/70250f780ec99d2ddc0dd8275a42f8e091e06e94\"\u003e\u003ccode\u003e70250f7\u003c/code\u003e\u003c/a\u003e fix: request draining for early 413 responses (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/329\"\u003e#329\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/cfc08b330a1f2e0a2d8cc7797cde389465b5f4fb\"\u003e\u003ccode\u003ecfc08b3\u003c/code\u003e\u003c/a\u003e chore: ignore claude setting (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/ecd4d6be55117005acfd60a22d90c4818618507b\"\u003e\u003ccode\u003eecd4d6b\u003c/code\u003e\u003c/a\u003e 1.19.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/c94489955ebd855630b703022837f7fe5f925111\"\u003e\u003ccode\u003ec944899\u003c/code\u003e\u003c/a\u003e fix: do not overwrite Content-Length in the fast path pattern if Content-Leng...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/2f8ca3665f5257305603783ec9999bd1a9bec0f2\"\u003e\u003ccode\u003e2f8ca36\u003c/code\u003e\u003c/a\u003e 1.19.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/455015be1697dd89974a68b70350ea7b2d126d2e\"\u003e\u003ccode\u003e455015b\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/cc05c48d8eb34007d5d5ff3861ea554721387041\"\u003e\u003ccode\u003ecc05c48\u003c/code\u003e\u003c/a\u003e chore: add benchmark for comparing with npm and local (dev) (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/305\"\u003e#305\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.2...v1.19.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `hono` from 4.9.7 to 4.12.21\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/hono/releases\"\u003ehono's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.12.21\u003c/h2\u003e\n\u003ch2\u003eSecurity fixes\u003c/h2\u003e\n\u003cp\u003eThis release includes fixes for the following security issues:\u003c/p\u003e\n\u003ch3\u003eapp.mount() strips mount prefix using undecoded path, causing incorrect routing for percent-encoded paths\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003eapp.mount()\u003c/code\u003e. Fixes prefix stripping using the raw URL pathname instead of the decoded path, where percent-encoded characters in the mount prefix or path could cause the prefix to be removed at the wrong position, resulting in the sub-application receiving an incorrect path. GHSA-2gcr-mfcq-wcc3\u003c/p\u003e\n\u003ch3\u003eIP Restriction bypasses static deny rules for non-canonical IPv6\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/ip-restriction\u003c/code\u003e. Fixes IP address comparison using string equality, where non-canonical IPv6 representations of a denied address — such as compressed forms or hex-notation IPv4-mapped addresses — could bypass static deny rules. GHSA-xrhx-7g5j-rcj5\u003c/p\u003e\n\u003ch3\u003eCookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/cookie\u003c/code\u003e. Fixes missing validation of \u003ccode\u003esameSite\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e options against injection characters (\u003ccode\u003e;\u003c/code\u003e, \u003ccode\u003e\\r\u003c/code\u003e, \u003ccode\u003e\\n\u003c/code\u003e), where user-controlled input passed to either option could inject additional attributes into the Set-Cookie response header. GHSA-3hrh-pfw6-9m5x\u003c/p\u003e\n\u003ch3\u003eJWT middleware accepts any Authorization scheme, not only Bearer\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/jwt\u003c/code\u003e, \u003ccode\u003ehono/jwk\u003c/code\u003e. Fixes missing scheme validation in the Authorization header, where any two-part header value was accepted regardless of the scheme name, allowing non-Bearer schemes to pass JWT authentication. GHSA-f577-qrjj-4474\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eUsers who use \u003ccode\u003eapp.mount()\u003c/code\u003e, \u003ccode\u003ehono/ip-restriction\u003c/code\u003e, \u003ccode\u003ehono/cookie\u003c/code\u003e, or \u003ccode\u003ehono/jwt\u003c/code\u003e/\u003ccode\u003ehono/jwk\u003c/code\u003e are encouraged to upgrade to this version.\u003c/p\u003e\n\u003ch2\u003ev4.12.20\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(route): preserve the base path of the mounted route() app by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4942\"\u003ehonojs/hono#4942\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(jsx): widen jsx and jsxFn children to Child[] by \u003ca href=\"https://github.com/ashunar0\"\u003e\u003ccode\u003e@​ashunar0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4947\"\u003ehonojs/hono#4947\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ashunar0\"\u003e\u003ccode\u003e@​ashunar0\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4947\"\u003ehonojs/hono#4947\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.19...v4.12.20\"\u003ehttps://github.com/honojs/hono/compare/v4.12.19...v4.12.20\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.12.19\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: pin GitHub Actions to SHAs by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4932\"\u003ehonojs/hono#4932\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(serveStatic): make options parameter optional in all adapters by \u003ca href=\"https://github.com/mixelburg\"\u003e\u003ccode\u003e@​mixelburg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4934\"\u003ehonojs/hono#4934\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(cookie): return the first cookie when there are multiple cookies with the same name by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4922\"\u003ehonojs/hono#4922\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(bearer-auth): make bearerAuth generic for typed context in verifyToken by \u003ca href=\"https://github.com/justinnais\"\u003e\u003ccode\u003e@​justinnais\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4913\"\u003ehonojs/hono#4913\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(cache): key cache entries by configured vary headers by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4915\"\u003ehonojs/hono#4915\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(request): add \u003ccode\u003ebytes()\u003c/code\u003e by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4921\"\u003ehonojs/hono#4921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(stream): upgrade \u003ccode\u003e@hono/node-server\u003c/code\u003e to v2 and fix abort handling by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4940\"\u003ehonojs/hono#4940\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/justinnais\"\u003e\u003ccode\u003e@​justinnais\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4913\"\u003ehonojs/hono#4913\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.18...v4.12.19\"\u003ehttps://github.com/honojs/hono/compare/v4.12.18...v4.12.19\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/a83ddb882e0c0b8c336050dba087bb2e1b12488e\"\u003e\u003ccode\u003ea83ddb8\u003c/code\u003e\u003c/a\u003e 4.12.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/6cbb025ff87fca1a3d00d0ccca0eaf3a6385c3f1\"\u003e\u003ccode\u003e6cbb025\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/c831020fb1fa2e929d222f6c84e1abfe013e512b\"\u003e\u003ccode\u003ec831020\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/905aedbc20661e0e2fa378783a7ec44a5c3df43d\"\u003e\u003ccode\u003e905aedb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/5463db2735476959b8af67756f4e513f4fe19115\"\u003e\u003ccode\u003e5463db2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/c657a39ccc8d3194d345d9e82c8587bd25b5b6e8\"\u003e\u003ccode\u003ec657a39\u003c/code\u003e\u003c/a\u003e 4.12.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/eb2d0c238adbcee5933d0f8c15f1a65a88f50565\"\u003e\u003ccode\u003eeb2d0c2\u003c/code\u003e\u003c/a\u003e fix(jsx): widen jsx and jsxFn children to Child[] (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4947\"\u003e#4947\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/dcabbece347817ef7193439c39d28546b...\n\n_Description has been truncated_\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpgrade dependencies across the monorepo for security fixes and stability. Highlights include `@modelcontextprotocol/sdk@1.26`, `hono`/`@hono/node-server`, `esbuild@0.28`, `ws@8.20`, `uuid@14`, and web tooling updates (`react-router`, `vite`).\n\n- **Dependencies**\n  - `@modelcontextprotocol/sdk@1.26` fixes a cross-client response leak and updates auth/schema handling.\n  - `esbuild@0.28` patches dev-server path traversal and adds integrity checks.\n  - `ws@8.20.1` fixes an uninitialized memory disclosure in `websocket.close()`.\n  - `hono@4.12.21` and `@hono/node-server` include multiple security fixes; server package targets `@hono/node-server@2.x`.\n  - `uuid@14` drops Node 18 and expects a global `crypto` (requires Node 20+).\n  - Web stack bumps: `react-router` 7.15, `@react-router/node` 7.9.4, `vite` 6.4.2.\n\n- **Migration**\n  - Ensure Node 20+ in dev, CI, and production (required by `uuid@14`).\n  - After update: clean install and rebuild (e.g., `rm -rf node_modules \u0026\u0026 yarn \u0026\u0026 yarn build`) and verify server startup and streaming paths with the new `@hono/node-server`.\n\n\u003csup\u003eWritten for commit b739c6d9b91dfb42cfc480d747bb5e6072cea929. Summary will update on new commits.\u003c/sup\u003e\n\n\u003ca href=\"https://cubic.dev/pr/Prekzursil/mcp-funnel/pull/5?utm_source=github\" target=\"_blank\" rel=\"noopener noreferrer\" data-no-image-dialog=\"true\"\u003e\u003cpicture\u003e\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://www.cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://www.cubic.dev/buttons/review-in-cubic-light.svg\"\u003e\u003cimg alt=\"Review in cubic\" src=\"https://www.cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003c/picture\u003e\u003c/a\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n","html_url":"https://github.com/Prekzursil/mcp-funnel/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Prekzursil%2Fmcp-funnel/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"},{"uuid":"4658002667","node_id":"PR_kwDOQBu2287mL2Vh","number":15,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 3 directories with 25 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-14T05:12:21.000Z","updated_at":"2026-06-14T05:13:02.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":25,"packages":[{"name":"simple-git","old_version":"3.28.0","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"esbuild","old_version":"0.25.6","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"},{"name":"vitest","old_version":"3.2.4","new_version":"4.1.8","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"glob","old_version":"10.4.5","new_version":"13.0.6","repository_url":"https://github.com/isaacs/node-glob"},{"name":"glob","old_version":"11.0.3","new_version":"11.1.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"tar","old_version":"7.5.1","new_version":"7.5.16","repository_url":"https://github.com/isaacs/node-tar"},{"name":"uuid","old_version":"11.1.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"@modelcontextprotocol/sdk","old_version":"1.15.1","new_version":"1.29.0","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"diff","old_version":"7.0.0","new_version":"9.0.0","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"shell-quote","old_version":"1.8.3","new_version":"1.8.4","repository_url":"https://github.com/ljharb/shell-quote"},{"name":"undici","old_version":"7.15.0","new_version":"7.27.2","repository_url":"https://github.com/nodejs/undici"},{"name":"ajv","old_version":"8.17.1","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"fast-uri","old_version":"3.0.6","new_version":"3.1.2","repository_url":"https://github.com/fastify/fast-uri"},{"name":"picomatch","old_version":"4.0.3","new_version":"4.0.4","repository_url":"https://github.com/micromatch/picomatch"},{"name":"ws","old_version":"8.18.3","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"fast-xml-parser","old_version":"4.5.3","new_version":"5.8.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"jws","old_version":"4.0.0","new_version":"4.0.1","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"jws","old_version":"3.2.2","new_version":"3.2.3","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"tmp","old_version":"0.2.5","new_version":"0.2.7","repository_url":"https://github.com/raszi/node-tmp"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 20 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.28.0` | `3.36.0` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.25.6` | `0.28.1` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `3.2.4` | `4.1.8` |\n| [glob](https://github.com/isaacs/node-glob) | `10.4.5` | `13.0.6` |\n| [glob](https://github.com/isaacs/node-glob) | `11.0.3` | `11.1.0` |\n| [tar](https://github.com/isaacs/node-tar) | `7.5.1` | `7.5.16` |\n| [uuid](https://github.com/uuidjs/uuid) | `11.1.0` | `14.0.0` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.15.1` | `1.29.0` |\n| [diff](https://github.com/kpdecker/jsdiff) | `7.0.0` | `9.0.0` |\n| [shell-quote](https://github.com/ljharb/shell-quote) | `1.8.3` | `1.8.4` |\n| [undici](https://github.com/nodejs/undici) | `7.15.0` | `7.27.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.17.1` | `8.18.0` |\n| [fast-uri](https://github.com/fastify/fast-uri) | `3.0.6` | `3.1.2` |\n| [picomatch](https://github.com/micromatch/picomatch) | `4.0.3` | `4.0.4` |\n| [ws](https://github.com/websockets/ws) | `8.18.3` | `8.20.1` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.3` | `5.8.0` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [jws](https://github.com/brianloveswords/node-jws) | `4.0.0` | `4.0.1` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [tmp](https://github.com/raszi/node-tmp) | `0.2.5` | `0.2.7` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/core directory: [diff](https://github.com/kpdecker/jsdiff).\nBumps the npm_and_yarn group with 1 update in the /packages/vscode-ide-companion directory: [esbuild](https://github.com/evanw/esbuild).\n\nUpdates `simple-git` from 3.28.0 to 3.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/releases\"\u003esimple-git's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esimple-git@3.36.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e89a2294: Extend known exploitable configuration keys and per-task environment variables.\u003c/p\u003e\n\u003cp\u003eNote - \u003ccode\u003eParsedVulnerabilities\u003c/code\u003e from \u003ccode\u003eargv-parser\u003c/code\u003e is removed in favour of a readonly array of \u003ccode\u003eVulnerability\u003c/code\u003e to match usage in \u003ccode\u003esimple-git\u003c/code\u003e, rolled into the new \u003ccode\u003evulnerabilityCheck\u003c/code\u003e for simpler access to the identified issues.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/zebbern\"\u003e\u003ccode\u003e@​zebbern\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003ecore.fsmonitor\u003c/code\u003e.\nThanks to \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003eGIT_CONFIG_COUNT\u003c/code\u003e environment variables and \u003ccode\u003e--template\u003c/code\u003e / \u003ccode\u003emerge\u003c/code\u003e related config.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1ad57e8: Remove conflicting node:buffer import\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [89a2294]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [675570a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.35.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0cf9d8c: Improvements for mono-repo publishing pipeline\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0cf9d8c]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.35.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0de400e: Update monorepo version handling during publish\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0de400e]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.33.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea263635: Use \u003ccode\u003epathspec\u003c/code\u003e wrappers for remote and local paths when running either \u003ccode\u003egit.clone\u003c/code\u003e or \u003ccode\u003egit.mirror\u003c/code\u003e to\navoid leaving them less open for unexpected outcomes when passing unsanitised data into these tasks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ee253a0d: Enhanced \u003ccode\u003egit -c\u003c/code\u003e checks in \u003ccode\u003eunsafe\u003c/code\u003e plugin.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JohannesLks\"\u003e\u003ccode\u003e@​JohannesLks\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md\"\u003esimple-git's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.36.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e89a2294: Extend known exploitable configuration keys and per-task environment variables.\u003c/p\u003e\n\u003cp\u003eNote - \u003ccode\u003eParsedVulnerabilities\u003c/code\u003e from \u003ccode\u003eargv-parser\u003c/code\u003e is removed in favour of a readonly array of \u003ccode\u003eVulnerability\u003c/code\u003e to match usage in \u003ccode\u003esimple-git\u003c/code\u003e, rolled into the new \u003ccode\u003evulnerabilityCheck\u003c/code\u003e for simpler access to the identified issues.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/zebbern\"\u003e\u003ccode\u003e@​zebbern\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003ecore.fsmonitor\u003c/code\u003e.\nThanks to \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003eGIT_CONFIG_COUNT\u003c/code\u003e environment variables and \u003ccode\u003e--template\u003c/code\u003e / \u003ccode\u003emerge\u003c/code\u003e related config.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1ad57e8: Remove conflicting node:buffer import\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [89a2294]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [675570a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0cf9d8c: Improvements for mono-repo publishing pipeline\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0cf9d8c]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0de400e: Update monorepo version handling during publish\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0de400e]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e3d8708b: Updating publish config\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [3d8708b]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.34.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/7dc1a532a9ec92fb08c93202954be73175b07d83\"\u003e\u003ccode\u003e7dc1a53\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/76f5376bd418cb8baf5ec32757af442d47128e22\"\u003e\u003ccode\u003e76f5376\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1061\"\u003e#1061\u003c/a\u003e from Vinzent03/fix/buffer-import\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/89a2294febed5dfe737c4c735d936bb6018746a8\"\u003e\u003ccode\u003e89a2294\u003c/code\u003e\u003c/a\u003e Environment Parsing (\u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1156\"\u003e#1156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/1b91b762f047777ca6686f34ac3f7b8a543a4780\"\u003e\u003ccode\u003e1b91b76\u003c/code\u003e\u003c/a\u003e fix: remove explicit node:buffer import\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/e390685960a3461875dce89d87ab80e3143d79fe\"\u003e\u003ccode\u003ee390685\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/3c9e4b8309667d0cb4102cda770f92075fc781dd\"\u003e\u003ccode\u003e3c9e4b8\u003c/code\u003e\u003c/a\u003e Pin version of \u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/94ee21fd5a2a6182fbf0f218a5efca2057b567cd\"\u003e\u003ccode\u003e94ee21f\u003c/code\u003e\u003c/a\u003e Export \u003ccode\u003epathspec\u003c/code\u003e types through \u003ccode\u003esimple-git\u003c/code\u003e for backward compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/6d7cb5174273aa33d131172d3770cb386e795171\"\u003e\u003ccode\u003e6d7cb51\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/0de400e7b014a48113acf673b3409a95b9c87a15\"\u003e\u003ccode\u003e0de400e\u003c/code\u003e\u003c/a\u003e Switch to semver from workspace revisions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/2264722abcb637042dd4cc50d903d69e4ee14b38\"\u003e\u003ccode\u003e2264722\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/steveukx/git-js/commits/simple-git@3.36.0/simple-git\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for simple-git since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.25.6 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2025.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog: 2025\u003c/h1\u003e\n\u003cp\u003eThis changelog documents all esbuild versions published in the year 2025 (versions 0.25.0 through 0.27.2).\u003c/p\u003e\n\u003ch2\u003e0.27.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow import path specifiers starting with \u003ccode\u003e#/\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4361\"\u003e#4361\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously the specification for \u003ccode\u003epackage.json\u003c/code\u003e disallowed import path specifiers starting with \u003ccode\u003e#/\u003c/code\u003e, but this restriction \u003ca href=\"https://redirect.github.com/nodejs/node/pull/60864\"\u003ehas recently been relaxed\u003c/a\u003e and support for it is being added across the JavaScript ecosystem. One use case is using it for a wildcard pattern such as mapping \u003ccode\u003e#/*\u003c/code\u003e to \u003ccode\u003e./src/*\u003c/code\u003e (previously you had to use another character such as \u003ccode\u003e#_*\u003c/code\u003e instead, which was more confusing). There is some more context in \u003ca href=\"https://redirect.github.com/nodejs/node/issues/49182\"\u003enodejs/node#49182\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis change was contributed by \u003ca href=\"https://github.com/hybrist\"\u003e\u003ccode\u003e@​hybrist\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAutomatically add the \u003ccode\u003e-webkit-mask\u003c/code\u003e prefix (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4357\"\u003e#4357\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4358\"\u003e#4358\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release automatically adds the \u003ccode\u003e-webkit-\u003c/code\u003e vendor prefix for the \u003ca href=\"https://developer.mozilla.org/en-US/docs/Web/CSS/Reference/Properties/mask\"\u003e\u003ccode\u003emask\u003c/code\u003e\u003c/a\u003e CSS shorthand property:\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\nmain {\n  mask: url(x.png) center/5rem no-repeat\n}\n\u003cp\u003e/* Old output (with --target=chrome110) */\u003cbr /\u003e\nmain {\u003cbr /\u003e\nmask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e/* New output (with --target=chrome110) */\u003cbr /\u003e\nmain {\u003cbr /\u003e\n-webkit-mask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\nmask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\n}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThis change was contributed by \u003ca href=\"https://github.com/BPJEnnova\"\u003e\u003ccode\u003e@​BPJEnnova\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdditional minification of \u003ccode\u003eswitch\u003c/code\u003e statements (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4176\"\u003e#4176\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4359\"\u003e#4359\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release contains additional minification patterns for reducing \u003ccode\u003eswitch\u003c/code\u003e statements. Here is an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nswitch (x) {\n  case 0:\n    foo()\n    break\n  case 1:\n  default:\n    bar()\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.25.6...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for esbuild since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 3.2.4 to 4.1.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.8\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eDisable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v4]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10450\"\u003evitest-dev/vitest#10450\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b1\"\u003e\u003c!-- raw HTML omitted --\u003e(e4067)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove orphaned Playwright route when same module is mocked via multiple ids [backport to v4]  -  by \u003ca href=\"https://github.com/toxik\"\u003e\u003ccode\u003e@​toxik\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Zelys-DFKH\"\u003e\u003ccode\u003e@​Zelys-DFKH\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10474\"\u003evitest-dev/vitest#10474\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/675b4343f\"\u003e\u003c!-- raw HTML omitted --\u003e(675b4)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.7...v4.1.8\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner\u003c/strong\u003e: Limit concurrency per task branch in addition to per leaf callbacks (backport)  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10384\"\u003evitest-dev/vitest#10384\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/4f0f2a1ee\"\u003e\u003c!-- raw HTML omitted --\u003e(4f0f2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.6...v4.1.7\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Provide project reference in \u003ccode\u003eToMatchScreenshotResolvePath\u003c/code\u003e  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10138\"\u003evitest-dev/vitest#10138\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/31882607c\"\u003e\u003c!-- raw HTML omitted --\u003e(31882)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGlobal \u003ccode\u003esequence.concurrent: true\u003c/code\u003e with top-level \u003ccode\u003etest(..., { concurrent: false })\u003c/code\u003e + depreacte \u003ccode\u003esequential\u003c/code\u003e test API and options  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003eCodex\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10196\"\u003evitest-dev/vitest#10196\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/2847dfa2a\"\u003e\u003c!-- raw HTML omitted --\u003e(2847d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Simplify orchestrator otel carrier  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10285\"\u003evitest-dev/vitest#10285\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/18af98cee\"\u003e\u003c!-- raw HTML omitted --\u003e(18af9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🏎 Performance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStringify diff objects only once  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10276\"\u003evitest-dev/vitest#10276\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9f7b1528c\"\u003e\u003c!-- raw HTML omitted --\u003e(9f7b1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.5...v4.1.6\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Experimental Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Istanbul to support \u003ccode\u003einstrumenter\u003c/code\u003e option  -  by \u003ca href=\"https://github.com/BartWaardenburg\"\u003e\u003ccode\u003e@​BartWaardenburg\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10119\"\u003evitest-dev/vitest#10119\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/0e0ff41c7\"\u003e\u003c!-- raw HTML omitted --\u003e(0e0ff)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e--project negation excludes browser instances  -  by \u003ca href=\"https://github.com/felamaslen\"\u003e\u003ccode\u003e@​felamaslen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10131\"\u003evitest-dev/vitest#10131\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9423dc084\"\u003e\u003c!-- raw HTML omitted --\u003e(9423d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProject color label on html reporter  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10142\"\u003evitest-dev/vitest#10142\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/596f73986\"\u003e\u003c!-- raw HTML omitted --\u003e(596f7)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003evi.defineHelper\u003c/code\u003e called as object method  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10163\"\u003evitest-dev/vitest#10163\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/122c25b5b\"\u003e\u003c!-- raw HTML omitted --\u003e(122c2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlias \u003ccode\u003eagent\u003c/code\u003e reporter to \u003ccode\u003eminimal\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10157\"\u003evitest-dev/vitest#10157\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/663b99fe3\"\u003e\u003c!-- raw HTML omitted --\u003e(663b9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions  -  by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003esheremet-va\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedad\"\u003e\u003c!-- raw HTML omitted --\u003e(9787d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions \u0026quot;  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd\"\u003e\u003c!-- raw HTML omitted --\u003e(7dc6d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-collect\u003c/strong\u003e: Recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery  -  by \u003ca href=\"https://github.com/Yejneshwar\"\u003e\u003ccode\u003e@​Yejneshwar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10129\"\u003evitest-dev/vitest#10129\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab2\"\u003e\u003c!-- raw HTML omitted --\u003e(32546)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Descriptive error message when reports directory is removed during test run  -  by \u003ca href=\"https://github.com/DaveT1991\"\u003e\u003ccode\u003e@​DaveT1991\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10117\"\u003evitest-dev/vitest#10117\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1413382e1\"\u003e\u003c!-- raw HTML omitted --\u003e(14133)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esnapshot\u003c/strong\u003e: Increase default snapshot max output length  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10150\"\u003evitest-dev/vitest#10150\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/21e66ff63\"\u003e\u003c!-- raw HTML omitted --\u003e(21e66)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eui\u003c/strong\u003e: Fix jsx/tsx syntax highlight  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10152\"\u003evitest-dev/vitest#10152\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/f1b1f6c7b\"\u003e\u003c!-- raw HTML omitted --\u003e(f1b1f)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eweb-worker\u003c/strong\u003e: Support MessagePort objects referenced inside postMessage data  -  by \u003ca href=\"https://github.com/whitphx\"\u003e\u003ccode\u003e@​whitphx\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eClaude Opus 4.6 (1M context)\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9927\"\u003evitest-dev/vitest#9927\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10124\"\u003evitest-dev/vitest#10124\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7ad7d39af\"\u003e\u003c!-- raw HTML omitted --\u003e(7ad7d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Make test-specification options writable  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10154\"\u003evitest-dev/vitest#10154\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/6abd557b7\"\u003e\u003c!-- raw HTML omitted --\u003e(6abd5)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.4...v4.1.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e61f2dd2a0ba0a266c1c5e0334aad3799fee527f\"\u003e\u003ccode\u003ee61f2dd\u003c/code\u003e\u003c/a\u003e chore: release v4.1.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b150005fd42cf75f994300119245806b9\"\u003e\u003ccode\u003ee4067b3\u003c/code\u003e\u003c/a\u003e fix(browser): disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a09d47236e19fd3151351080c667036ca6164dc4\"\u003e\u003ccode\u003ea09d472\u003c/code\u003e\u003c/a\u003e chore: release v4.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a8fd24c1cad2320b19fcc651413c7d928423bdc1\"\u003e\u003ccode\u003ea8fd24c\u003c/code\u003e\u003c/a\u003e chore: release v4.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/18af98cee1830604d57f6a02bf28f8067cdffc06\"\u003e\u003ccode\u003e18af98c\u003c/code\u003e\u003c/a\u003e fix(browser): simplify orchestrator otel carrier (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10285\"\u003e#10285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/31882607cc67c7bf52ead13a606321ffdb06a857\"\u003e\u003ccode\u003e3188260\u003c/code\u003e\u003c/a\u003e feat(browser): provide project reference in \u003ccode\u003eToMatchScreenshotResolvePath\u003c/code\u003e (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e399846850fedf10b8228cbe46a419628998acd9\"\u003e\u003ccode\u003ee399846\u003c/code\u003e\u003c/a\u003e chore: release v4.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd9dda0fe6fee2fb6451d0611a9ecb6e7\"\u003e\u003ccode\u003e7dc6d54\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;fix: respect diff config options in soft assertions (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696\"\u003e#8696\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedade9896a6d3eeed7739177d6c583a68a7\"\u003e\u003ccode\u003e9787ded\u003c/code\u003e\u003c/a\u003e fix: respect diff config options in soft assertions (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696\"\u003e#8696\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab292c45c3ef27aa21ec7da380c307052c\"\u003e\u003ccode\u003e325463a\u003c/code\u003e\u003c/a\u003e fix(ast-collect): recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for vitest since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.4.5 to 13.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/e80cb38ae60d6cbff9e75f39032a994858994d35\"\u003e\u003ccode\u003ee80cb38\u003c/code\u003e\u003c/a\u003e 13.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/9cdbbfff75c64fb158c8842d4d0eb3e908676a41\"\u003e\u003ccode\u003e9cdbbff\u003c/code\u003e\u003c/a\u003e revert tsgo, not ready for test coverage correctness yet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/89c99ba8e276438b8e31ce878b63186e2cd375b4\"\u003e\u003ccode\u003e89c99ba\u003c/code\u003e\u003c/a\u003e use tsgo compiler\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/b7275d54f294174607f544acf07cc7ec526b7878\"\u003e\u003ccode\u003eb7275d5\u003c/code\u003e\u003c/a\u003e update deps, expand engines to include node 18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/942e360a669e0c378c0abd261e7d329ca2cee661\"\u003e\u003ccode\u003e942e360\u003c/code\u003e\u003c/a\u003e update workflows, pull taprc out of package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/4a0d53c7531f3f0df97f9e4d26c78489e7f6d7ef\"\u003e\u003ccode\u003e4a0d53c\u003c/code\u003e\u003c/a\u003e update tap for mockImport bugfix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/ef94ad2696c12129628208cf4e38575e7240c1c4\"\u003e\u003ccode\u003eef94ad2\u003c/code\u003e\u003c/a\u003e update tap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/180c2d43cb135f134c0c5446408dc107c79a5a9b\"\u003e\u003ccode\u003e180c2d4\u003c/code\u003e\u003c/a\u003e update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/37993c86faddcb780458b2d7ae3c2ead7a84bf31\"\u003e\u003ccode\u003e37993c8\u003c/code\u003e\u003c/a\u003e remove stray console.error in test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/03ae4c244cac6331817158b0bc12effd30deeb43\"\u003e\u003ccode\u003e03ae4c2\u003c/code\u003e\u003c/a\u003e 13.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.4.5...v13.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 11.0.3 to 11.1.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/e80cb38ae60d6cbff9e75f39032a994858994d35\"\u003e\u003ccode\u003ee80cb38\u003c/code\u003e\u003c/a\u003e 13.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/9cdbbfff75c64fb158c8842d4d0eb3e908676a41\"\u003e\u003ccode\u003e9cdbbff\u003c/code\u003e\u003c/a\u003e revert tsgo, not ready for test coverage correctness yet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/89c99ba8e276438b8e31ce878b63186e2cd375b4\"\u003e\u003ccode\u003e89c99ba\u003c/code\u003e\u003c/a\u003e use tsgo compiler\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/b7275d54f294174607f544acf07cc7ec526b7878\"\u003e\u003ccode\u003eb7275d5\u003c/code\u003e\u003c/a\u003e update deps, expand engines to include node 18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/942e360a669e0c378c0abd261e7d329ca2cee661\"\u003e\u003ccode\u003e942e360\u003c/code\u003e\u003c/a\u003e update workflows, pull taprc out of package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/4a0d53c7531f3f0df97f9e4d26c78489e7f6d7ef\"\u003e\u003ccode\u003e4a0d53c\u003c/code\u003e\u003c/a\u003e update tap for mockImport bugfix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/ef94ad2696c12129628208cf4e38575e7240c1c4\"\u003e\u003ccode\u003eef94ad2\u003c/code\u003e\u003c/a\u003e update tap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/180c2d43cb135f134c0c5446408dc107c79a5a9b\"\u003e\u003ccode\u003e180c2d4\u003c/code\u003e\u003c/a\u003e update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/37993c86faddcb780458b2d7ae3c2ead7a84bf31\"\u003e\u003ccode\u003e37993c8\u003c/code\u003e\u003c/a\u003e remove stray console.error in test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/03ae4c244cac6331817158b0bc12effd30deeb43\"\u003e\u003ccode\u003e03ae4c2\u003c/code\u003e\u003c/a\u003e 13.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.4.5...v13.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 3.2.4 to 4.1.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.8\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eDisable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v4]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10450\"\u003evitest-dev/vitest#10450\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b1\"\u003e\u003c!-- raw HTML omitted --\u003e(e4067)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove orphaned Playwright route when same module is mocked via multiple ids [backport to v4]  -  by \u003ca href=\"https://github.com/toxik\"\u003e\u003ccode\u003e@​toxik\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Zelys-DFKH\"\u003e\u003ccode\u003e@​Zelys-DFKH\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10474\"\u003evitest-dev/vitest#10474\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/675b4343f\"\u003e\u003c!-- raw HTML omitted --\u003e(675b4)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.7...v4.1.8\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner\u003c/strong\u003e: Limit concurrency per task branch in addition to per leaf callbacks (backport)  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10384\"\u003evitest-dev/vitest#10384\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/4f0f2a1ee\"\u003e\u003c!-- raw HTML omitted --\u003e(4f0f2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.6...v4.1.7\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Provide project reference in \u003ccode\u003eToMatchScreenshotResolvePath\u003c/code\u003e  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10138\"\u003evitest-dev/vitest#10138\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/31882607c\"\u003e\u003c!-- raw HTML omitted --\u003e(31882)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGlobal \u003ccode\u003esequence.concurrent: true\u003c/code\u003e with top-level \u003ccode\u003etest(..., { concurrent: false })\u003c/code\u003e + depreacte \u003ccode\u003esequential\u003c/code\u003e test API and options  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003eCodex\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10196\"\u003evitest-dev/vitest#10196\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/2847dfa2a\"\u003e\u003c!-- raw HTML omitted --\u003e(2847d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Simplify orchestrator otel carrier  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10285\"\u003evitest-dev/vitest#10285\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/18af98cee\"\u003e\u003c!-- raw HTML omitted --\u003e(18af9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🏎 Performance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStringify diff objects only once  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10276\"\u003evitest-dev/vitest#10276\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9f7b1528c\"\u003e\u003c!-- raw HTML omitted --\u003e(9f7b1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.5...v4.1.6\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Experimental Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Istanbul to support \u003ccode\u003einstrumenter\u003c/code\u003e option  -  by \u003ca href=\"https://github.com/BartWaardenburg\"\u003e\u003ccode\u003e@​BartWaardenburg\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10119\"\u003evitest-dev/vitest#10119\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/0e0ff41c7\"\u003e\u003c!-- raw HTML omitted --\u003e(0e0ff)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e--project negation excludes browser instances  -  by \u003ca href=\"https://github.com/felamaslen\"\u003e\u003ccode\u003e@​felamaslen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10131\"\u003evitest-dev/vitest#10131\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9423dc084\"\u003e\u003c!-- raw HTML omitted --\u003e(9423d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProject color label on html reporter  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10142\"\u003evitest-dev/vitest#10142\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/596f73986\"\u003e\u003c!-- raw HTML omitted --\u003e(596f7)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003evi.defineHelper\u003c/code\u003e called as object method  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10163\"\u003evitest-dev/vitest#10163\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/122c25b5b\"\u003e\u003c!-- raw HTML omitted --\u003e(122c2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlias \u003ccode\u003eagent\u003c/code\u003e reporter to \u003ccode\u003eminimal\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10157\"\u003evitest-dev/vitest#10157\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/663b99fe3\"\u003e\u003c!-- raw HTML omitted --\u003e(663b9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions  -  by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003esheremet-va\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedad\"\u003e\u003c!-- raw HTML omitted --\u003e(9787d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions \u0026quot;  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd\"\u003e\u003c!-- raw HTML omitted --\u003e(7dc6d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-collect\u003c/strong\u003e: Recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery  -  by \u003ca href=\"https://github.com/Yejneshwar\"\u003e\u003ccode\u003e@​Yejneshwar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10129\"\u003evitest-dev/vitest#10129\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab2\"\u003e\u003c!-- raw HTML omitted --\u003e(32546)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Descriptive error message when reports directory is removed during test run  -  by \u003ca href=\"https://github.com/DaveT1991\"\u003e\u003ccode\u003e@​DaveT1991\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10117\"\u003evitest-dev/vitest#10117\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1413382e1\"\u003e\u003c!-- raw HTML omitted --\u003e(14133)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esnapshot\u003c/strong\u003e: Increase default snapshot max output length  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10150\"\u003evitest-dev/vitest#10150\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/21e66ff63\"\u003e\u003c!-- raw HTML omitted --\u003e(21e66)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eui\u003c/strong\u003e: Fix jsx/tsx syntax highlight  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10152\"\u003evitest-dev/vitest#10152\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/f1b1f6c7b\"\u003e\u003c!-- raw HTML omitted --\u003e(f1b1f)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eweb-worker\u003c/strong\u003e: Support MessagePort objects referenced inside postMessage data  -  by \u003ca href=\"https://github.com/whitphx\"\u003e\u003ccode\u003e@​whitphx\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eClaude Opus 4.6 (1M context)\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9927\"\u003evitest-dev/vitest#9927\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10124\"\u003evitest-dev/vitest#10124\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7ad7d39af\"\u003e\u003c!-- raw HTML omitted --\u003e(7ad7d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Make test-specification options writable  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10154\"\u003evitest-dev/vitest#10154\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/6abd557b7\"\u003e\u003c!-- raw HTML omitted --\u003e(6abd5)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.4...v4.1.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e61f2dd2a0ba0a266c1c5e0334aad3799fee527f\"\u003e\u003ccode\u003ee61f2dd\u003c/code\u003e\u003c/a\u003e chore: release v4.1.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b150005fd42cf75f994300119245806b9\"\u003e\u003ccode\u003ee4067b3\u003c/code\u003e\u003c/a\u003e fix(browser): disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a09d47236e19fd3151351080c667036ca6164dc4\"\u003e\u003ccode\u003ea09d472\u003c/code\u003e\u003c/a\u003e chore: release v4.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a8fd24c1cad2320b19fcc651413c7d928423bdc1\"\u003e\u003ccode\u003ea8fd24c\u003c/code\u003e\u003c/a\u003e chore: release v4.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/18af98cee1830604d57f6a02bf28f8067cdffc06\"\u003e\u003ccode\u003e18af98c\u003c/code\u003e\u003c/a\u003e fix(browser): simplify orchestrator otel carrier (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10285\"\u003e#10285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/31882607cc67c7bf52ead13a606321ffdb06a857\"\u003e\u003ccode\u003e3188260\u003c/code\u003e\u003c/a\u003e feat(browser): provide project reference in \u003ccode\u003eToMatchScreenshotResolvePath\u003c/code\u003e (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e399846850fedf10b8228cbe46a419628998acd9\"\u003e\u003ccode\u003ee399846\u003c/code\u003e\u003c/a\u003e chore: release v4.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd9dda0fe6fee2fb6451d0611a9ecb6e7\"\u003e\u003ccode\u003e7dc6d54\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;fix: respect diff config options in soft assertions (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696\"\u003e#8696\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedade9896a6d3eeed7739177d6c583a68a7\"\u003e\u003ccode\u003e9787ded\u003c/code\u003e\u003c/a\u003e fix: respect diff config options in soft assertions (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696\"\u003e#8696\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab292c45c3ef27aa21ec7da380c307052c\"\u003e\u003ccode\u003e325463a\u003c/code\u003e\u003c/a\u003e fix(ast-collect): recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for vitest since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.5.1 to 7.5.16\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/cf213384ac558b539c07c830ed7cca5ffc9e8550\"\u003e\u003ccode\u003ecf21338\u003c/code\u003e\u003c/a\u003e 7.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/21a822027658c8063542be330530bbecdf0dbbfe\"\u003e\u003ccode\u003e21a8220\u003c/code\u003e\u003c/a\u003e do not apply PAX header fields to meta entries\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/52632cf38fdbdbbc7ab86184d68a85b11fdb0970\"\u003e\u003ccode\u003e52632cf\u003c/code\u003e\u003c/a\u003e update project deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/302f51ff3f8eefeccc06be4caf7d0de9b7c321d7\"\u003e\u003ccode\u003e302f51f\u003c/code\u003e\u003c/a\u003e fix inconsequential typo in PENDINGLINKS symbol name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/55dbb99b27640bb12b2ac059b26883c23523b3e3\"\u003e\u003ccode\u003e55dbb99\u003c/code\u003e\u003c/a\u003e remove some uses of mutate-fs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/87cc309f13c21d598b0b833235d387a252455058\"\u003e\u003ccode\u003e87cc309\u003c/code\u003e\u003c/a\u003e 7.5.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7aef486f0d21c10fd7790b16b1b28f04648cf334\"\u003e\u003ccode\u003e7aef486\u003c/code\u003e\u003c/a\u003e fix: regression in pending links detection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6244eb33846bbd407443f5d0e339bd8c91663cd6\"\u003e\u003ccode\u003e6244eb3\u003c/code\u003e\u003c/a\u003e 7.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/9704d8c6f639573775133cbbd541aba83cb46c9c\"\u003e\u003ccode\u003e9704d8c\u003c/code\u003e\u003c/a\u003e stricter protection against hardlinks preempting their targets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/700734f9aeb113bcc5f1400d81b8be7d499e54a2\"\u003e\u003ccode\u003e700734f\u003c/code\u003e\u003c/a\u003e update workflows and deps\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.1...v7.5.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 11.1.0 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.15.1 to 1.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e@​modelcontextprotocol/sdk's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.29.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: treat v1.x as primary branch for npm latest tag (backport \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1577\"\u003e#1577\u003c/a\u003e) by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1749\"\u003emodelcontextprotocol/typescript-sdk#1749\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] fix: disallow null (infinite) requested TTL by \u003ca href=\"https://github.com/LucaButBoring\"\u003e\u003ccode\u003e@​LucaButBoring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1339\"\u003emodelcontextprotocol/typescript-sdk#1339\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] fix: add missing size field to ResourceSchema by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1575\"\u003emodelcontextprotocol/typescript-sdk#1575\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd typings exports by \u003ca href=\"https://github.com/tdraier\"\u003e\u003ccode\u003e@​tdraier\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1623\"\u003emodelcontextprotocol/typescript-sdk#1623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev1.x npm audit fix by \u003ca href=\"https://github.com/KKonstantinov\"\u003e\u003ccode\u003e@​KKonstantinov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1780\"\u003emodelcontextprotocol/typescript-sdk#1780\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev1.x \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1623\"\u003e#1623\u003c/a\u003e follow up -add missing types to package.json by \u003ca href=\"https://github.com/KKonstantinov\"\u003e\u003ccode\u003e@​KKonstantinov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1773\"\u003emodelcontextprotocol/typescript-sdk#1773\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x backport] Allow servers / clients to advertise extensions in the capability object by \u003ca href=\"https://github.com/localden\"\u003e\u003ccode\u003e@​localden\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1811\"\u003emodelcontextprotocol/typescript-sdk#1811\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(stdio): always set windowsHide on Windows, not just in Electron by \u003ca href=\"https://github.com/jnMetaCode\"\u003e\u003ccode\u003e@​jnMetaCode\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1640\"\u003emodelcontextprotocol/typescript-sdk#1640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to...\n\n_Description has been truncated_","html_url":"https://github.com/HarleyCoops/gemini-cli/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HarleyCoops%2Fgemini-cli/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"},{"uuid":"4656868486","node_id":"PR_kwDOQ5tu8c7mIfeM","number":23,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 24 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-14T05:14:38.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-13T20:37:36.000Z","updated_at":"2026-06-14T05:14:40.000Z","time_to_close":31022,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":24,"packages":[{"name":"simple-git","old_version":"3.28.0","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"esbuild","old_version":"0.25.6","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"},{"name":"vitest","old_version":"1.6.1","new_version":"3.2.6","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"tar","old_version":"7.5.2","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"uuid","old_version":"11.1.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"ws","old_version":"8.18.3","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"@modelcontextprotocol/sdk","old_version":"1.23.0","new_version":"1.29.0","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"diff","old_version":"7.0.0","new_version":"9.0.0","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"shell-quote","old_version":"1.8.3","new_version":"1.8.4","repository_url":"https://github.com/ljharb/shell-quote"},{"name":"undici","old_version":"7.15.0","new_version":"7.27.2","repository_url":"https://github.com/nodejs/undici"},{"name":"ajv","old_version":"8.17.1","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"picomatch","old_version":"4.0.3","new_version":"4.0.4","repository_url":"https://github.com/micromatch/picomatch"},{"name":"vite","old_version":"7.2.2","new_version":"7.3.2","repository_url":"https://github.com/vitejs/vite"},{"name":"@isaacs/brace-expansion","old_version":"5.0.0","new_version":"5.0.1"},{"name":"fast-uri","old_version":"3.0.6","new_version":"3.1.2","repository_url":"https://github.com/fastify/fast-uri"},{"name":"fast-xml-parser","old_version":"4.5.3","new_version":"5.8.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"jws","old_version":"4.0.0","new_version":"4.0.1","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"jws","old_version":"3.2.2","new_version":"3.2.3","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"rollup","old_version":"4.53.2","new_version":"4.62.0","repository_url":"https://github.com/rollup/rollup"},{"name":"tmp","old_version":"0.2.5","new_version":"0.2.7","repository_url":"https://github.com/raszi/node-tmp"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 21 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.28.0` | `3.36.0` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.25.6` | `0.28.1` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `1.6.1` | `3.2.6` |\n| [tar](https://github.com/isaacs/node-tar) | `7.5.2` | `7.5.11` |\n| [uuid](https://github.com/uuidjs/uuid) | `11.1.0` | `14.0.0` |\n| [ws](https://github.com/websockets/ws) | `8.18.3` | `8.20.1` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.23.0` | `1.29.0` |\n| [diff](https://github.com/kpdecker/jsdiff) | `7.0.0` | `9.0.0` |\n| [shell-quote](https://github.com/ljharb/shell-quote) | `1.8.3` | `1.8.4` |\n| [undici](https://github.com/nodejs/undici) | `7.15.0` | `7.27.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.17.1` | `8.18.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `4.0.3` | `4.0.4` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `7.2.2` | `7.3.2` |\n| @isaacs/brace-expansion | `5.0.0` | `5.0.1` |\n| [fast-uri](https://github.com/fastify/fast-uri) | `3.0.6` | `3.1.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.3` | `5.8.0` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [jws](https://github.com/brianloveswords/node-jws) | `4.0.0` | `4.0.1` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [rollup](https://github.com/rollup/rollup) | `4.53.2` | `4.62.0` |\n| [tmp](https://github.com/raszi/node-tmp) | `0.2.5` | `0.2.7` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/core directory: [diff](https://github.com/kpdecker/jsdiff).\n\nUpdates `simple-git` from 3.28.0 to 3.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/releases\"\u003esimple-git's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esimple-git@3.36.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e89a2294: Extend known exploitable configuration keys and per-task environment variables.\u003c/p\u003e\n\u003cp\u003eNote - \u003ccode\u003eParsedVulnerabilities\u003c/code\u003e from \u003ccode\u003eargv-parser\u003c/code\u003e is removed in favour of a readonly array of \u003ccode\u003eVulnerability\u003c/code\u003e to match usage in \u003ccode\u003esimple-git\u003c/code\u003e, rolled into the new \u003ccode\u003evulnerabilityCheck\u003c/code\u003e for simpler access to the identified issues.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/zebbern\"\u003e\u003ccode\u003e@​zebbern\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003ecore.fsmonitor\u003c/code\u003e.\nThanks to \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003eGIT_CONFIG_COUNT\u003c/code\u003e environment variables and \u003ccode\u003e--template\u003c/code\u003e / \u003ccode\u003emerge\u003c/code\u003e related config.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1ad57e8: Remove conflicting node:buffer import\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [89a2294]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [675570a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.35.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0cf9d8c: Improvements for mono-repo publishing pipeline\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0cf9d8c]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.35.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0de400e: Update monorepo version handling during publish\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0de400e]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.33.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea263635: Use \u003ccode\u003epathspec\u003c/code\u003e wrappers for remote and local paths when running either \u003ccode\u003egit.clone\u003c/code\u003e or \u003ccode\u003egit.mirror\u003c/code\u003e to\navoid leaving them less open for unexpected outcomes when passing unsanitised data into these tasks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ee253a0d: Enhanced \u003ccode\u003egit -c\u003c/code\u003e checks in \u003ccode\u003eunsafe\u003c/code\u003e plugin.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JohannesLks\"\u003e\u003ccode\u003e@​JohannesLks\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md\"\u003esimple-git's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.36.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e89a2294: Extend known exploitable configuration keys and per-task environment variables.\u003c/p\u003e\n\u003cp\u003eNote - \u003ccode\u003eParsedVulnerabilities\u003c/code\u003e from \u003ccode\u003eargv-parser\u003c/code\u003e is removed in favour of a readonly array of \u003ccode\u003eVulnerability\u003c/code\u003e to match usage in \u003ccode\u003esimple-git\u003c/code\u003e, rolled into the new \u003ccode\u003evulnerabilityCheck\u003c/code\u003e for simpler access to the identified issues.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/zebbern\"\u003e\u003ccode\u003e@​zebbern\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003ecore.fsmonitor\u003c/code\u003e.\nThanks to \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003eGIT_CONFIG_COUNT\u003c/code\u003e environment variables and \u003ccode\u003e--template\u003c/code\u003e / \u003ccode\u003emerge\u003c/code\u003e related config.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1ad57e8: Remove conflicting node:buffer import\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [89a2294]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [675570a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0cf9d8c: Improvements for mono-repo publishing pipeline\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0cf9d8c]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0de400e: Update monorepo version handling during publish\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0de400e]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e3d8708b: Updating publish config\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [3d8708b]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.34.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/7dc1a532a9ec92fb08c93202954be73175b07d83\"\u003e\u003ccode\u003e7dc1a53\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/76f5376bd418cb8baf5ec32757af442d47128e22\"\u003e\u003ccode\u003e76f5376\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1061\"\u003e#1061\u003c/a\u003e from Vinzent03/fix/buffer-import\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/89a2294febed5dfe737c4c735d936bb6018746a8\"\u003e\u003ccode\u003e89a2294\u003c/code\u003e\u003c/a\u003e Environment Parsing (\u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1156\"\u003e#1156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/1b91b762f047777ca6686f34ac3f7b8a543a4780\"\u003e\u003ccode\u003e1b91b76\u003c/code\u003e\u003c/a\u003e fix: remove explicit node:buffer import\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/e390685960a3461875dce89d87ab80e3143d79fe\"\u003e\u003ccode\u003ee390685\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/3c9e4b8309667d0cb4102cda770f92075fc781dd\"\u003e\u003ccode\u003e3c9e4b8\u003c/code\u003e\u003c/a\u003e Pin version of \u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/94ee21fd5a2a6182fbf0f218a5efca2057b567cd\"\u003e\u003ccode\u003e94ee21f\u003c/code\u003e\u003c/a\u003e Export \u003ccode\u003epathspec\u003c/code\u003e types through \u003ccode\u003esimple-git\u003c/code\u003e for backward compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/6d7cb5174273aa33d131172d3770cb386e795171\"\u003e\u003ccode\u003e6d7cb51\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/0de400e7b014a48113acf673b3409a95b9c87a15\"\u003e\u003ccode\u003e0de400e\u003c/code\u003e\u003c/a\u003e Switch to semver from workspace revisions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/2264722abcb637042dd4cc50d903d69e4ee14b38\"\u003e\u003ccode\u003e2264722\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/steveukx/git-js/commits/simple-git@3.36.0/simple-git\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for simple-git since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.25.6 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2025.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog: 2025\u003c/h1\u003e\n\u003cp\u003eThis changelog documents all esbuild versions published in the year 2025 (versions 0.25.0 through 0.27.2).\u003c/p\u003e\n\u003ch2\u003e0.27.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow import path specifiers starting with \u003ccode\u003e#/\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4361\"\u003e#4361\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously the specification for \u003ccode\u003epackage.json\u003c/code\u003e disallowed import path specifiers starting with \u003ccode\u003e#/\u003c/code\u003e, but this restriction \u003ca href=\"https://redirect.github.com/nodejs/node/pull/60864\"\u003ehas recently been relaxed\u003c/a\u003e and support for it is being added across the JavaScript ecosystem. One use case is using it for a wildcard pattern such as mapping \u003ccode\u003e#/*\u003c/code\u003e to \u003ccode\u003e./src/*\u003c/code\u003e (previously you had to use another character such as \u003ccode\u003e#_*\u003c/code\u003e instead, which was more confusing). There is some more context in \u003ca href=\"https://redirect.github.com/nodejs/node/issues/49182\"\u003enodejs/node#49182\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis change was contributed by \u003ca href=\"https://github.com/hybrist\"\u003e\u003ccode\u003e@​hybrist\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAutomatically add the \u003ccode\u003e-webkit-mask\u003c/code\u003e prefix (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4357\"\u003e#4357\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4358\"\u003e#4358\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release automatically adds the \u003ccode\u003e-webkit-\u003c/code\u003e vendor prefix for the \u003ca href=\"https://developer.mozilla.org/en-US/docs/Web/CSS/Reference/Properties/mask\"\u003e\u003ccode\u003emask\u003c/code\u003e\u003c/a\u003e CSS shorthand property:\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\nmain {\n  mask: url(x.png) center/5rem no-repeat\n}\n\u003cp\u003e/* Old output (with --target=chrome110) */\u003cbr /\u003e\nmain {\u003cbr /\u003e\nmask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e/* New output (with --target=chrome110) */\u003cbr /\u003e\nmain {\u003cbr /\u003e\n-webkit-mask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\nmask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\n}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThis change was contributed by \u003ca href=\"https://github.com/BPJEnnova\"\u003e\u003ccode\u003e@​BPJEnnova\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdditional minification of \u003ccode\u003eswitch\u003c/code\u003e statements (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4176\"\u003e#4176\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4359\"\u003e#4359\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release contains additional minification patterns for reducing \u003ccode\u003eswitch\u003c/code\u003e statements. Here is an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nswitch (x) {\n  case 0:\n    foo()\n    break\n  case 1:\n  default:\n    bar()\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.25.6...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for esbuild since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 1.6.1 to 3.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.6\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePin last supported vite-node version  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/16f120d05\"\u003e\u003c!-- raw HTML omitted --\u003e(16f12)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.5...v3.2.6\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev3.2.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Add \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e [backport to v3]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10445\"\u003evitest-dev/vitest#10445\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/af88b1f5d\"\u003e\u003c!-- raw HTML omitted --\u003e(af88b)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v3]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10456\"\u003evitest-dev/vitest#10456\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/385a1aefd\"\u003e\u003c!-- raw HTML omitted --\u003e(385a1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.4...v3.2.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev3.2.4\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUse correct path for optimisation of strip-literal  -  by \u003ca href=\"https://github.com/mrginglymus\"\u003e\u003ccode\u003e@​mrginglymus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8139\"\u003evitest-dev/vitest#8139\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/44940d9dd\"\u003e\u003c!-- raw HTML omitted --\u003e(44940)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrint uint and buffer as a simple string  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8141\"\u003evitest-dev/vitest#8141\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/b86bf0d99\"\u003e\u003c!-- raw HTML omitted --\u003e(b86bf)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eShow a helpful error when spying on an export  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8178\"\u003evitest-dev/vitest#8178\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/5600772c2\"\u003e\u003c!-- raw HTML omitted --\u003e(56007)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecli\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003evitest run --watch\u003c/code\u003e should be watch-mode  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8128\"\u003evitest-dev/vitest#8128\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/657e83f9f\"\u003e\u003c!-- raw HTML omitted --\u003e(657e8)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse absolute path environment on Windows  -  by \u003ca href=\"https://github.com/colinaaa\"\u003e\u003ccode\u003e@​colinaaa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8105\"\u003evitest-dev/vitest#8105\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/85dc0195f\"\u003e\u003c!-- raw HTML omitted --\u003e(85dc0)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThrow error when \u003ccode\u003e--shard x/\u0026lt;count\u0026gt;\u003c/code\u003e exceeds count of test files  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8112\"\u003evitest-dev/vitest#8112\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/8a18c8e20\"\u003e\u003c!-- raw HTML omitted --\u003e(8a18c)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eIgnore SCSS in browser mode  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8161\"\u003evitest-dev/vitest#8161\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/0c3be6f63\"\u003e\u003c!-- raw HTML omitted --\u003e(0c3be)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eUpdate all non-major dependencies  -  in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8123\"\u003evitest-dev/vitest#8123\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/93f3200e4\"\u003e\u003c!-- raw HTML omitted --\u003e(93f32)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eexpect\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eHandle async errors in expect.soft  -  by \u003ca href=\"https://github.com/lzl0304\"\u003e\u003ccode\u003e@​lzl0304\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8145\"\u003evitest-dev/vitest#8145\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/686996912\"\u003e\u003c!-- raw HTML omitted --\u003e(68699)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epool\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eAuto-adjust \u003ccode\u003eminWorkers\u003c/code\u003e when only \u003ccode\u003emaxWorkers\u003c/code\u003e specified  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8110\"\u003evitest-dev/vitest#8110\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/14dc0724f\"\u003e\u003c!-- raw HTML omitted --\u003e(14dc0)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ereporter\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etask.meta\u003c/code\u003e should be available in custom reporter's errors  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8115\"\u003evitest-dev/vitest#8115\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/27df68a0e\"\u003e\u003c!-- raw HTML omitted --\u003e(27df6)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003erunner\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003ePreserve handler wrapping on extend  -  by \u003ca href=\"https://github.com/pengooseDev\"\u003e\u003ccode\u003e@​pengooseDev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8153\"\u003evitest-dev/vitest#8153\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/a92812b70\"\u003e\u003c!-- raw HTML omitted --\u003e(a9281)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eui\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eEnsure ui config option works correctly  -  by \u003ca href=\"https://github.com/lzl0304\"\u003e\u003ccode\u003e@​lzl0304\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8147\"\u003evitest-dev/vitest#8147\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/42eeb2ee6\"\u003e\u003c!-- raw HTML omitted --\u003e(42eeb)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.3...v3.2.4\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev3.2.3\u003c/h2\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Use base url instead of \u003cstrong\u003evitest\u003c/strong\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8126\"\u003evitest-dev/vitest#8126\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1d8ebf9ae\"\u003e\u003c!-- raw HTML omitted --\u003e(1d8eb)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/b6d56f8171ae814ee7571df63a35a0da5203dbaa\"\u003e\u003ccode\u003eb6d56f8\u003c/code\u003e\u003c/a\u003e chore: release v3.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/16f120d0585677f6a32bcb3dd01fa61c140e2588\"\u003e\u003ccode\u003e16f120d\u003c/code\u003e\u003c/a\u003e fix: pin last supported vite-node version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/2cbad0a923c48c6144266df3cd25f93547cb5221\"\u003e\u003ccode\u003e2cbad0a\u003c/code\u003e\u003c/a\u003e chore: release v3.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/385a1aefd4c2bfa5e7d58bf7c6834c929969f2c7\"\u003e\u003ccode\u003e385a1ae\u003c/code\u003e\u003c/a\u003e fix(browser): disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/af88b1f5d82844a4761ea9a977156c98e2b14ca8\"\u003e\u003ccode\u003eaf88b1f\u003c/code\u003e\u003c/a\u003e feat(api): add \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e [backport to v3]...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/c666d149a4516761bae92ca56ce1336d2fd352c3\"\u003e\u003ccode\u003ec666d14\u003c/code\u003e\u003c/a\u003e chore: release v3.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/8a18c8e20a19f2c8d9f402e426886999f378c389\"\u003e\u003ccode\u003e8a18c8e\u003c/code\u003e\u003c/a\u003e fix(cli): throw error when \u003ccode\u003e--shard x/\\\u0026lt;count\u0026gt;\u003c/code\u003e exceeds count of test files (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/8abd7cc6fff5fa47d899b5f5383f526d2fdef784\"\u003e\u003ccode\u003e8abd7cc\u003c/code\u003e\u003c/a\u003e chore(deps): update \u003ccode\u003etinypool\u003c/code\u003e (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8174\"\u003e#8174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/93f3200e452874ed4e2d018718bbbde7ebd28590\"\u003e\u003ccode\u003e93f3200\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8123\"\u003e#8123\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/0c3be6f637d65ef47f2fcf2ccd637f1ecc9d1786\"\u003e\u003ccode\u003e0c3be6f\u003c/code\u003e\u003c/a\u003e fix(coverage): ignore SCSS in browser mode (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8161\"\u003e#8161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v3.2.6/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for vitest since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.5.2 to 7.5.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2b72abc1d47c3570e1ad95c9ab557fc4c2e6e4b1\"\u003e\u003ccode\u003e2b72abc\u003c/code\u003e\u003c/a\u003e 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f\"\u003e\u003ccode\u003e7bc755d\u003c/code\u003e\u003c/a\u003e parse root off paths before sanitizing .. parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/c8cb84629dee649feedde03f2f4ea48f2e44e778\"\u003e\u003ccode\u003ec8cb846\u003c/code\u003e\u003c/a\u003e update deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/1f0c2c9006b10199cf2686f8ef43e79a1773e1aa\"\u003e\u003ccode\u003e1f0c2c9\u003c/code\u003e\u003c/a\u003e 7.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/fbb08518bf290733b68ca4d4135f75becf73fd75\"\u003e\u003ccode\u003efbb0851\u003c/code\u003e\u003c/a\u003e build minified version as default export\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6b8eba0ef367ac937e703238daa6df94ae6f823f\"\u003e\u003ccode\u003e6b8eba0\u003c/code\u003e\u003c/a\u003e 7.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2cb1120bcefe28d7ecc719b41441ade59c52e384\"\u003e\u003ccode\u003e2cb1120\u003c/code\u003e\u003c/a\u003e fix(unpack): improve UnpackSync symlink error \u0026quot;into\u0026quot; path accuracy\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.2...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 11.1.0 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.18.3 to 8.20.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an uninitialized memory disclosure issue in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\n(c0327ec1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding a \u003ccode\u003eTypedArray\u003c/code\u003e (e.g. \u003ccode\u003eFloat32Array\u003c/code\u003e) as the \u003ccode\u003ereason\u003c/code\u003e argument for\n\u003ccode\u003ewebsocket.close()\u003c/code\u003e, rather than the supported string or \u003ccode\u003eBuffer\u003c/code\u003e types, caused\nuninitialized memory to be disclosed to the remote peer.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { deepStrictEqual } from 'node:assert';\r\nimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer(\n{ port: 0, skipUTF8Validation: true },\nfunction () {\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e, {\nskipUTF8Validation: true\n});\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ews.on('close', function (code, reason) {\r\n  deepStrictEqual(reason, Buffer.alloc(80));\r\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e}\n);\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.close(1000, new Float32Array(20));\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe issue was privately reported by \u003ca href=\"https://github.com/ChALkeR\"\u003eNikita Skovoroda\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e8.20.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded exports for the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and utilities for the\n\u003ccode\u003eSec-WebSocket-Extensions\u003c/code\u003e and \u003ccode\u003eSec-WebSocket-Protocol\u003c/code\u003e headers (d3503c1f).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.19.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecloseTimeout\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2308\"\u003e#2308\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eHandled a forthcoming breaking change in Node.js core (19984854).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/3ee5349a0b1580f6e1f347b59ec3371011bd8481\"\u003e\u003ccode\u003e3ee5349\u003c/code\u003e\u003c/a\u003e [api] Convert the \u003ccode\u003eisServer\u003c/code\u003e and \u003ccode\u003emaxPayload\u003c/code\u003e parameters to options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/91707b470ebd803aaa3fd1e896217740f39267d4\"\u003e\u003ccode\u003e91707b4\u003c/code\u003e\u003c/a\u003e [doc] Add missing space\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8b553192268810a83253e2a4a39ac16768e75bb3\"\u003e\u003ccode\u003e8b55319\u003c/code\u003e\u003c/a\u003e [pkg] Update eslint to version 10.0.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.18.3...8.20.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.23.0 to 1.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e@​modelcontextprotocol/sdk's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.29.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: treat v1.x as primary branch for npm latest tag (backport \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1577\"\u003e#1577\u003c/a\u003e) by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1749\"\u003emodelcontextprotocol/typescript-sdk#1749\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] fix: disallow null (infinite) requested TTL by \u003ca href=\"https://github.com/LucaButBoring\"\u003e\u003ccode\u003e@​LucaButBoring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1339\"\u003emodelcontextprotocol/typescript-sdk#1339\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] fix: add missing size field to ResourceSchema by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1575\"\u003emodelcontextprotocol/typescript-sdk#1575\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd typings exports by \u003ca href=\"https://github.com/tdraier\"\u003e\u003ccode\u003e@​tdraier\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1623\"\u003emodelcontextprotocol/typescript-sdk#1623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev1.x npm audit fix by \u003ca href=\"https://github.com/KKonstantinov\"\u003e\u003ccode\u003e@​KKonstantinov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1780\"\u003emodelcontextprotocol/typescript-sdk#1780\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev1.x \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1623\"\u003e#1623\u003c/a\u003e follow up -add missing types to package.json by \u003ca href=\"https://github.com/KKonstantinov\"\u003e\u003ccode\u003e@​KKonstantinov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1773\"\u003emodelcontextprotocol/typescript-sdk#1773\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x backport] Allow servers / clients to advertise extensions in the capability object by \u003ca href=\"https://github.com/localden\"\u003e\u003ccode\u003e@​localden\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1811\"\u003emodelcontextprotocol/typescript-sdk#1811\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(stdio): always set windowsHide on Windows, not just in Electron by \u003ca href=\"https://github.com/jnMetaCode\"\u003e\u003ccode\u003e@​jnMetaCode\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1640\"\u003emodelcontextprotocol/typescript-sdk#1640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.29.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1820\"\u003emodelcontextprotocol/typescript-sdk#1820\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tdraier\"\u003e\u003ccode\u003e@​tdraier\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1623\"\u003emodelcontextprotocol/typescript-sdk#1623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnMetaCode\"\u003e\u003ccode\u003e@​jnMetaCode\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1640\"\u003emodelcontextprotocol/typescript-sdk#1640\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.28.0...v1.29.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.28.0...v1.29.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.28.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: use scopes_supported from resource metadata by default (fixes \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/580\"\u003e#580\u003c/a\u003e) by \u003ca href=\"https://github.com/antogyn\"\u003e\u003ccode\u003e@​antogyn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/757\"\u003emodelcontextprotocol/typescript-sdk#757\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x backport] Default to client_secret_basic when server omits token_endpoint_auth_methods_supported by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1611\"\u003emodelcontextprotocol/typescript-sdk#1611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: reject plain JSON Schema objects passed as inputSchema by \u003ca href=\"https://github.com/tiluckdave\"\u003e\u003ccode\u003e@​tiluckdave\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1596\"\u003emodelcontextprotocol/typescript-sdk#1596\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: clear _timeoutInfo in _onclose() and scope .finally() abort controller cleanup by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1462\"\u003emodelcontextprotocol/typescript-sdk#1462\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(server/auth): RFC 8252 loopback port relaxation by \u003ca href=\"https://github.com/poteat\"\u003e\u003ccode\u003e@​poteat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1738\"\u003emodelcontextprotocol/typescript-sdk#1738\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.28.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1746\"\u003emodelcontextprotocol/typescript-sdk#1746\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/antogyn\"\u003e\u003ccode\u003e@​antogyn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/757\"\u003emodelcontextprotocol/typescript-sdk#757\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tiluckdave\"\u003e\u003ccode\u003e@​tiluckdave\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1596\"\u003emodelcontextprotocol/typescript-sdk#1596\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/poteat\"\u003e\u003ccode\u003e@​poteat\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1738\"\u003emodelcontextprotocol/typescript-sdk#1738\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.1...v1.28.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.1...v1.28.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: implement auth/pre-registration conformance scenario by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1545\"\u003emodelcontextprotocol/typescript-sdk#1545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add governance documentation for SEP-1730 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1547\"\u003emodelcontextprotocol/typescript-sdk#1547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: comprehensive feature documentation for SEP-1730 Tier 1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1548\"\u003emodelcontextprotocol/typescript-sdk#1548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent command injection in example URL opening (v1.x backport) by \u003ca href=\"https://github.com/maxisbey\"\u003e\u003ccode\u003e@​maxisbey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1579\"\u003emodelcontextprotocol/typescript-sdk#1579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: call onerror for silently swallowed transport errors by \u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.27.1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1581\"\u003emodelcontextprotocol/typescript-sdk#1581\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/e12cbd7078db388152f6e839abdbe09ba01f3f32\"\u003e\u003ccode\u003ee12cbd7\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.29.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1820\"\u003e#1820\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/3913fd4443a86536155e3ebef9edd2045c372c1e\"\u003e\u003ccode\u003e3913fd4\u003c/code\u003e\u003c/a\u003e fix(stdio): always set windowsHide on Windows, not just in Electron (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1640\"\u003e#1640\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/5608e78dd0d4ca6cd7dd03278419578f1780365a\"\u003e\u003ccode\u003e5608e78\u003c/code\u003e\u003c/a\u003e [v1.x backport] Allow servers / clients to advertise extensions in the capabi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/7213816788e634ffb9d09affe50f0295093bfb73\"\u003e\u003ccode\u003e7213816\u003c/code\u003e\u003c/a\u003e v1.x \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1623\"\u003e#1623\u003c/a\u003e follow up -add missing types to package.json (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1773\"\u003e#1773\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/364f38ca2d8895aed7c37b7a0a1031bb7ae4841c\"\u003e\u003ccode\u003e364f38c\u003c/code\u003e\u003c/a\u003e v1.x npm audit fix (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1780\"\u003e#1780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/c95cc0943b045517e4cc414baf1f168b216c3142\"\u003e\u003ccode\u003ec95cc09\u003c/code\u003e\u003c/a\u003e Add typings exports (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1623\"\u003e#1623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/ddadaa6cc633fb5db0c094bf031b15b68a357820\"\u003e\u003ccode\u003eddadaa6\u003c/code\u003e\u003c/a\u003e [v1.x] fix: add missing size field to ResourceSchema (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1575\"\u003e#1575\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/2a158513028d9f862c4188b6957e78cd5663f26b\"\u003e\u003ccode\u003e2a15851\u003c/code\u003e\u003c/a\u003e [v1.x] fix: disallow null (infinite) requested TTL (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1339\"\u003e#1339\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/13e30f1d36de8442417fec695983bdb155c00768\"\u003e\u003ccode\u003e13e30f1\u003c/code\u003e\u003c/a\u003e fix: treat v1.x as primary branch for npm latest tag (backport \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1577\"\u003e#1577\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1749\"\u003e#1749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/a0565695218544fc53e99bf5b544a887d373cefa\"\u003e\u003ccode\u003ea056569\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.28.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1746\"\u003e#1746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.23.0...v1.29.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 7.0.0 to 9.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e9.0.0\u003c/h2\u003e\n\u003cp\u003e(All changes part of PR \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/672\"\u003e#672\u003c/a\u003e.)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eES5 support is dropped\u003c/strong\u003e. \u003ccode\u003eparsePatch\u003c/code\u003e now uses \u003ccode\u003eTextDecoder\u003c/code\u003e and \u003ccode\u003eUint8Array\u003c/code\u003e, which are not available in ES5, and TypeScript is now compiled with the \u0026quot;es6\u0026quot; \u003ccode\u003etarget\u003c/code\u003e. From now on, I intend to freely use any features that are deemed \u0026quot;Widely available\u0026quot; by \u003ca href=\"https://web.dev/baseline\"\u003eBaseline\u003c/a\u003e. Users who need ES5 support should stick to version 8.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eC-style quoted strings in filename headers are now properly supported\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eWhen the name of either the old or new file in a patch contains \u0026quot;special characters\u0026quot;, both GNU \u003ccode\u003ediff\u003c/code\u003e and Git quote the filename in the patch's headers and escape special characters using the same escape sequences that are used in string literals in C, including octal escapes for all non-ASCII characters. Previously, jsdiff had very little support for this; \u003ccode\u003eparsePatch\u003c/code\u003e would remove the quotes, and unescape any escaped backslashes, but would not unescape other escape sequences. \u003ccode\u003eformatPatch\u003c/code\u003e, meanwhile, did not quote or escape special characters at all.\u003c/p\u003e\n\u003cp\u003eNow, \u003ccode\u003eparsePatch\u003c/code\u003e parses all the possible escape sequences that GNU diff (or Git) ever output, and \u003ccode\u003eformatPatch\u003c/code\u003e quotes and escapes filenames containing special characters in the same way GNU diff does.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e now omits file headers when \u003ccode\u003eoldFileName\u003c/code\u003e or \u003ccode\u003enewFileName\u003c/code\u003e in the provided patch object are \u003ccode\u003eundefined\u003c/code\u003e\u003c/strong\u003e, regardless of the \u003ccode\u003eheaderOptions\u003c/code\u003e parameter. (Previously, it would treat the absence of \u003ccode\u003eoldFileName\u003c/code\u003e or \u003ccode\u003enewFileName\u003c/code\u003e as indicating the filename was the word \u0026quot;undefined\u0026quot; and emit headers \u003ccode\u003e--- undefined\u003c/code\u003e / \u003ccode\u003e+++ undefined\u003c/code\u003e.)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e no longer outputs trailing tab characters at the end of \u003ccode\u003e---\u003c/code\u003e/\u003ccode\u003e+++\u003c/code\u003e headers.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003ePreviously, if \u003ccode\u003eformatPatch\u003c/code\u003e was passed a patch object to serialize that had empty strings for the \u003ccode\u003eoldHeader\u003c/code\u003e or \u003ccode\u003enewHeader\u003c/code\u003e property, it would include a trailing tab character after the filename in the \u003ccode\u003e---\u003c/code\u003e and/or \u003ccode\u003e+++\u003c/code\u003e file header. Now, this scenario is treated the same as when \u003ccode\u003eoldHeader\u003c/code\u003e/\u003ccode\u003enewHeader\u003c/code\u003e is \u003ccode\u003eundefined\u003c/code\u003e - i.e. the trailing tab is omitted.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e no longer mutates its input\u003c/strong\u003e when serializing a patch containing a hunk where either the old or new content contained zero lines. (Such a hunk occurs only when the hunk has no context lines and represents a pure insertion or pure deletion, which for instance will occur whenever one of the two files being diffed is completely empty.) Previously \u003ccode\u003eformatPatch\u003c/code\u003e would provide the correct output but also mutate the \u003ccode\u003eoldLines\u003c/code\u003e or \u003ccode\u003enewLines\u003c/code\u003e property on the hunk, changing the meaning of the underlying patch.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eGit-style patches are now supported by \u003ccode\u003eparsePatch\u003c/code\u003e, \u003ccode\u003eformatPatch\u003c/code\u003e, and \u003ccode\u003ereversePatch\u003c/code\u003e\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003ePatches output by \u003ccode\u003egit diff\u003c/code\u003e can include some features that are unlike those output by GNU \u003ccode\u003ediff\u003c/code\u003e, and therefore not handled by an ordinary unified diff format parser. An ordinary diff simply describes the differences between the \u003cem\u003econtent\u003c/em\u003e of two files, but Git diffs can also indicate, via \u0026quot;extended headers\u0026quot;, the creation or deletion of (potentially empty) files, indicate that a file was renamed, and contain information about file mode changes. Furthermore, when these changes appear in a diff in the absence of a content change (e.g. when an empty file is created, or a file is renamed without content changes), the patch will contain no associated \u003ccode\u003e---\u003c/code\u003e/\u003ccode\u003e+++\u003c/code\u003e file headers nor any hunks.\u003c/p\u003e\n\u003cp\u003ejsdiff previously did not support parsing Git's extended headers, nor hunkless patches. Now \u003ccode\u003eparsePatch\u003c/code\u003e parses some of the extended headers, parses hunkless Git patches, and can determine filenames (e.g. from the extended headers) when parsing a patch that includes no \u003ccode\u003e---\u003c/code\u003e or \u003ccode\u003e+++\u003c/code\u003e file headers. The additional information conveyed by the extended headers we support is recorded on new fields on the result object returned by \u003ccode\u003eparsePatch\u003c/code\u003e. See \u003ccode\u003eisGit\u003c/code\u003e and subsequent properties in the docs in the README.md file.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003eformatPatch\u003c/code\u003e now outputs extended headers based on these new Git-specific properties, and \u003ccode\u003ereversePatch\u003c/code\u003e respects them as far as possible (with one unavoidable caveat noted in the README.md file).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eUnpaired file headers now cause \u003ccode\u003eparsePatch\u003c/code\u003e to throw\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eIt remains acceptable to have a patch with no file headers whatsoever (e.g. one that begins with a \u003ccode\u003e@@\u003c/code\u003e hunk header on the very first line), but a patch with \u003cem\u003eonly\u003c/em\u003e a \u003ccode\u003e---\u003c/code\u003e header or only a \u003ccode\u003e+++\u003c/code\u003e header is now considered an error.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eparsePatch\u003c/code\u003e is now more tolerant of \u0026quot;trailing garbage\u0026quot;\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThat is: after a patch, or between files/indexes in a patch, it is now acceptable to have arbitrary lines of \u0026quot;garbage\u0026quot; (so long as they unambiguously have no syntactic meaning - e.g. trailing garbage that leads with a \u003ccode\u003e+\u003c/code\u003e, \u003ccode\u003e-\u003c/code\u003e, or \u003ccode\u003e \u003c/code\u003e and thus is interpretable as part of a hunk still triggers a throw).\u003c/p\u003e\n\u003cp\u003eThis means we no longer reject patches output by tools that include extra data in \u0026quot;garbage\u0026quot; lines not understood by generic unified diff parsers. (For example, SVN patches can include \u0026quot;Property changes on:\u0026quot; lines that generic unified diff parsers should discard as garbage; jsdiff previously threw errors when encountering them.)\u003c/p\u003e\n\u003cp\u003eThis change brings jsdiff's behaviour more in line with GNU \u003ccode\u003epatch\u003c/code\u003e, which is highly permissive of \u0026quot;garbage\u0026quot;.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThe \u003ccode\u003eoldFileName\u003c/code\u003e and \u003ccode\u003enewFileName\u003c/code\u003e fields of \u003ccode\u003eStructuredPatch\u003c/code\u003e are now typed as \u003ccode\u003estring | undefined\u003c/code\u003e instead of \u003ccode\u003estring\u003c/code\u003e\u003c/strong\u003e. This type change reflects the (pre-existing) reality that \u003ccode\u003eparsePatch\u003c/code\u003e can produce patches without filenames (e.g. when parsing a patch that simply contains hunks with no file headers).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/667\"\u003e#667\u003c/a\u003e - \u003cstrong\u003efix another bug in \u003ccode\u003ediffWords\u003c/code\u003e when used with an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e\u003c/strong\u003e. If the text to be diffed included a combining mark after a whitespace character (i.e. roughly speaking, an accented space), \u003ccode\u003ediffWords\u003c/code\u003e would previously crash. Now this case is handled correctly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/631\"\u003e#631\u003c/a\u003e - \u003cstrong\u003efix support for using an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e with \u003ccode\u003ediffWords\u003c/code\u003e\u003c/strong\u003e. This has been almost completely broken since the feature was added in v6.0.0, since it would outright crash on any text that featured two consecutive newlines between a pair of words (a very common case).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/635\"\u003e#635\u003c/a\u003e - \u003cstrong\u003esmall tweaks to tokenization behaviour of \u003ccode\u003ediffWords\u003c/code\u003e\u003c/strong\u003e when used \u003cem\u003ewithout\u003c/em\u003e an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e. Specifically, the soft hyphen (U+00AD) is no longer considered to be a word break, and the multiplication and division signs (\u003ccode\u003e×\u003c/code\u003e and \u003ccode\u003e÷\u003c/code\u003e) are now treated as punctuation instead of as letters / word characters.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/ed13aca03aa25735fafc0645d1185e7a1c68fd8c\"\u003e\u003ccode\u003eed13aca\u003c/code\u003e\u003c/a\u003e Update version in package.json and in release notes (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/683\"\u003e#683\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/7a49317b503a932b88fc72ad9c57a481df038e24\"\u003e\u003ccode\u003e7a49317\u003c/code\u003e\u003c/a\u003e Bump dependencies again (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/682\"\u003e#682\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/afe5aecad189c9f5941ad3feb3c94c46b32ecb0a\"\u003e\u003ccode\u003eafe5aec\u003c/code\u003e\u003c/a\u003e Add Git support, and otherwise variously improve \u0026amp; fix parsePatch (and other ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/2e46779d8866ce7da1303a03db33ed038590c6f6\"\u003e\u003ccode\u003e2e46779\u003c/code\u003e\u003c/a\u003e Fix a typo (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/679\"\u003e#679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/dd2f99497703a1540b2ae406b51c49b74b5fc1a1\"\u003e\u003ccode\u003edd2f994\u003c/code\u003e\u003c/a\u003e 8.0.4 release (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/3cc438434db53c5d1c40412b727ea7650f6f145a\"\u003e\u003ccode\u003e3cc4384\u003c/code\u003e\u003c/a\u003e Update docs on releasing to reflect migration to yarn berry (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/is...\n\n_Description has been truncated_","html_url":"https://github.com/cosmiccareer/terminai/pull/23","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/cosmiccareer%2Fterminai/issues/23","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/23/packages"},{"uuid":"4656868166","node_id":"PR_kwDOQ8daQ87mIfaP","number":9,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 3 directories with 26 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-13T20:37:29.000Z","updated_at":"2026-06-13T20:38:23.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":26,"packages":[{"name":"simple-git","old_version":"3.28.0","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"esbuild","old_version":"0.25.6","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"},{"name":"vitest","old_version":"1.6.1","new_version":"3.2.6","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"@modelcontextprotocol/sdk","old_version":"1.25.1","new_version":"1.26.0","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"diff","old_version":"7.0.0","new_version":"9.0.0","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"shell-quote","old_version":"1.8.3","new_version":"1.8.4","repository_url":"https://github.com/ljharb/shell-quote"},{"name":"tar","old_version":"7.5.2","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"undici","old_version":"6.22.0","new_version":"6.24.0","repository_url":"https://github.com/nodejs/undici"},{"name":"ajv","old_version":"8.17.1","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"fast-uri","old_version":"3.0.6","new_version":"3.1.2","repository_url":"https://github.com/fastify/fast-uri"},{"name":"picomatch","old_version":"4.0.3","new_version":"4.0.4","repository_url":"https://github.com/micromatch/picomatch"},{"name":"uuid","old_version":"9.0.1","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"ws","old_version":"8.18.3","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"markdown-it","old_version":"14.1.0","new_version":"14.1.1","repository_url":"https://github.com/markdown-it/markdown-it"},{"name":"postcss","old_version":"8.5.6","new_version":"8.5.15","repository_url":"https://github.com/postcss/postcss"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"rollup","old_version":"4.44.0","new_version":"4.62.0","repository_url":"https://github.com/rollup/rollup"},{"name":"tmp","old_version":"0.2.5","new_version":"0.2.7","repository_url":"https://github.com/raszi/node-tmp"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 19 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.28.0` | `3.36.0` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.25.6` | `0.28.1` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `1.6.1` | `3.2.6` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.25.1` | `1.26.0` |\n| [diff](https://github.com/kpdecker/jsdiff) | `7.0.0` | `9.0.0` |\n| [shell-quote](https://github.com/ljharb/shell-quote) | `1.8.3` | `1.8.4` |\n| [tar](https://github.com/isaacs/node-tar) | `7.5.2` | `7.5.11` |\n| [undici](https://github.com/nodejs/undici) | `6.22.0` | `6.24.0` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.17.1` | `8.18.0` |\n| [fast-uri](https://github.com/fastify/fast-uri) | `3.0.6` | `3.1.2` |\n| [picomatch](https://github.com/micromatch/picomatch) | `4.0.3` | `4.0.4` |\n| [uuid](https://github.com/uuidjs/uuid) | `9.0.1` | `14.0.0` |\n| [ws](https://github.com/websockets/ws) | `8.18.3` | `8.20.1` |\n| [markdown-it](https://github.com/markdown-it/markdown-it) | `14.1.0` | `14.1.1` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.6` | `8.5.15` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [rollup](https://github.com/rollup/rollup) | `4.44.0` | `4.62.0` |\n| [tmp](https://github.com/raszi/node-tmp) | `0.2.5` | `0.2.7` |\n\nBumps the npm_and_yarn group with 2 updates in the /packages/core directory: [diff](https://github.com/kpdecker/jsdiff) and [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 2 updates in the /packages/sdk-typescript directory: [esbuild](https://github.com/evanw/esbuild) and [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).\n\nUpdates `simple-git` from 3.28.0 to 3.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/releases\"\u003esimple-git's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esimple-git@3.36.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e89a2294: Extend known exploitable configuration keys and per-task environment variables.\u003c/p\u003e\n\u003cp\u003eNote - \u003ccode\u003eParsedVulnerabilities\u003c/code\u003e from \u003ccode\u003eargv-parser\u003c/code\u003e is removed in favour of a readonly array of \u003ccode\u003eVulnerability\u003c/code\u003e to match usage in \u003ccode\u003esimple-git\u003c/code\u003e, rolled into the new \u003ccode\u003evulnerabilityCheck\u003c/code\u003e for simpler access to the identified issues.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/zebbern\"\u003e\u003ccode\u003e@​zebbern\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003ecore.fsmonitor\u003c/code\u003e.\nThanks to \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003eGIT_CONFIG_COUNT\u003c/code\u003e environment variables and \u003ccode\u003e--template\u003c/code\u003e / \u003ccode\u003emerge\u003c/code\u003e related config.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1ad57e8: Remove conflicting node:buffer import\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [89a2294]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [675570a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.35.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0cf9d8c: Improvements for mono-repo publishing pipeline\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0cf9d8c]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.35.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0de400e: Update monorepo version handling during publish\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0de400e]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.33.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea263635: Use \u003ccode\u003epathspec\u003c/code\u003e wrappers for remote and local paths when running either \u003ccode\u003egit.clone\u003c/code\u003e or \u003ccode\u003egit.mirror\u003c/code\u003e to\navoid leaving them less open for unexpected outcomes when passing unsanitised data into these tasks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ee253a0d: Enhanced \u003ccode\u003egit -c\u003c/code\u003e checks in \u003ccode\u003eunsafe\u003c/code\u003e plugin.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JohannesLks\"\u003e\u003ccode\u003e@​JohannesLks\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md\"\u003esimple-git's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.36.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e89a2294: Extend known exploitable configuration keys and per-task environment variables.\u003c/p\u003e\n\u003cp\u003eNote - \u003ccode\u003eParsedVulnerabilities\u003c/code\u003e from \u003ccode\u003eargv-parser\u003c/code\u003e is removed in favour of a readonly array of \u003ccode\u003eVulnerability\u003c/code\u003e to match usage in \u003ccode\u003esimple-git\u003c/code\u003e, rolled into the new \u003ccode\u003evulnerabilityCheck\u003c/code\u003e for simpler access to the identified issues.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/zebbern\"\u003e\u003ccode\u003e@​zebbern\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003ecore.fsmonitor\u003c/code\u003e.\nThanks to \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003eGIT_CONFIG_COUNT\u003c/code\u003e environment variables and \u003ccode\u003e--template\u003c/code\u003e / \u003ccode\u003emerge\u003c/code\u003e related config.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1ad57e8: Remove conflicting node:buffer import\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [89a2294]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [675570a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0cf9d8c: Improvements for mono-repo publishing pipeline\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0cf9d8c]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0de400e: Update monorepo version handling during publish\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0de400e]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e3d8708b: Updating publish config\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [3d8708b]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.34.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/7dc1a532a9ec92fb08c93202954be73175b07d83\"\u003e\u003ccode\u003e7dc1a53\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/76f5376bd418cb8baf5ec32757af442d47128e22\"\u003e\u003ccode\u003e76f5376\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1061\"\u003e#1061\u003c/a\u003e from Vinzent03/fix/buffer-import\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/89a2294febed5dfe737c4c735d936bb6018746a8\"\u003e\u003ccode\u003e89a2294\u003c/code\u003e\u003c/a\u003e Environment Parsing (\u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1156\"\u003e#1156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/1b91b762f047777ca6686f34ac3f7b8a543a4780\"\u003e\u003ccode\u003e1b91b76\u003c/code\u003e\u003c/a\u003e fix: remove explicit node:buffer import\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/e390685960a3461875dce89d87ab80e3143d79fe\"\u003e\u003ccode\u003ee390685\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/3c9e4b8309667d0cb4102cda770f92075fc781dd\"\u003e\u003ccode\u003e3c9e4b8\u003c/code\u003e\u003c/a\u003e Pin version of \u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/94ee21fd5a2a6182fbf0f218a5efca2057b567cd\"\u003e\u003ccode\u003e94ee21f\u003c/code\u003e\u003c/a\u003e Export \u003ccode\u003epathspec\u003c/code\u003e types through \u003ccode\u003esimple-git\u003c/code\u003e for backward compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/6d7cb5174273aa33d131172d3770cb386e795171\"\u003e\u003ccode\u003e6d7cb51\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/0de400e7b014a48113acf673b3409a95b9c87a15\"\u003e\u003ccode\u003e0de400e\u003c/code\u003e\u003c/a\u003e Switch to semver from workspace revisions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/2264722abcb637042dd4cc50d903d69e4ee14b38\"\u003e\u003ccode\u003e2264722\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/steveukx/git-js/commits/simple-git@3.36.0/simple-git\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for simple-git since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.25.6 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2025.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog: 2025\u003c/h1\u003e\n\u003cp\u003eThis changelog documents all esbuild versions published in the year 2025 (versions 0.25.0 through 0.27.2).\u003c/p\u003e\n\u003ch2\u003e0.27.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow import path specifiers starting with \u003ccode\u003e#/\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4361\"\u003e#4361\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously the specification for \u003ccode\u003epackage.json\u003c/code\u003e disallowed import path specifiers starting with \u003ccode\u003e#/\u003c/code\u003e, but this restriction \u003ca href=\"https://redirect.github.com/nodejs/node/pull/60864\"\u003ehas recently been relaxed\u003c/a\u003e and support for it is being added across the JavaScript ecosystem. One use case is using it for a wildcard pattern such as mapping \u003ccode\u003e#/*\u003c/code\u003e to \u003ccode\u003e./src/*\u003c/code\u003e (previously you had to use another character such as \u003ccode\u003e#_*\u003c/code\u003e instead, which was more confusing). There is some more context in \u003ca href=\"https://redirect.github.com/nodejs/node/issues/49182\"\u003enodejs/node#49182\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis change was contributed by \u003ca href=\"https://github.com/hybrist\"\u003e\u003ccode\u003e@​hybrist\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAutomatically add the \u003ccode\u003e-webkit-mask\u003c/code\u003e prefix (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4357\"\u003e#4357\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4358\"\u003e#4358\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release automatically adds the \u003ccode\u003e-webkit-\u003c/code\u003e vendor prefix for the \u003ca href=\"https://developer.mozilla.org/en-US/docs/Web/CSS/Reference/Properties/mask\"\u003e\u003ccode\u003emask\u003c/code\u003e\u003c/a\u003e CSS shorthand property:\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\nmain {\n  mask: url(x.png) center/5rem no-repeat\n}\n\u003cp\u003e/* Old output (with --target=chrome110) */\u003cbr /\u003e\nmain {\u003cbr /\u003e\nmask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e/* New output (with --target=chrome110) */\u003cbr /\u003e\nmain {\u003cbr /\u003e\n-webkit-mask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\nmask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\n}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThis change was contributed by \u003ca href=\"https://github.com/BPJEnnova\"\u003e\u003ccode\u003e@​BPJEnnova\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdditional minification of \u003ccode\u003eswitch\u003c/code\u003e statements (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4176\"\u003e#4176\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4359\"\u003e#4359\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release contains additional minification patterns for reducing \u003ccode\u003eswitch\u003c/code\u003e statements. Here is an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nswitch (x) {\n  case 0:\n    foo()\n    break\n  case 1:\n  default:\n    bar()\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.25.6...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for esbuild since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 1.6.1 to 3.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.6\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePin last supported vite-node version  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/16f120d05\"\u003e\u003c!-- raw HTML omitted --\u003e(16f12)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.5...v3.2.6\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev3.2.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Add \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e [backport to v3]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10445\"\u003evitest-dev/vitest#10445\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/af88b1f5d\"\u003e\u003c!-- raw HTML omitted --\u003e(af88b)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v3]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10456\"\u003evitest-dev/vitest#10456\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/385a1aefd\"\u003e\u003c!-- raw HTML omitted --\u003e(385a1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.4...v3.2.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev3.2.4\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUse correct path for optimisation of strip-literal  -  by \u003ca href=\"https://github.com/mrginglymus\"\u003e\u003ccode\u003e@​mrginglymus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8139\"\u003evitest-dev/vitest#8139\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/44940d9dd\"\u003e\u003c!-- raw HTML omitted --\u003e(44940)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrint uint and buffer as a simple string  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8141\"\u003evitest-dev/vitest#8141\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/b86bf0d99\"\u003e\u003c!-- raw HTML omitted --\u003e(b86bf)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eShow a helpful error when spying on an export  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8178\"\u003evitest-dev/vitest#8178\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/5600772c2\"\u003e\u003c!-- raw HTML omitted --\u003e(56007)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecli\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003evitest run --watch\u003c/code\u003e should be watch-mode  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8128\"\u003evitest-dev/vitest#8128\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/657e83f9f\"\u003e\u003c!-- raw HTML omitted --\u003e(657e8)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse absolute path environment on Windows  -  by \u003ca href=\"https://github.com/colinaaa\"\u003e\u003ccode\u003e@​colinaaa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8105\"\u003evitest-dev/vitest#8105\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/85dc0195f\"\u003e\u003c!-- raw HTML omitted --\u003e(85dc0)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThrow error when \u003ccode\u003e--shard x/\u0026lt;count\u0026gt;\u003c/code\u003e exceeds count of test files  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8112\"\u003evitest-dev/vitest#8112\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/8a18c8e20\"\u003e\u003c!-- raw HTML omitted --\u003e(8a18c)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eIgnore SCSS in browser mode  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8161\"\u003evitest-dev/vitest#8161\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/0c3be6f63\"\u003e\u003c!-- raw HTML omitted --\u003e(0c3be)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eUpdate all non-major dependencies  -  in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8123\"\u003evitest-dev/vitest#8123\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/93f3200e4\"\u003e\u003c!-- raw HTML omitted --\u003e(93f32)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eexpect\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eHandle async errors in expect.soft  -  by \u003ca href=\"https://github.com/lzl0304\"\u003e\u003ccode\u003e@​lzl0304\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8145\"\u003evitest-dev/vitest#8145\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/686996912\"\u003e\u003c!-- raw HTML omitted --\u003e(68699)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epool\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eAuto-adjust \u003ccode\u003eminWorkers\u003c/code\u003e when only \u003ccode\u003emaxWorkers\u003c/code\u003e specified  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8110\"\u003evitest-dev/vitest#8110\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/14dc0724f\"\u003e\u003c!-- raw HTML omitted --\u003e(14dc0)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ereporter\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etask.meta\u003c/code\u003e should be available in custom reporter's errors  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8115\"\u003evitest-dev/vitest#8115\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/27df68a0e\"\u003e\u003c!-- raw HTML omitted --\u003e(27df6)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003erunner\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003ePreserve handler wrapping on extend  -  by \u003ca href=\"https://github.com/pengooseDev\"\u003e\u003ccode\u003e@​pengooseDev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8153\"\u003evitest-dev/vitest#8153\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/a92812b70\"\u003e\u003c!-- raw HTML omitted --\u003e(a9281)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eui\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eEnsure ui config option works correctly  -  by \u003ca href=\"https://github.com/lzl0304\"\u003e\u003ccode\u003e@​lzl0304\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8147\"\u003evitest-dev/vitest#8147\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/42eeb2ee6\"\u003e\u003c!-- raw HTML omitted --\u003e(42eeb)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.3...v3.2.4\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev3.2.3\u003c/h2\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Use base url instead of \u003cstrong\u003evitest\u003c/strong\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8126\"\u003evitest-dev/vitest#8126\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1d8ebf9ae\"\u003e\u003c!-- raw HTML omitted --\u003e(1d8eb)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/b6d56f8171ae814ee7571df63a35a0da5203dbaa\"\u003e\u003ccode\u003eb6d56f8\u003c/code\u003e\u003c/a\u003e chore: release v3.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/16f120d0585677f6a32bcb3dd01fa61c140e2588\"\u003e\u003ccode\u003e16f120d\u003c/code\u003e\u003c/a\u003e fix: pin last supported vite-node version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/2cbad0a923c48c6144266df3cd25f93547cb5221\"\u003e\u003ccode\u003e2cbad0a\u003c/code\u003e\u003c/a\u003e chore: release v3.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/385a1aefd4c2bfa5e7d58bf7c6834c929969f2c7\"\u003e\u003ccode\u003e385a1ae\u003c/code\u003e\u003c/a\u003e fix(browser): disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/af88b1f5d82844a4761ea9a977156c98e2b14ca8\"\u003e\u003ccode\u003eaf88b1f\u003c/code\u003e\u003c/a\u003e feat(api): add \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e [backport to v3]...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/c666d149a4516761bae92ca56ce1336d2fd352c3\"\u003e\u003ccode\u003ec666d14\u003c/code\u003e\u003c/a\u003e chore: release v3.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/8a18c8e20a19f2c8d9f402e426886999f378c389\"\u003e\u003ccode\u003e8a18c8e\u003c/code\u003e\u003c/a\u003e fix(cli): throw error when \u003ccode\u003e--shard x/\\\u0026lt;count\u0026gt;\u003c/code\u003e exceeds count of test files (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/8abd7cc6fff5fa47d899b5f5383f526d2fdef784\"\u003e\u003ccode\u003e8abd7cc\u003c/code\u003e\u003c/a\u003e chore(deps): update \u003ccode\u003etinypool\u003c/code\u003e (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8174\"\u003e#8174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/93f3200e452874ed4e2d018718bbbde7ebd28590\"\u003e\u003ccode\u003e93f3200\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8123\"\u003e#8123\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/0c3be6f637d65ef47f2fcf2ccd637f1ecc9d1786\"\u003e\u003ccode\u003e0c3be6f\u003c/code\u003e\u003c/a\u003e fix(coverage): ignore SCSS in browser mode (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8161\"\u003e#8161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v3.2.6/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for vitest since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.25.1 to 1.26.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e@​modelcontextprotocol/sdk's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.26.0\u003c/h2\u003e\n\u003cp\u003eAddresses \u0026quot;Sharing server/transport instances can leak cross-client response data\u0026quot; in this GHSA \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: bump v1.25.3 for backport fixes by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1412\"\u003emodelcontextprotocol/typescript-sdk#1412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by \u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) by \u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.26.0 by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1479\"\u003emodelcontextprotocol/typescript-sdk#1479\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v1.x backport] Use correct schema for client sampling validation when tools are present by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1407\"\u003emodelcontextprotocol/typescript-sdk#1407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent Hono from overriding global Response object (v1.x) by \u003ca href=\"https://github.com/mattzcarey\"\u003e\u003ccode\u003e@​mattzcarey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1411\"\u003emodelcontextprotocol/typescript-sdk#1411\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: trigger workflow on v1.x branch by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1319\"\u003emodelcontextprotocol/typescript-sdk#1319\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: README badges links destinations by \u003ca href=\"https://github.com/antonpk1\"\u003e\u003ccode\u003e@​antonpk1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/907\"\u003emodelcontextprotocol/typescript-sdk#907\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent ReDoS in UriTemplate regex patterns (v1.x backport) by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1365\"\u003emodelcontextprotocol/typescript-sdk#1365\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/antonpk1\"\u003e\u003ccode\u003e@​antonpk1\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/907\"\u003emodelcontextprotocol/typescript-sdk#907\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.1...v1.25.2\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.1...v1.25.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/fe9c07b465871394c7069207c86513df9c1194a4\"\u003e\u003ccode\u003efe9c07b\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.26.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1479\"\u003e#1479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/4f01e7e0708e1a85ccc7dbf39e850005f2d9ff03\"\u003e\u003ccode\u003e4f01e7e\u003c/code\u003e\u003c/a\u003e fix: add non-null assertions for optional setupServer fields in stateful test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/a05be176cabeae1f933b676e3ce024bf02e2314d\"\u003e\u003ccode\u003ea05be17\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/50d9fa3cd12e807e7963bcb9e1548786d3d5d941\"\u003e\u003ccode\u003e50d9fa3\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1442\"\u003e#1442\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/aa81a66556fb4434d8a6d1b70f7ac9fc40b5d325\"\u003e\u003ccode\u003eaa81a66\u003c/code\u003e\u003c/a\u003e fix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x back...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/6aba0659654e1ff0699844524595922a61e44cb9\"\u003e\u003ccode\u003e6aba065\u003c/code\u003e\u003c/a\u003e chore: bump v1.25.3 for backport fixes (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1412\"\u003e#1412\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/6e8f7e1a43a819ae230373c62b82228dafd892c6\"\u003e\u003ccode\u003e6e8f7e1\u003c/code\u003e\u003c/a\u003e fix: prevent Hono from overriding global Response object (v1.x) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1411\"\u003e#1411\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/12ae856cee6ca58499cce24e80f650e78a0c7610\"\u003e\u003ccode\u003e12ae856\u003c/code\u003e\u003c/a\u003e [v1.x backport] Use correct schema for client sampling validation when tools ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/b392f02ffcf37c088dbd114fedf25026ec3913d3\"\u003e\u003ccode\u003eb392f02\u003c/code\u003e\u003c/a\u003e fix: prevent ReDoS in UriTemplate regex patterns (v1.x backport) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1365\"\u003e#1365\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/a0c9b13484748acab9e5dc8317a7e89c06b52e37\"\u003e\u003ccode\u003ea0c9b13\u003c/code\u003e\u003c/a\u003e fix: README badges links destinations (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/907\"\u003e#907\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.1...v1.26.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 7.0.0 to 9.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e9.0.0\u003c/h2\u003e\n\u003cp\u003e(All changes part of PR \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/672\"\u003e#672\u003c/a\u003e.)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eES5 support is dropped\u003c/strong\u003e. \u003ccode\u003eparsePatch\u003c/code\u003e now uses \u003ccode\u003eTextDecoder\u003c/code\u003e and \u003ccode\u003eUint8Array\u003c/code\u003e, which are not available in ES5, and TypeScript is now compiled with the \u0026quot;es6\u0026quot; \u003ccode\u003etarget\u003c/code\u003e. From now on, I intend to freely use any features that are deemed \u0026quot;Widely available\u0026quot; by \u003ca href=\"https://web.dev/baseline\"\u003eBaseline\u003c/a\u003e. Users who need ES5 support should stick to version 8.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eC-style quoted strings in filename headers are now properly supported\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eWhen the name of either the old or new file in a patch contains \u0026quot;special characters\u0026quot;, both GNU \u003ccode\u003ediff\u003c/code\u003e and Git quote the filename in the patch's headers and escape special characters using the same escape sequences that are used in string literals in C, including octal escapes for all non-ASCII characters. Previously, jsdiff had very little support for this; \u003ccode\u003eparsePatch\u003c/code\u003e would remove the quotes, and unescape any escaped backslashes, but would not unescape other escape sequences. \u003ccode\u003eformatPatch\u003c/code\u003e, meanwhile, did not quote or escape special characters at all.\u003c/p\u003e\n\u003cp\u003eNow, \u003ccode\u003eparsePatch\u003c/code\u003e parses all the possible escape sequences that GNU diff (or Git) ever output, and \u003ccode\u003eformatPatch\u003c/code\u003e quotes and escapes filenames containing special characters in the same way GNU diff does.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e now omits file headers when \u003ccode\u003eoldFileName\u003c/code\u003e or \u003ccode\u003enewFileName\u003c/code\u003e in the provided patch object are \u003ccode\u003eundefined\u003c/code\u003e\u003c/strong\u003e, regardless of the \u003ccode\u003eheaderOptions\u003c/code\u003e parameter. (Previously, it would treat the absence of \u003ccode\u003eoldFileName\u003c/code\u003e or \u003ccode\u003enewFileName\u003c/code\u003e as indicating the filename was the word \u0026quot;undefined\u0026quot; and emit headers \u003ccode\u003e--- undefined\u003c/code\u003e / \u003ccode\u003e+++ undefined\u003c/code\u003e.)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e no longer outputs trailing tab characters at the end of \u003ccode\u003e---\u003c/code\u003e/\u003ccode\u003e+++\u003c/code\u003e headers.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003ePreviously, if \u003ccode\u003eformatPatch\u003c/code\u003e was passed a patch object to serialize that had empty strings for the \u003ccode\u003eoldHeader\u003c/code\u003e or \u003ccode\u003enewHeader\u003c/code\u003e property, it would include a trailing tab character after the filename in the \u003ccode\u003e---\u003c/code\u003e and/or \u003ccode\u003e+++\u003c/code\u003e file header. Now, this scenario is treated the same as when \u003ccode\u003eoldHeader\u003c/code\u003e/\u003ccode\u003enewHeader\u003c/code\u003e is \u003ccode\u003eundefined\u003c/code\u003e - i.e. the trailing tab is omitted.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e no longer mutates its input\u003c/strong\u003e when serializing a patch containing a hunk where either the old or new content contained zero lines. (Such a hunk occurs only when the hunk has no context lines and represents a pure insertion or pure deletion, which for instance will occur whenever one of the two files being diffed is completely empty.) Previously \u003ccode\u003eformatPatch\u003c/code\u003e would provide the correct output but also mutate the \u003ccode\u003eoldLines\u003c/code\u003e or \u003ccode\u003enewLines\u003c/code\u003e property on the hunk, changing the meaning of the underlying patch.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eGit-style patches are now supported by \u003ccode\u003eparsePatch\u003c/code\u003e, \u003ccode\u003eformatPatch\u003c/code\u003e, and \u003ccode\u003ereversePatch\u003c/code\u003e\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003ePatches output by \u003ccode\u003egit diff\u003c/code\u003e can include some features that are unlike those output by GNU \u003ccode\u003ediff\u003c/code\u003e, and therefore not handled by an ordinary unified diff format parser. An ordinary diff simply describes the differences between the \u003cem\u003econtent\u003c/em\u003e of two files, but Git diffs can also indicate, via \u0026quot;extended headers\u0026quot;, the creation or deletion of (potentially empty) files, indicate that a file was renamed, and contain information about file mode changes. Furthermore, when these changes appear in a diff in the absence of a content change (e.g. when an empty file is created, or a file is renamed without content changes), the patch will contain no associated \u003ccode\u003e---\u003c/code\u003e/\u003ccode\u003e+++\u003c/code\u003e file headers nor any hunks.\u003c/p\u003e\n\u003cp\u003ejsdiff previously did not support parsing Git's extended headers, nor hunkless patches. Now \u003ccode\u003eparsePatch\u003c/code\u003e parses some of the extended headers, parses hunkless Git patches, and can determine filenames (e.g. from the extended headers) when parsing a patch that includes no \u003ccode\u003e---\u003c/code\u003e or \u003ccode\u003e+++\u003c/code\u003e file headers. The additional information conveyed by the extended headers we support is recorded on new fields on the result object returned by \u003ccode\u003eparsePatch\u003c/code\u003e. See \u003ccode\u003eisGit\u003c/code\u003e and subsequent properties in the docs in the README.md file.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003eformatPatch\u003c/code\u003e now outputs extended headers based on these new Git-specific properties, and \u003ccode\u003ereversePatch\u003c/code\u003e respects them as far as possible (with one unavoidable caveat noted in the README.md file).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eUnpaired file headers now cause \u003ccode\u003eparsePatch\u003c/code\u003e to throw\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eIt remains acceptable to have a patch with no file headers whatsoever (e.g. one that begins with a \u003ccode\u003e@@\u003c/code\u003e hunk header on the very first line), but a patch with \u003cem\u003eonly\u003c/em\u003e a \u003ccode\u003e---\u003c/code\u003e header or only a \u003ccode\u003e+++\u003c/code\u003e header is now considered an error.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eparsePatch\u003c/code\u003e is now more tolerant of \u0026quot;trailing garbage\u0026quot;\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThat is: after a patch, or between files/indexes in a patch, it is now acceptable to have arbitrary lines of \u0026quot;garbage\u0026quot; (so long as they unambiguously have no syntactic meaning - e.g. trailing garbage that leads with a \u003ccode\u003e+\u003c/code\u003e, \u003ccode\u003e-\u003c/code\u003e, or \u003ccode\u003e \u003c/code\u003e and thus is interpretable as part of a hunk still triggers a throw).\u003c/p\u003e\n\u003cp\u003eThis means we no longer reject patches output by tools that include extra data in \u0026quot;garbage\u0026quot; lines not understood by generic unified diff parsers. (For example, SVN patches can include \u0026quot;Property changes on:\u0026quot; lines that generic unified diff parsers should discard as garbage; jsdiff previously threw errors when encountering them.)\u003c/p\u003e\n\u003cp\u003eThis change brings jsdiff's behaviour more in line with GNU \u003ccode\u003epatch\u003c/code\u003e, which is highly permissive of \u0026quot;garbage\u0026quot;.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThe \u003ccode\u003eoldFileName\u003c/code\u003e and \u003ccode\u003enewFileName\u003c/code\u003e fields of \u003ccode\u003eStructuredPatch\u003c/code\u003e are now typed as \u003ccode\u003estring | undefined\u003c/code\u003e instead of \u003ccode\u003estring\u003c/code\u003e\u003c/strong\u003e. This type change reflects the (pre-existing) reality that \u003ccode\u003eparsePatch\u003c/code\u003e can produce patches without filenames (e.g. when parsing a patch that simply contains hunks with no file headers).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/667\"\u003e#667\u003c/a\u003e - \u003cstrong\u003efix another bug in \u003ccode\u003ediffWords\u003c/code\u003e when used with an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e\u003c/strong\u003e. If the text to be diffed included a combining mark after a whitespace character (i.e. roughly speaking, an accented space), \u003ccode\u003ediffWords\u003c/code\u003e would previously crash. Now this case is handled correctly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/631\"\u003e#631\u003c/a\u003e - \u003cstrong\u003efix support for using an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e with \u003ccode\u003ediffWords\u003c/code\u003e\u003c/strong\u003e. This has been almost completely broken since the feature was added in v6.0.0, since it would outright crash on any text that featured two consecutive newlines between a pair of words (a very common case).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/635\"\u003e#635\u003c/a\u003e - \u003cstrong\u003esmall tweaks to tokenization behaviour of \u003ccode\u003ediffWords\u003c/code\u003e\u003c/strong\u003e when used \u003cem\u003ewithout\u003c/em\u003e an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e. Specifically, the soft hyphen (U+00AD) is no longer considered to be a word break, and the multiplication and division signs (\u003ccode\u003e×\u003c/code\u003e and \u003ccode\u003e÷\u003c/code\u003e) are now treated as punctuation instead of as letters / word characters.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/ed13aca03aa25735fafc0645d1185e7a1c68fd8c\"\u003e\u003ccode\u003eed13aca\u003c/code\u003e\u003c/a\u003e Update version in package.json and in release notes (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/683\"\u003e#683\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/7a49317b503a932b88fc72ad9c57a481df038e24\"\u003e\u003ccode\u003e7a49317\u003c/code\u003e\u003c/a\u003e Bump dependencies again (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/682\"\u003e#682\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/afe5aecad189c9f5941ad3feb3c94c46b32ecb0a\"\u003e\u003ccode\u003eafe5aec\u003c/code\u003e\u003c/a\u003e Add Git support, and otherwise variously improve \u0026amp; fix parsePatch (and other ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/2e46779d8866ce7da1303a03db33ed038590c6f6\"\u003e\u003ccode\u003e2e46779\u003c/code\u003e\u003c/a\u003e Fix a typo (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/679\"\u003e#679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/dd2f99497703a1540b2ae406b51c49b74b5fc1a1\"\u003e\u003ccode\u003edd2f994\u003c/code\u003e\u003c/a\u003e 8.0.4 release (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/3cc438434db53c5d1c40412b727ea7650f6f145a\"\u003e\u003ccode\u003e3cc4384\u003c/code\u003e\u003c/a\u003e Update docs on releasing to reflect migration to yarn berry (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/6fc2aa6b7672af08774b50aae00d97b99c5b5715\"\u003e\u003ccode\u003e6fc2aa6\u003c/code\u003e\u003c/a\u003e yarn up '*' \u0026amp;\u0026amp; yarn up -R '**' (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/676\"\u003e#676\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/af7393ac3404565dc8da655c2e7aeeed28c01ff7\"\u003e\u003ccode\u003eaf7393a\u003c/code\u003e\u003c/a\u003e yarn up '*' \u0026amp;\u0026amp; yarn up -R '**' (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4b5d1800370bf29b61a3378fb8086aeb231d3ef7\"\u003e\u003ccode\u003e4b5d180\u003c/code\u003e\u003c/a\u003e Fix another bug in diffWords's \u0026quot;intlSegmenter\u0026quot; mode (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/667\"\u003e#667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/10da50c466709e7bd4b192dac96af0af46f8b7bd\"\u003e\u003ccode\u003e10da50c\u003c/code\u003e\u003c/a\u003e yarn up '*' \u0026amp;\u0026amp; yarn up -R '**' (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/666\"\u003e#666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/7.0.0...v9.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `shell-quote` from 1.8.3 to 1.8.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md\"\u003eshell-quote's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/ljharb/shell-quote/compare/v1.8.3...v1.8.4\"\u003ev1.8.4\u003c/a\u003e - 2026-05-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003equote\u003c/code\u003e: validate object-token shapes \u003ca href=\"https://github.com/ljharb/shell-quote/commit/4378a6e613db5948168684864e49b42b83134d2d\"\u003e\u003ccode\u003e4378a6e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/ljharb/shell-quote/commit/22ebec04349065a45ad8afc8cc8d53c4624634a6\"\u003e\u003ccode\u003e22ebec0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage \u003ca href=\"https://github.com/ljharb/shell-quote/commit/9f3caa31900cc6ee64858b31134144c648ce206d\"\u003e\u003ccode\u003e9f3caa3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge \u003ca href=\"https://github.com/ljharb/shell-quote/commit/3344a047dd1e95f71c4ca27522cbfd05c56277e0\"\u003e\u003ccode\u003e3344a04\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/ljharb/shell-quote/commit/699c5113d135f4d4591574bebf173334ffa453d4\"\u003e\u003ccode\u003e699c511\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/shell-quote/commit/ff166e2b63eb5f932bd131a8886a99e9afdf45ae\"\u003e\u003ccode\u003eff166e2\u003c/code\u003e\u003c/a\u003e v1.8.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/shell-quote/commit/4378a6e613db5948168684864e49b42b83134d2d\"\u003e\u003ccode\u003e4378a6e\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003equote\u003c/code\u003e: validate object-token shapes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/shell-quote/commit/22ebec04349065a45ad8afc8cc8d53c4624634a6\"\u003e\u003ccode\u003e22ebec0\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, `npmig...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/shell-quote/commit/9f3caa31900cc6ee64858b31134144c648ce206d\"\u003e\u003ccode\u003e9f3caa3\u003c/code\u003e\u003c/a\u003e [Tests] increase coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/shell-quote/commit/3344a047dd1e95f71c4ca27522cbfd05c56277e0\"\u003e\u003ccode\u003e3344a04\u003c/code\u003e\u003c/a\u003e [readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/shell-quote/commit/699c5113d135f4d4591574bebf173334ffa453d4\"\u003e\u003ccode\u003e699c511\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ljharb/shell-quote/compare/v1.8.3...v1.8.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.5.2 to 7.5.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2b72abc1d47c3570e1ad95c9ab557fc4c2e6e4b1\"\u003e\u003ccode\u003e2b72abc\u003c/code\u003e\u003c/a\u003e 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f\"\u003e\u003ccode\u003e7bc755d\u003c/code\u003e\u003c/a\u003e parse root off paths before sanitizing .. parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/c8cb84629dee649feedde03f2f4ea48f2e44e778\"\u003e\u003ccode\u003ec8cb846\u003c/code\u003e\u003c/a\u003e update deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/1f0c2c9006b10199cf2686f8ef43e79a1773e1aa\"\u003e\u003ccode\u003e1f0c2c9\u003c/code\u003e\u003c/a\u003e 7.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/fbb08518bf290733b68ca4d4135f75becf73fd75\"\u003e\u003ccode\u003efbb0851\u003c/code\u003e\u003c/a\u003e build minified version as default export\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6b8eba0ef367ac937e703238daa6df94ae6f823f\"\u003e\u003ccode\u003e6b8eba0\u003c/code\u003e\u003c/a\u003e 7.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2cb1120bcefe28d7ecc719b41441ade59c52e384\"\u003e\u003ccode\u003e2cb1120\u003c/code\u003e\u003c/a\u003e fix(unpack): improve UnpackSync symlink error \u0026quot;into\u0026quot; path accuracy\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.2...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `undici` from 6.22.0 to 6.24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodejs/undici/releases\"\u003eundici's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.24.0\u003c/h2\u003e\n\u003ch1\u003eUndici v6.24.0 Security Release Notes (LTS)\u003c/h1\u003e\n\u003cp\u003eThis release backports fixes for security vulnerabilities affecting the v6 line.\u003c/p\u003e\n\u003ch2\u003eUpgrade guidance\u003c/h2\u003e\n\u003cp\u003eAll users on v6 should upgrade to \u003cstrong\u003ev6.24.0\u003c/strong\u003e or later.\u003c/p\u003e\n\u003ch2\u003eFixed advisories\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm\"\u003eGHSA-2mjp-6q6p-2qxm\u003c/a\u003e / CVE-2026-1525 (Medium)\u003cbr /\u003e\nInconsistent interpretation of HTTP requests (request/response smuggling class issue).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj\"\u003eGHSA-f269-vfmq-vjvj\u003c/a\u003e / CVE-2026-1528 (High)\u003cbr /\u003e\nMalicious WebSocket 64-bit frame length handling could crash the client.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq\"\u003eGHSA-4992-7rv2-5pvq\u003c/a\u003e / CVE-2026-1527 (Medium)\u003cbr /\u003e\nCRLF injection via the \u003ccode\u003eupgrade\u003c/code\u003e option.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8\"\u003eGHSA-v9p9-hfj2-hcw8\u003c/a\u003e / CVE-2026-2229 (High)\u003cbr /\u003e\nUnhandled exception from invalid \u003ccode\u003eserver_max_window_bits\u003c/code\u003e in WebSocket permessage-deflate negotiation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q\"\u003eGHSA-vrm6-8vpv-qv8q\u003c/a\u003e / CVE-2026-1526 (High)\u003cbr /\u003e\nUnbounded memory consumption in WebSocket permessage-deflate decompression.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNot applicable to v6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h\"\u003eGHSA-phc3-fgpg-7m6h\u003c/a\u003e / CVE-2026-2581 affects \u003ccode\u003e\u0026gt;= 7.17.0 \u0026lt; 7.24.0\u003c/code\u003e only.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAffected and patched ranges (v6)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-1525: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1528: affected \u003ccode\u003e\u0026gt;= 6.0.0 \u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1527: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-2229: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1526: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eReferences\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGitHub Security Advisories: \u003ca href=\"https://github.com/nodejs/undici/security/advisories\"\u003ehttps://github.com/nodejs/undici/security/advisories\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1525: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1525\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1528: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1528\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1527: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1527\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-2229: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-2229\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-2229\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1526: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1526\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1526\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.23.0\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/8873c947271faf1ebc455bdc6158ecbc022ecfa9\"\u003e\u003ccode\u003e8873c94\u003c/code\u003e\u003c/a\u003e Bumped v6.24.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/411bd01a42e7917009bbf686f7628b99d67bbce9\"\u003e\u003ccode\u003e411bd01\u003c/code\u003e\u003c/a\u003e test(websocket): use node:assert for Node 18 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/844bf59699d778944f78a24ae819c0e8f295766e\"\u003e\u003ccode\u003e844bf59\u003c/code\u003e\u003c/a\u003e test: fix http2 lint regressions in backport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/a444e4f13e8958b4e1ac42bc0d53ace7fba0a9c1\"\u003e\u003ccode\u003ea444e4f\u003c/code\u003e\u003c/a\u003e test: stabilize h2 and tls-cert-leak under current test runner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/dc032a1050d5489b8ce9b4c22aafba98a942f87b\"\u003e\u003ccode\u003edc032a1\u003c/code\u003e\u003c/a\u003e fix: h2 CI (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4395\"\u003e#4395\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/4cd3f4b3a2ef910ba728c47ae78294d956410450\"\u003e\u003ccode\u003e4cd3f4b\u003c/code\u003e\u003c/a\u003e test: increase bitness in \u003ccode\u003etest/fixtures/*.pem\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/3659\"\u003e#3659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/7df6442194b7a54e9ac734335e6e0a56a9bc6666\"\u003e\u003ccode\u003e7df6442\u003c/code\u003e\u003c/a\u003e fix: adapt websocket frame-limit handling for v6 parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/4e0179ae643e6f4380f24cc3683c1b1ca2afb094\"\u003e\u003ccode\u003e4e0179a\u003c/code\u003e\u003c/a\u003e fix: reject duplicate content-length and host headers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/5a97f0893b53ba7d1d5549d3df7e55d9c2673f89\"\u003e\u003ccode\u003e5a97f08\u003c/code\u003e\u003c/a\u003e Fix websocket 64-bit length overflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/e43e898603dd5e0c14a75b08b83257598d664a39\"\u003e\u003ccode\u003ee43e898\u003c/code\u003e\u003c/a\u003e fix: validate upgrade header to prevent CRLF injection\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodejs/undici/compare/v6.22.0...v6.24.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 8.17.1 to 8.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ajv-validator/ajv/releases\"\u003eajv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow tree-shaking by adding \u003ccode\u003e\u0026quot;sideEffects\u0026quot;: false\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e by \u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2487\"\u003eajv-validator/ajv#2487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: small grammatical error in managing-schemas.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: typos in schema-language.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2507\"\u003eajv-validator/ajv#2507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(pattern): use configured RegExp engine with $data keyword to mitigate ReDoS attacks (CVE-2025-69873) by \u003ca href=\"https://github.com/epoberezkin\"\u003e\u003ccode\u003e@​epoberezkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2586\"\u003eajv-validator/ajv#2586\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/142ce84b807c4fe66e619c22480a28d0e4bd50fa\"\u003e\u003ccode\u003e142ce84\u003c/code\u003e\u003c/a\u003e 8.18.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/720a23fa453ffae8340e92c9b0fe886c54cfe0d5\"\u003e\u003ccode\u003e720a23f\u003c/code\u003e\u003c/a\u003e fix(pattern): use configured RegExp engine with $data keyword to mitigate ReD...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/82735a15826a30cc51e97a1bbfb59b3d388e4b98\"\u003e\u003ccode\u003e82735a1\u003c/code\u003e\u003c/a\u003e fix: typos in schema-language.md (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2507\"\u003e#2507\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b17ec32cd97542e90ae27231d8a8bce88b9e53b6\"\u003e\u003ccode\u003eb17ec32\u003c/code\u003e\u003c/a\u003e fix: small grammatical error in managing-schemas.md (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2508\"\u003e#2508\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/69568d08564303e2c32a2de61feb833b41075f96\"\u003e\u003ccode\u003e69568d0\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/f06766f33ed7291f84c19f22a1286a34475fbdaf\"\u003e\u003ccode\u003ef06766f\u003c/code\u003e\u003c/a\u003e feat: allow tree-shaking by adding ``\u0026quot;sideEffects\u0026quot;: false\u003ccode\u003eto\u003c/code\u003epackage.json` ...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-uri` from 3.0.6 to 3.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fast-uri/releases\"\u003efast-uri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.2\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc\"\u003ehttps://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHandle malformed fragment decoding as a parse error by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/171\"\u003efastify/fast-uri#171\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2\"\u003ehttps://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6\"\u003ehttps://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump tsd from 0.32.0 to 0.33.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/148\"\u003efastify/fast-uri#148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/149\"\u003efastify/fast-uri#149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(.npmrc): ignore scripts by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/150\"\u003efastify/fast-uri#150\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): remove \u003ccode\u003e@​fastify/pre-commit\u003c/code\u003e by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/151\"\u003efastify/fast-uri#151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/152\"\u003efastify/fast-uri#152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): add concurrency config by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/153\"\u003efastify/fast-uri#153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/154\"\u003efastify/fast-uri#154\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/156\"\u003efastify/fast-uri#156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/159\"\u003efastify/fast-uri#159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/161\"\u003efastify/fast-uri#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: remove unused github files by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/162\"\u003efastify/fast-uri#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update readme by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/164\"\u003efastify/fast-uri#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-manager.yml fr...\n\n_Description has been truncated_\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpgrade dependencies across the monorepo to pick up security fixes and keep build/test tooling current. Notable bumps include `esbuild` 0.28, `vitest` 3.x/4.x, `undici` 6.24 (CLI) and 8.4 (core), `simple-git` 3.36, `@modelcontextprotocol/sdk` 1.26, `diff` 9, and `uuid` 14.\n\n- **Dependencies**\n  - Security: `undici` (WS/HTTP fixes), `fast-uri` (parsing), `ajv` (ReDoS), `tar`, `@modelcontextprotocol/sdk` (transport leak), plus patches to `markdown-it` and `ws`.\n  - Tooling: `esbuild` → 0.28, `vitest` → 3.x/4.x, `postcss` → 8.5.15; `rollup` updated indirectly.\n  - Runtime libs: `simple-git` → 3.36 (safer config handling), `diff` → 9 (ES6 baseline), `uuid` → 14, `fast-uri` in core → 4.x, minor bumps to `shell-quote` and others.\n\n\u003csup\u003eWritten for commit 01778b00fde90665f5e4cfe77197b3c9629d60e3. Summary will update on new commits.\u003c/sup\u003e\n\n\u003ca href=\"https://cubic.dev/pr/EmilynnJ/qwen-code/pull/9?utm_source=github\" target=\"_blank\" rel=\"noopener noreferrer\" data-no-image-dialog=\"true\"\u003e\u003cpicture\u003e\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://www.cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://www.cubic.dev/buttons/review-in-cubic-light.svg\"\u003e\u003cimg alt=\"Review in cubic\" src=\"https://www.cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003c/picture\u003e\u003c/a\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n\n\n\u003c!-- Macroscope's pull request summary starts here --\u003e\n\u003c!-- Macroscope will only edit the content between these invisible markers, and the markers themselves will not be visible in the GitHub rendered markdown. --\u003e\n\u003c!-- If you delete either of the start / end markers from your PR's description, Macroscope will append its summary at the bottom of the description. --\u003e\n\u003e [!NOTE]\n\u003e ### Bump npm dependencies across workspace packages\n\u003e - Updates `esbuild` to ^0.28.1, `vitest` to ^3.2.6/^4.1.8, `simple-git` to ^3.36.0, `diff` to ^9.0.0, `undici` to ^6.24.0/^8.4.1, `uuid` to ^14.0.0, `@opentelemetry/sdk-node` to ^0.219.0, and several other packages across the monorepo.\n\u003e - Risk: Major version bumps for `uuid` (v9→v14), `undici` (v6→v8 in core), `fast-uri` (v3→v4), and `diff` (v7→v9) may include breaking API changes.\n\u003e\n\u003e \u003c!-- Macroscope's review summary starts here --\u003e\n\u003e\n\u003e \u003csup\u003e\u003ca href=\"https://app.macroscope.com\"\u003eMacroscope\u003c/a\u003e summarized 01778b0.\u003c/sup\u003e\n\u003e \u003c!-- Macroscope's review summary ends here --\u003e\n\u003e\n\u003c!-- macroscope-ui-refresh --\u003e\n\u003c!-- Macroscope's pull request summary ends here --\u003e","html_url":"https://github.com/EmilynnJ/qwen-code/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/EmilynnJ%2Fqwen-code/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"},{"uuid":"4656859206","node_id":"PR_kwDOJ7Nq587mIdtQ","number":1162,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 2 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-13T20:34:01.000Z","updated_at":"2026-06-14T01:07:51.519Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":2,"packages":[{"name":"postcss","old_version":"8.5.6","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"ajv","old_version":"8.17.1","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"postcss","old_version":"8.5.6","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /modules/web/packages/ui directory: [postcss](https://github.com/postcss/postcss).\nBumps the npm_and_yarn group with 2 updates in the /modules/web/web-app directory: [ajv](https://github.com/ajv-validator/ajv) and [postcss](https://github.com/postcss/postcss).\n\nUpdates `postcss` from 8.5.6 to 8.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986\"\u003e\u003ccode\u003e33b9790\u003c/code\u003e\u003c/a\u003e Release 8.5.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b\"\u003e\u003ccode\u003e536c79e\u003c/code\u003e\u003c/a\u003e Escape \u0026lt;/style\u0026gt; in CSS output (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2074\"\u003e#2074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4\"\u003e\u003ccode\u003eafa96b2\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2073\"\u003e#2073\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d\"\u003e\u003ccode\u003eeffe88b\u003c/code\u003e\u003c/a\u003e Typo (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2072\"\u003e#2072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad\"\u003e\u003ccode\u003e3ee79a2\u003c/code\u003e\u003c/a\u003e Thread model (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01\"\u003e\u003ccode\u003e2e0683d\u003c/code\u003e\u003c/a\u003e Create incident response docs (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/fe88ac29c06b7b218be32994cdc6ca1525bdf2c9\"\u003e\u003ccode\u003efe88ac2\u003c/code\u003e\u003c/a\u003e Release 8.5.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/c551632496b87ab3f1965bfda5dc386b6c71963e\"\u003e\u003ccode\u003ec551632\u003c/code\u003e\u003c/a\u003e Avoid RegExp when we can use simple JS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/89a6b744060eb8dee743351c785a9fbe37d4525a\"\u003e\u003ccode\u003e89a6b74\u003c/code\u003e\u003c/a\u003e Move SECURITY.txt for docs folder to keep GitHub page cleaner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/6ceb8a46af9f9de821faee98f861bdf84617347b\"\u003e\u003ccode\u003e6ceb8a4\u003c/code\u003e\u003c/a\u003e Create SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.5.6...8.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 8.17.1 to 8.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ajv-validator/ajv/releases\"\u003eajv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow tree-shaking by adding \u003ccode\u003e\u0026quot;sideEffects\u0026quot;: false\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e by \u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2487\"\u003eajv-validator/ajv#2487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: small grammatical error in managing-schemas.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: typos in schema-language.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2507\"\u003eajv-validator/ajv#2507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(pattern): use configured RegExp engine with $data keyword to mitigate ReDoS attacks (CVE-2025-69873) by \u003ca href=\"https://github.com/epoberezkin\"\u003e\u003ccode\u003e@​epoberezkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2586\"\u003eajv-validator/ajv#2586\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/142ce84b807c4fe66e619c22480a28d0e4bd50fa\"\u003e\u003ccode\u003e142ce84\u003c/code\u003e\u003c/a\u003e 8.18.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/720a23fa453ffae8340e92c9b0fe886c54cfe0d5\"\u003e\u003ccode\u003e720a23f\u003c/code\u003e\u003c/a\u003e fix(pattern): use configured RegExp engine with $data keyword to mitigate ReD...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/82735a15826a30cc51e97a1bbfb59b3d388e4b98\"\u003e\u003ccode\u003e82735a1\u003c/code\u003e\u003c/a\u003e fix: typos in schema-language.md (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2507\"\u003e#2507\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b17ec32cd97542e90ae27231d8a8bce88b9e53b6\"\u003e\u003ccode\u003eb17ec32\u003c/code\u003e\u003c/a\u003e fix: small grammatical error in managing-schemas.md (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2508\"\u003e#2508\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/69568d08564303e2c32a2de61feb833b41075f96\"\u003e\u003ccode\u003e69568d0\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/f06766f33ed7291f84c19f22a1286a34475fbdaf\"\u003e\u003ccode\u003ef06766f\u003c/code\u003e\u003c/a\u003e feat: allow tree-shaking by adding ``\u0026quot;sideEffects\u0026quot;: false\u003ccode\u003eto\u003c/code\u003epackage.json` ...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.5.6 to 8.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986\"\u003e\u003ccode\u003e33b9790\u003c/code\u003e\u003c/a\u003e Release 8.5.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b\"\u003e\u003ccode\u003e536c79e\u003c/code\u003e\u003c/a\u003e Escape \u0026lt;/style\u0026gt; in CSS output (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2074\"\u003e#2074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4\"\u003e\u003ccode\u003eafa96b2\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2073\"\u003e#2073\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d\"\u003e\u003ccode\u003eeffe88b\u003c/code\u003e\u003c/a\u003e Typo (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2072\"\u003e#2072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad\"\u003e\u003ccode\u003e3ee79a2\u003c/code\u003e\u003c/a\u003e Thread model (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01\"\u003e\u003ccode\u003e2e0683d\u003c/code\u003e\u003c/a\u003e Create incident response docs (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/fe88ac29c06b7b218be32994cdc6ca1525bdf2c9\"\u003e\u003ccode\u003efe88ac2\u003c/code\u003e\u003c/a\u003e Release 8.5.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/c551632496b87ab3f1965bfda5dc386b6c71963e\"\u003e\u003ccode\u003ec551632\u003c/code\u003e\u003c/a\u003e Avoid RegExp when we can use simple JS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/89a6b744060eb8dee743351c785a9fbe37d4525a\"\u003e\u003ccode\u003e89a6b74\u003c/code\u003e\u003c/a\u003e Move SECURITY.txt for docs folder to keep GitHub page cleaner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/6ceb8a46af9f9de821faee98f861bdf84617347b\"\u003e\u003ccode\u003e6ceb8a4\u003c/code\u003e\u003c/a\u003e Create SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.5.6...8.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/meteroid-oss/meteroid/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/meteroid-oss/meteroid/pull/1162","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/meteroid-oss%2Fmeteroid/issues/1162","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1162/packages"},{"uuid":"4654295461","node_id":"PR_kwDON9fcd87mAx5E","number":24,"state":"closed","title":"build(deps): Bump the npm_and_yarn group across 9 directories with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-14T00:51:10.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-13T04:08:22.000Z","updated_at":"2026-06-14T00:51:12.000Z","time_to_close":74568,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): Bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"rollup","old_version":"4.31.0","new_version":"4.59.0","repository_url":"https://github.com/rollup/rollup"},{"name":"vite","old_version":"6.1.6","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"flatted","old_version":"3.3.2","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.2.0","repository_url":"https://github.com/nodeca/js-yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /plugins/package-managers/node/src/funTest/assets/projects/synthetic/npm/babel directory: [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 1 update in the /plugins/package-managers/node/src/funTest/assets/projects/synthetic/npm/node-modules directory: [undici](https://github.com/nodejs/undici).\nBumps the npm_and_yarn group with 1 update in the /plugins/package-managers/node/src/funTest/assets/projects/synthetic/npm/project-with-lockfile directory: [undici](https://github.com/nodejs/undici).\nBumps the npm_and_yarn group with 1 update in the /plugins/package-managers/node/src/funTest/assets/projects/synthetic/npm/workspaces directory: [glob](https://github.com/isaacs/node-glob).\nBumps the npm_and_yarn group with 2 updates in the /plugins/package-managers/node/src/funTest/assets/projects/synthetic/yarn/babel directory: [lodash](https://github.com/lodash/lodash) and [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 1 update in the /plugins/package-managers/node/src/funTest/assets/projects/synthetic/yarn/project-with-lockfile directory: [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 1 update in the /plugins/package-managers/node/src/funTest/assets/projects/synthetic/yarn2/project-with-lockfile directory: [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 7 updates in the /plugins/reporters/web-app-template directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [rollup](https://github.com/rollup/rollup) | `4.31.0` | `4.59.0` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.1.6` | `6.4.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.2` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.2.0` |\n\nBumps the npm_and_yarn group with 11 updates in the /website directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [undici](https://github.com/nodejs/undici) | `6.21.1` | `6.26.0` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.25.9` | `7.29.7` |\n| [fast-uri](https://github.com/fastify/fast-uri) | `3.0.1` | `3.1.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.6` | `1.16.0` |\n| [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast) | `13.2.0` | `13.2.1` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.1` | `1.4.0` |\n| [shell-quote](https://github.com/ljharb/shell-quote) | `1.8.1` | `1.8.4` |\n| [svgo](https://github.com/svg/svgo) | `3.3.2` | `3.3.3` |\n| [webpack](https://github.com/webpack/webpack) | `5.96.1` | `5.107.2` |\n| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `4.15.2` | `5.2.5` |\n\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `undici` from 6.21.3 to 6.26.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodejs/undici/releases\"\u003eundici's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.26.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: validate EOF for chunked h1 responses by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5308\"\u003enodejs/undici#5308\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v6.25.0...v6.26.0\"\u003ehttps://github.com/nodejs/undici/compare/v6.25.0...v6.26.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.25.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v6.24.1...v6.25.0\"\u003ehttps://github.com/nodejs/undici/compare/v6.24.1...v6.25.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.24.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v6.24.0...v6.24.1\"\u003ehttps://github.com/nodejs/undici/compare/v6.24.0...v6.24.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.24.0\u003c/h2\u003e\n\u003ch1\u003eUndici v6.24.0 Security Release Notes (LTS)\u003c/h1\u003e\n\u003cp\u003eThis release backports fixes for security vulnerabilities affecting the v6 line.\u003c/p\u003e\n\u003ch2\u003eUpgrade guidance\u003c/h2\u003e\n\u003cp\u003eAll users on v6 should upgrade to \u003cstrong\u003ev6.24.0\u003c/strong\u003e or later.\u003c/p\u003e\n\u003ch2\u003eFixed advisories\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm\"\u003eGHSA-2mjp-6q6p-2qxm\u003c/a\u003e / CVE-2026-1525 (Medium)\u003cbr /\u003e\nInconsistent interpretation of HTTP requests (request/response smuggling class issue).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj\"\u003eGHSA-f269-vfmq-vjvj\u003c/a\u003e / CVE-2026-1528 (High)\u003cbr /\u003e\nMalicious WebSocket 64-bit frame length handling could crash the client.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq\"\u003eGHSA-4992-7rv2-5pvq\u003c/a\u003e / CVE-2026-1527 (Medium)\u003cbr /\u003e\nCRLF injection via the \u003ccode\u003eupgrade\u003c/code\u003e option.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8\"\u003eGHSA-v9p9-hfj2-hcw8\u003c/a\u003e / CVE-2026-2229 (High)\u003cbr /\u003e\nUnhandled exception from invalid \u003ccode\u003eserver_max_window_bits\u003c/code\u003e in WebSocket permessage-deflate negotiation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q\"\u003eGHSA-vrm6-8vpv-qv8q\u003c/a\u003e / CVE-2026-1526 (High)\u003cbr /\u003e\nUnbounded memory consumption in WebSocket permessage-deflate decompression.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNot applicable to v6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h\"\u003eGHSA-phc3-fgpg-7m6h\u003c/a\u003e / CVE-2026-2581 affects \u003ccode\u003e\u0026gt;= 7.17.0 \u0026lt; 7.24.0\u003c/code\u003e only.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAffected and patched ranges (v6)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-1525: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1528: affected \u003ccode\u003e\u0026gt;= 6.0.0 \u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/768beacd331786c6a1ca61dd81938fca041a45b5\"\u003e\u003ccode\u003e768beac\u003c/code\u003e\u003c/a\u003e Bumped v6.26.0 (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5323\"\u003e#5323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/7917b254484132f848fb785afbc398b1cfba389f\"\u003e\u003ccode\u003e7917b25\u003c/code\u003e\u003c/a\u003e fix: validate EOF for chunked h1 responses (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5308\"\u003e#5308\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/3420499cad88e72e04972b7bb28dd9f2ec2638ac\"\u003e\u003ccode\u003e3420499\u003c/code\u003e\u003c/a\u003e Bumped v6.25.0 (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5029\"\u003e#5029\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/d7a1e55fbe9607e8b56a10b4be129ca63d16014b\"\u003e\u003ccode\u003ed7a1e55\u003c/code\u003e\u003c/a\u003e feat: add configurable maxPayloadSize for WebSocket (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4955\"\u003e#4955\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/a9d1848fa18d351813e9563bb7653acf1e3c60ad\"\u003e\u003ccode\u003ea9d1848\u003c/code\u003e\u003c/a\u003e Do not mark v6.x releases as latest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/01265866974369f75f939109969097e45e72b1e1\"\u003e\u003ccode\u003e0126586\u003c/code\u003e\u003c/a\u003e Ignore local agent configuration files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/c0cf656ef5e66f7372a7e57d08c6cbdd5b127e82\"\u003e\u003ccode\u003ec0cf656\u003c/code\u003e\u003c/a\u003e Bumped v6.24.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/f5a9f0ccbe958e7d0cfd7b63a9a8d195378ac6f6\"\u003e\u003ccode\u003ef5a9f0c\u003c/code\u003e\u003c/a\u003e Fix v6 release workflow branch targeting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/af2cb8fe01320f189394bef193c2d5b441fcfe6f\"\u003e\u003ccode\u003eaf2cb8f\u003c/code\u003e\u003c/a\u003e wqremove maxDecompressedMessageSize (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4891\"\u003e#4891\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/8873c947271faf1ebc455bdc6158ecbc022ecfa9\"\u003e\u003ccode\u003e8873c94\u003c/code\u003e\u003c/a\u003e Bumped v6.24.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodejs/undici/compare/v6.21.3...v6.26.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for undici since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `undici` from 6.21.3 to 6.26.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodejs/undici/releases\"\u003eundici's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.26.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: validate EOF for chunked h1 responses by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5308\"\u003enodejs/undici#5308\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v6.25.0...v6.26.0\"\u003ehttps://github.com/nodejs/undici/compare/v6.25.0...v6.26.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.25.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v6.24.1...v6.25.0\"\u003ehttps://github.com/nodejs/undici/compare/v6.24.1...v6.25.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.24.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v6.24.0...v6.24.1\"\u003ehttps://github.com/nodejs/undici/compare/v6.24.0...v6.24.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.24.0\u003c/h2\u003e\n\u003ch1\u003eUndici v6.24.0 Security Release Notes (LTS)\u003c/h1\u003e\n\u003cp\u003eThis release backports fixes for security vulnerabilities affecting the v6 line.\u003c/p\u003e\n\u003ch2\u003eUpgrade guidance\u003c/h2\u003e\n\u003cp\u003eAll users on v6 should upgrade to \u003cstrong\u003ev6.24.0\u003c/strong\u003e or later.\u003c/p\u003e\n\u003ch2\u003eFixed advisories\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm\"\u003eGHSA-2mjp-6q6p-2qxm\u003c/a\u003e / CVE-2026-1525 (Medium)\u003cbr /\u003e\nInconsistent interpretation of HTTP requests (request/response smuggling class issue).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj\"\u003eGHSA-f269-vfmq-vjvj\u003c/a\u003e / CVE-2026-1528 (High)\u003cbr /\u003e\nMalicious WebSocket 64-bit frame length handling could crash the client.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq\"\u003eGHSA-4992-7rv2-5pvq\u003c/a\u003e / CVE-2026-1527 (Medium)\u003cbr /\u003e\nCRLF injection via the \u003ccode\u003eupgrade\u003c/code\u003e option.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8\"\u003eGHSA-v9p9-hfj2-hcw8\u003c/a\u003e / CVE-2026-2229 (High)\u003cbr /\u003e\nUnhandled exception from invalid \u003ccode\u003eserver_max_window_bits\u003c/code\u003e in WebSocket permessage-deflate negotiation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q\"\u003eGHSA-vrm6-8vpv-qv8q\u003c/a\u003e / CVE-2026-1526 (High)\u003cbr /\u003e\nUnbounded memory consumption in WebSocket permessage-deflate decompression.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNot applicable to v6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h\"\u003eGHSA-phc3-fgpg-7m6h\u003c/a\u003e / CVE-2026-2581 affects \u003ccode\u003e\u0026gt;= 7.17.0 \u0026lt; 7.24.0\u003c/code\u003e only.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAffected and patched ranges (v6)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-1525: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1528: affected \u003ccode\u003e\u0026gt;= 6.0.0 \u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/768beacd331786c6a1ca61dd81938fca041a45b5\"\u003e\u003ccode\u003e768beac\u003c/code\u003e\u003c/a\u003e Bumped v6.26.0 (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5323\"\u003e#5323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/7917b254484132f848fb785afbc398b1cfba389f\"\u003e\u003ccode\u003e7917b25\u003c/code\u003e\u003c/a\u003e fix: validate EOF for chunked h1 responses (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5308\"\u003e#5308\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/3420499cad88e72e04972b7bb28dd9f2ec2638ac\"\u003e\u003ccode\u003e3420499\u003c/code\u003e\u003c/a\u003e Bumped v6.25.0 (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5029\"\u003e#5029\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/d7a1e55fbe9607e8b56a10b4be129ca63d16014b\"\u003e\u003ccode\u003ed7a1e55\u003c/code\u003e\u003c/a\u003e feat: add configurable maxPayloadSize for WebSocket (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4955\"\u003e#4955\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/a9d1848fa18d351813e9563bb7653acf1e3c60ad\"\u003e\u003ccode\u003ea9d1848\u003c/code\u003e\u003c/a\u003e Do not mark v6.x releases as latest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/01265866974369f75f939109969097e45e72b1e1\"\u003e\u003ccode\u003e0126586\u003c/code\u003e\u003c/a\u003e Ignore local agent configuration files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/c0cf656ef5e66f7372a7e57d08c6cbdd5b127e82\"\u003e\u003ccode\u003ec0cf656\u003c/code\u003e\u003c/a\u003e Bumped v6.24.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/f5a9f0ccbe958e7d0cfd7b63a9a8d195378ac6f6\"\u003e\u003ccode\u003ef5a9f0c\u003c/code\u003e\u003c/a\u003e Fix v6 release workflow branch targeting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/af2cb8fe01320f189394bef193c2d5b441fcfe6f\"\u003e\u003ccode\u003eaf2cb8f\u003c/code\u003e\u003c/a\u003e wqremove maxDecompressedMessageSize (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4891\"\u003e#4891\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/8873c947271faf1ebc455bdc6158ecbc022ecfa9\"\u003e\u003ccode\u003e8873c94\u003c/code\u003e\u003c/a\u003e Bumped v6.24.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodejs/undici/compare/v6.21.3...v6.26.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for undici since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.3.10 to 13.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/e80cb38ae60d6cbff9e75f39032a994858994d35\"\u003e\u003ccode\u003ee80cb38\u003c/code\u003e\u003c/a\u003e 13.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/9cdbbfff75c64fb158c8842d4d0eb3e908676a41\"\u003e\u003ccode\u003e9cdbbff\u003c/code\u003e\u003c/a\u003e revert tsgo, not ready for test coverage correctness yet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/89c99ba8e276438b8e31ce878b63186e2cd375b4\"\u003e\u003ccode\u003e89c99ba\u003c/code\u003e\u003c/a\u003e use tsgo compiler\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/b7275d54f294174607f544acf07cc7ec526b7878\"\u003e\u003ccode\u003eb7275d5\u003c/code\u003e\u003c/a\u003e update deps, expand engines to include node 18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/942e360a669e0c378c0abd261e7d329ca2cee661\"\u003e\u003ccode\u003e942e360\u003c/code\u003e\u003c/a\u003e update workflows, pull taprc out of package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/4a0d53c7531f3f0df97f9e4d26c78489e7f6d7ef\"\u003e\u003ccode\u003e4a0d53c\u003c/code\u003e\u003c/a\u003e update tap for mockImport bugfix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/ef94ad2696c12129628208cf4e38575e7240c1c4\"\u003e\u003ccode\u003eef94ad2\u003c/code\u003e\u003c/a\u003e update tap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/180c2d43cb135f134c0c5446408dc107c79a5a9b\"\u003e\u003ccode\u003e180c2d4\u003c/code\u003e\u003c/a\u003e update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/37993c86faddcb780458b2d7ae3c2ead7a84bf31\"\u003e\u003ccode\u003e37993c8\u003c/code\u003e\u003c/a\u003e remove stray console.error in test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/03ae4c244cac6331817158b0bc12effd30deeb43\"\u003e\u003ccode\u003e03ae4c2\u003c/code\u003e\u003c/a\u003e 13.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.3.10...v13.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 9.0.3 to 10.2.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rollup` from 4.31.0 to 4.59.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/releases\"\u003erollup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.59.0\u003c/h2\u003e\n\u003ch2\u003e4.59.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow when the generated bundle contains paths that would leave the output directory (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6276\"\u003e#6276\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6275\"\u003e#6275\u003c/a\u003e: Validate bundle stays within output dir (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.58.0\u003c/h2\u003e\n\u003ch2\u003e4.58.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-20\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAlso support \u003ccode\u003e__NO_SIDE_EFFECTS__\u003c/code\u003e annotation before variable declarations declaring function expressions (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6272\"\u003e#6272\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6256\"\u003e#6256\u003c/a\u003e: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (\u003ca href=\"https://github.com/njg7194\"\u003e\u003ccode\u003e@​njg7194\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6259\"\u003e#6259\u003c/a\u003e: docs: Correct typo and improve sentence structure in docs for \u003ccode\u003eoutput.experimentalMinChunkSize\u003c/code\u003e (\u003ca href=\"https://github.com/millerick\"\u003e\u003ccode\u003e@​millerick\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6260\"\u003e#6260\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v47 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6261\"\u003e#6261\u003c/a\u003e: fix(deps): lock file maintenance minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6262\"\u003e#6262\u003c/a\u003e: Avoid unnecessary cloning of the code string (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6263\"\u003e#6263\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6265\"\u003e#6265\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca hre...\n\n_Description has been truncated_","html_url":"https://github.com/coutureb/ort/pull/24","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/coutureb%2Fort/issues/24","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/24/packages"},{"uuid":"4653852520","node_id":"PR_kwDOQpX1xc7l_XsE","number":200,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 6 directories with 10 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-13T01:48:30.000Z","updated_at":"2026-06-13T01:48:34.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":10,"packages":[{"name":"esbuild","old_version":"0.28.0","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"},{"name":"@hono/node-server","old_version":"1.19.11","new_version":"1.19.13","repository_url":"https://github.com/honojs/node-server"},{"name":"esbuild","old_version":"0.25.12","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"},{"name":"@modelcontextprotocol/sdk","old_version":"1.25.2","new_version":"1.26.0","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"esbuild","old_version":"0.28.0","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"},{"name":"ip-address","old_version":"10.1.0","new_version":"10.2.0"},{"name":"esbuild","old_version":"0.25.12","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"},{"name":"ws","old_version":"8.18.0","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"ajv","old_version":"6.12.6","new_version":"8.20.0","repository_url":"https://github.com/ajv-validator/ajv"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 2 updates in the / directory: [esbuild](https://github.com/evanw/esbuild) and [@hono/node-server](https://github.com/honojs/node-server).\nBumps the npm_and_yarn group with 1 update in the /apps/tormentnexus-extension directory: [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 2 updates in the /borg directory: [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) and [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 2 updates in the /borg/apps/tormentnexus-extension directory: [esbuild](https://github.com/evanw/esbuild) and [ws](https://github.com/websockets/ws).\nBumps the npm_and_yarn group with 3 updates in the /borg/research/OpenQode/bin/goose-ultra-final directory: [esbuild](https://github.com/evanw/esbuild), [ajv](https://github.com/ajv-validator/ajv) and [shell-quote](https://github.com/ljharb/shell-quote).\nBumps the npm_and_yarn group with 3 updates in the /research/OpenQode/bin/goose-ultra-final directory: [esbuild](https://github.com/evanw/esbuild), [@tootallnate/once](https://github.com/TooTallNate/once) and [shell-quote](https://github.com/ljharb/shell-quote).\n\nUpdates `esbuild` from 0.28.0 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\n{\n  using x = new Resource()\n  x.activate()\n}\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nnew (foo()`bar`)()\nnew (foo()?.bar)()\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.28.0...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@hono/node-server` from 1.19.11 to 1.19.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/node-server/releases\"\u003e@​hono/node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.13\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an issue in Serve Static Middleware where inconsistent handling of repeated slashes (\u003ccode\u003e//\u003c/code\u003e) between the router and static file resolution could allow middleware to be bypassed. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-92pp-h63x-v22m for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.12\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: ignore claude setting by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/314\"\u003ehonojs/node-server#314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: request draining for early 413 responses by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/329\"\u003ehonojs/node-server#329\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/fd64e659a34ec661fd9ccda00d1b9dff88dfaf90\"\u003e\u003ccode\u003efd64e65\u003c/code\u003e\u003c/a\u003e 1.19.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/025c30f55d589ddbe6048b151d77e904f67a8cc2\"\u003e\u003ccode\u003e025c30f\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/6cdb5a724952f3df5748e435637792068ebea6d9\"\u003e\u003ccode\u003e6cdb5a7\u003c/code\u003e\u003c/a\u003e 1.19.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/70250f780ec99d2ddc0dd8275a42f8e091e06e94\"\u003e\u003ccode\u003e70250f7\u003c/code\u003e\u003c/a\u003e fix: request draining for early 413 responses (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/329\"\u003e#329\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/cfc08b330a1f2e0a2d8cc7797cde389465b5f4fb\"\u003e\u003ccode\u003ecfc08b3\u003c/code\u003e\u003c/a\u003e chore: ignore claude setting (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.11...v1.19.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.25.12 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\n{\n  using x = new Resource()\n  x.activate()\n}\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nnew (foo()`bar`)()\nnew (foo()?.bar)()\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.28.0...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.25.2 to 1.26.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e@​modelcontextprotocol/sdk's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.26.0\u003c/h2\u003e\n\u003cp\u003eAddresses \u0026quot;Sharing server/transport instances can leak cross-client response data\u0026quot; in this GHSA \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: bump v1.25.3 for backport fixes by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1412\"\u003emodelcontextprotocol/typescript-sdk#1412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by \u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) by \u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.26.0 by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1479\"\u003emodelcontextprotocol/typescript-sdk#1479\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v1.x backport] Use correct schema for client sampling validation when tools are present by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1407\"\u003emodelcontextprotocol/typescript-sdk#1407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent Hono from overriding global Response object (v1.x) by \u003ca href=\"https://github.com/mattzcarey\"\u003e\u003ccode\u003e@​mattzcarey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1411\"\u003emodelcontextprotocol/typescript-sdk#1411\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/fe9c07b465871394c7069207c86513df9c1194a4\"\u003e\u003ccode\u003efe9c07b\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.26.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1479\"\u003e#1479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/4f01e7e0708e1a85ccc7dbf39e850005f2d9ff03\"\u003e\u003ccode\u003e4f01e7e\u003c/code\u003e\u003c/a\u003e fix: add non-null assertions for optional setupServer fields in stateful test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/a05be176cabeae1f933b676e3ce024bf02e2314d\"\u003e\u003ccode\u003ea05be17\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/50d9fa3cd12e807e7963bcb9e1548786d3d5d941\"\u003e\u003ccode\u003e50d9fa3\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1442\"\u003e#1442\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/aa81a66556fb4434d8a6d1b70f7ac9fc40b5d325\"\u003e\u003ccode\u003eaa81a66\u003c/code\u003e\u003c/a\u003e fix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x back...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/6aba0659654e1ff0699844524595922a61e44cb9\"\u003e\u003ccode\u003e6aba065\u003c/code\u003e\u003c/a\u003e chore: bump v1.25.3 for backport fixes (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1412\"\u003e#1412\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/6e8f7e1a43a819ae230373c62b82228dafd892c6\"\u003e\u003ccode\u003e6e8f7e1\u003c/code\u003e\u003c/a\u003e fix: prevent Hono from overriding global Response object (v1.x) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1411\"\u003e#1411\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/12ae856cee6ca58499cce24e80f650e78a0c7610\"\u003e\u003ccode\u003e12ae856\u003c/code\u003e\u003c/a\u003e [v1.x backport] Use correct schema for client sampling validation when tools ...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.26.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.28.0 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\n{\n  using x = new Resource()\n  x.activate()\n}\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nnew (foo()`bar`)()\nnew (foo()?.bar)()\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.28.0...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ip-address` from 10.1.0 to 10.2.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/80fccaae984618f35dc941efab55cf2440ab37e8\"\u003e\u003ccode\u003e80fccaa\u003c/code\u003e\u003c/a\u003e 10.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/abaeb4d817cab16d3a1a78abd249d1f116bd302e\"\u003e\u003ccode\u003eabaeb4d\u003c/code\u003e\u003c/a\u003e Type Address4.addressMinusSuffix as non-nilable (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/2878c294e1216f9a0b69ad1d3c57a3790a7d5e8e\"\u003e\u003ccode\u003e2878c29\u003c/code\u003e\u003c/a\u003e Preserve subnet prefix through Address6.to4() (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/123\"\u003e#123\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/203\"\u003e#203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/586666ee9e666464071761d7a453715f98b6caee\"\u003e\u003ccode\u003e586666e\u003c/code\u003e\u003c/a\u003e Reject trailing junk in Address6.fromURL (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/158\"\u003e#158\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/202\"\u003e#202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/80bc76eddf63df38db60defd5004bea919adf7ac\"\u003e\u003ccode\u003e80bc76e\u003c/code\u003e\u003c/a\u003e Validate static factories instead of silently overflowing (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/201\"\u003e#201\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/98927be9ef0c09f8ffcaf30b297405c9eff0a520\"\u003e\u003ccode\u003e98927be\u003c/code\u003e\u003c/a\u003e Clarify isValid() accepts CIDRs with host bits set (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/81\"\u003e#81\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/a0eb0732d6ac3088daa1106f4933eade41fd364a\"\u003e\u003ccode\u003ea0eb073\u003c/code\u003e\u003c/a\u003e Fix getScope() and broaden getType() classification (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/122\"\u003e#122\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/200\"\u003e#200\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/ec52105c87179129b9f091e97581e87b007824c7\"\u003e\u003ccode\u003eec52105\u003c/code\u003e\u003c/a\u003e Add networkForm() for CIDR network-address strings (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/199\"\u003e#199\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/a9443a72215b21a1e692be75cd3e18e8aa2262cb\"\u003e\u003ccode\u003ea9443a7\u003c/code\u003e\u003c/a\u003e Add isMapped4() predicate for IPv4-mapped IPv6 addresses (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/62\"\u003e#62\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/198\"\u003e#198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/f01d74267ed39f84521157e5f199edade9809f1e\"\u003e\u003ccode\u003ef01d742\u003c/code\u003e\u003c/a\u003e Add address-property predicates (private, ULA, loopback, link-local, etc.) (#...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/beaugunderson/ip-address/compare/v10.1.0...v10.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.25.12 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\n{\n  using x = new Resource()\n  x.activate()\n}\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nnew (foo()`bar`)()\nnew (foo()?.bar)()\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.28.0...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.18.0 to 8.20.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an uninitialized memory disclosure issue in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\n(c0327ec1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding a \u003ccode\u003eTypedArray\u003c/code\u003e (e.g. \u003ccode\u003eFloat32Array\u003c/code\u003e) as the \u003ccode\u003ereason\u003c/code\u003e argument for\n\u003ccode\u003ewebsocket.close()\u003c/code\u003e, rather than the supported string or \u003ccode\u003eBuffer\u003c/code\u003e types, caused\nuninitialized memory to be disclosed to the remote peer.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { deepStrictEqual } from 'node:assert';\r\nimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer(\n{ port: 0, skipUTF8Validation: true },\nfunction () {\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e, {\nskipUTF8Validation: true\n});\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ews.on('close', function (code, reason) {\r\n  deepStrictEqual(reason, Buffer.alloc(80));\r\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e}\n);\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.close(1000, new Float32Array(20));\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe issue was privately reported by \u003ca href=\"https://github.com/ChALkeR\"\u003eNikita Skovoroda\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e8.20.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded exports for the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and utilities for the\n\u003ccode\u003eSec-WebSocket-Extensions\u003c/code\u003e and \u003ccode\u003eSec-WebSocket-Protocol\u003c/code\u003e headers (d3503c1f).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.19.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecloseTimeout\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2308\"\u003e#2308\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eHandled a forthcoming breaking change in Node.js core (19984854).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/3ee5349a0b1580f6e1f347b59ec3371011bd8481\"\u003e\u003ccode\u003e3ee5349\u003c/code\u003e\u003c/a\u003e [api] Convert the \u003ccode\u003eisServer\u003c/code\u003e and \u003ccode\u003emaxPayload\u003c/code\u003e parameters to options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/91707b470ebd803aaa3fd1e896217740f39267d4\"\u003e\u003ccode\u003e91707b4\u003c/code\u003e\u003c/a\u003e [doc] Add missing space\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8b553192268810a83253e2a4a39ac16768e75bb3\"\u003e\u003ccode\u003e8b55319\u003c/code\u003e\u003c/a\u003e [pkg] Update eslint to version 10.0.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.18.0...8.20.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `esbuild`\n\nUpdates `ajv` from 6.12.6 to 8.20.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ajv-validator/ajv/releases\"\u003eajv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.20.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add support for node 22/24, drop node 16/21 by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2580\"\u003eajv-validator/ajv#2580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: add ES2022.RegExp for RegExpIndicesArray by \u003ca href=\"https://github.com/SignpostMarv\"\u003e\u003ccode\u003e@​SignpostMarv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2604\"\u003eajv-validator/ajv#2604\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.19.0...v8.20.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.19.0...v8.20.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix prototype pollution via format keyword using $data ref by \u003ca href=\"https://github.com/epoberezkin\"\u003e\u003ccode\u003e@​epoberezkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2607\"\u003eajv-validator/ajv#2607\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.18.0...v8.19.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.18.0...v8.19.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow tree-shaking by adding \u003ccode\u003e\u0026quot;sideEffects\u0026quot;: false\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e by \u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2487\"\u003eajv-validator/ajv#2487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: small grammatical error in managing-schemas.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: typos in schema-language.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2507\"\u003eajv-validator/ajv#2507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(pattern): use configured RegExp engine with $data keyword to mitigate ReDoS attacks (CVE-2025-69873) by \u003ca href=\"https://github.com/epoberezkin\"\u003e\u003ccode\u003e@​epoberezkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2586\"\u003eajv-validator/ajv#2586\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.17.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump version to 8.17.1 by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2472\"\u003eajv-validator/ajv#2472\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.0...v8.17.1\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.17.0...v8.17.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ePlus everything in 8.17.0 which failed to release\u003c/h2\u003e\n\u003cp\u003eThe only functional change is to switch from uri-js (which is no longer supported), to fast-uri. This is the second attempt and the team on fast-uri have been really helpful addressing the issues we found last time.\u003c/p\u003e\n\u003cp\u003eRevert \u0026quot;Revert fast-uri change (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2444\"\u003eajv-validator/ajv#2444\u003c/a\u003e)\u0026quot; by \u003ca href=\"https://github.com/gurgunday\"\u003e\u003ccode\u003e@​gurgunday\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2448\"\u003eajv-validator/ajv#2448\u003c/a\u003e\nfix: ignore new eslint error for \u003ccode\u003e@​typescript-eslint/no-extraneous-class\u003c/code\u003e by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2455\"\u003eajv-validator/ajv#2455\u003c/a\u003e\ndocs: clarify behaviour of addVocabulary by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2454\"\u003eajv-validator/ajv#2454\u003c/a\u003e\ndocs: refactor to improve legibility by \u003ca href=\"https://github.com/blottn\"\u003e\u003ccode\u003e@​blottn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://...\n\n_Description has been truncated_","html_url":"https://github.com/robertpelloni/TormentNexus/pull/200","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/robertpelloni%2FTormentNexus/issues/200","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/200/packages"},{"uuid":"4652820127","node_id":"PR_kwDOQBO5Ec7l8A-p","number":10,"state":"open","title":"Bump the npm_and_yarn group across 12 directories with 22 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-12T21:47:17.000Z","updated_at":"2026-06-12T21:52:17.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":22,"packages":[{"name":"ajv","old_version":"8.7.1","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"postcss","old_version":"8.4.38","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"uuid","old_version":"9.0.1","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"webpack","old_version":"5.97.0","new_version":"5.104.1","repository_url":"https://github.com/webpack/webpack"},{"name":"@babel/runtime","old_version":"7.25.7","new_version":"7.26.10","repository_url":"https://github.com/babel/babel"},{"name":"showdown","old_version":"1.9.1","new_version":"2.1.0","repository_url":"https://github.com/showdownjs/showdown"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"@octokit/request-error","old_version":"2.1.0","new_version":"5.1.1","repository_url":"https://github.com/octokit/request-error.js"},{"name":"webpack-dev-server","old_version":"4.15.2","new_version":"5.2.4","repository_url":"https://github.com/webpack/webpack-dev-server"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 9 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.7.1` | `8.18.0` |\n| [postcss](https://github.com/postcss/postcss) | `8.4.38` | `8.5.10` |\n| [uuid](https://github.com/uuidjs/uuid) | `9.0.1` | `14.0.0` |\n| [webpack](https://github.com/webpack/webpack) | `5.97.0` | `5.104.1` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.25.7` | `7.26.10` |\n| [showdown](https://github.com/showdownjs/showdown) | `1.9.1` | `2.1.0` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [@octokit/request-error](https://github.com/octokit/request-error.js) | `2.1.0` | `5.1.1` |\n| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `4.15.2` | `5.2.4` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/annotations directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/babel-preset-default directory: [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime).\nBumps the npm_and_yarn group with 2 updates in the /packages/blocks directory: [uuid](https://github.com/uuidjs/uuid) and [showdown](https://github.com/showdownjs/showdown).\nBumps the npm_and_yarn group with 1 update in the /packages/components directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/dataviews directory: [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime).\nBumps the npm_and_yarn group with 1 update in the /packages/e2e-tests directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/interface directory: [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime).\nBumps the npm_and_yarn group with 1 update in the /packages/project-management-automation directory: [@octokit/request-error](https://github.com/octokit/request-error.js).\nBumps the npm_and_yarn group with 1 update in the /packages/scripts directory: [webpack-dev-server](https://github.com/webpack/webpack-dev-server).\nBumps the npm_and_yarn group with 1 update in the /packages/upload-media directory: [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime).\nBumps the npm_and_yarn group with 4 updates in the /platform-docs directory: [ajv](https://github.com/ajv-validator/ajv), [webpack-dev-server](https://github.com/webpack/webpack-dev-server), [lodash](https://github.com/lodash/lodash) and [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast).\n\nUpdates `ajv` from 8.7.1 to 8.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ajv-validator/ajv/releases\"\u003eajv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow tree-shaking by adding \u003ccode\u003e\u0026quot;sideEffects\u0026quot;: false\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e by \u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2487\"\u003eajv-validator/ajv#2487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: small grammatical error in managing-schemas.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: typos in schema-language.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2507\"\u003eajv-validator/ajv#2507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(pattern): use configured RegExp engine with $data keyword to mitigate ReDoS attacks (CVE-2025-69873) by \u003ca href=\"https://github.com/epoberezkin\"\u003e\u003ccode\u003e@​epoberezkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2586\"\u003eajv-validator/ajv#2586\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.17.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump version to 8.17.1 by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2472\"\u003eajv-validator/ajv#2472\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.0...v8.17.1\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.17.0...v8.17.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ePlus everything in 8.17.0 which failed to release\u003c/h2\u003e\n\u003cp\u003eThe only functional change is to switch from uri-js (which is no longer supported), to fast-uri. This is the second attempt and the team on fast-uri have been really helpful addressing the issues we found last time.\u003c/p\u003e\n\u003cp\u003eRevert \u0026quot;Revert fast-uri change (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2444\"\u003eajv-validator/ajv#2444\u003c/a\u003e)\u0026quot; by \u003ca href=\"https://github.com/gurgunday\"\u003e\u003ccode\u003e@​gurgunday\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2448\"\u003eajv-validator/ajv#2448\u003c/a\u003e\nfix: ignore new eslint error for \u003ccode\u003e@​typescript-eslint/no-extraneous-class\u003c/code\u003e by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2455\"\u003eajv-validator/ajv#2455\u003c/a\u003e\ndocs: clarify behaviour of addVocabulary by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2454\"\u003eajv-validator/ajv#2454\u003c/a\u003e\ndocs: refactor to improve legibility by \u003ca href=\"https://github.com/blottn\"\u003e\u003ccode\u003e@​blottn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2432\"\u003eajv-validator/ajv#2432\u003c/a\u003e\nFix grammatical typo in managing-schemas.md by \u003ca href=\"https://github.com/wetneb\"\u003e\u003ccode\u003e@​wetneb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2305\"\u003eajv-validator/ajv#2305\u003c/a\u003e\ndocs: Fix broken strict-mode link by \u003ca href=\"https://github.com/alexanderjsx\"\u003e\u003ccode\u003e@​alexanderjsx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2459\"\u003eajv-validator/ajv#2459\u003c/a\u003e\nfeat: add test for encoded refs and bump fast-uri by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2449\"\u003eajv-validator/ajv#2449\u003c/a\u003e\nfix: changes for \u003ccode\u003e@​typescript-eslint/array-type\u003c/code\u003e rule by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2467\"\u003eajv-validator/ajv#2467\u003c/a\u003e\nfixes \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2217\"\u003eajv-validator/ajv#2217\u003c/a\u003e - clarify custom keyword naming by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2457\"\u003eajv-validator/ajv#2457\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThe only functional change is to switch from uri-js (which is no longer supported), to fast-uri. This is the second attempt and the team on fast-uri have been really helpful addressing the issues we found last time.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRevert \u0026quot;Revert fast-uri change (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2444\"\u003e#2444\u003c/a\u003e)\u0026quot; by \u003ca href=\"https://github.com/gurgunday\"\u003e\u003ccode\u003e@​gurgunday\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2448\"\u003eajv-validator/ajv#2448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: ignore new eslint error for \u003ccode\u003e@​typescript-eslint/no-extraneous-class\u003c/code\u003e by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2455\"\u003eajv-validator/ajv#2455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify behaviour of addVocabulary by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2454\"\u003eajv-validator/ajv#2454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: refactor to improve legibility by \u003ca href=\"https://github.com/blottn\"\u003e\u003ccode\u003e@​blottn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2432\"\u003eajv-validator/ajv#2432\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix grammatical typo in managing-schemas.md by \u003ca href=\"https://github.com/wetneb\"\u003e\u003ccode\u003e@​wetneb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2305\"\u003eajv-validator/ajv#2305\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Fix broken strict-mode link by \u003ca href=\"https://github.com/alexanderjsx\"\u003e\u003ccode\u003e@​alexanderjsx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2459\"\u003eajv-validator/ajv#2459\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add test for encoded refs and bump fast-uri by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2449\"\u003eajv-validator/ajv#2449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: changes for \u003ccode\u003e@​typescript-eslint/array-type\u003c/code\u003e rule by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2467\"\u003eajv-validator/ajv#2467\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efixes \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2217\"\u003e#2217\u003c/a\u003e - clarify custom keyword naming by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2457\"\u003eajv-validator/ajv#2457\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/142ce84b807c4fe66e619c22480a28d0e4bd50fa\"\u003e\u003ccode\u003e142ce84\u003c/code\u003e\u003c/a\u003e 8.18.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/720a23fa453ffae8340e92c9b0fe886c54cfe0d5\"\u003e\u003ccode\u003e720a23f\u003c/code\u003e\u003c/a\u003e fix(pattern): use configured RegExp engine with $data keyword to mitigate ReD...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/82735a15826a30cc51e97a1bbfb59b3d388e4b98\"\u003e\u003ccode\u003e82735a1\u003c/code\u003e\u003c/a\u003e fix: typos in schema-language.md (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2507\"\u003e#2507\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b17ec32cd97542e90ae27231d8a8bce88b9e53b6\"\u003e\u003ccode\u003eb17ec32\u003c/code\u003e\u003c/a\u003e fix: small grammatical error in managing-schemas.md (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2508\"\u003e#2508\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/69568d08564303e2c32a2de61feb833b41075f96\"\u003e\u003ccode\u003e69568d0\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/f06766f33ed7291f84c19f22a1286a34475fbdaf\"\u003e\u003ccode\u003ef06766f\u003c/code\u003e\u003c/a\u003e feat: allow tree-shaking by adding ``\u0026quot;sideEffects\u0026quot;: false\u003ccode\u003eto\u003c/code\u003epackage.json` ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/9050ba1359fb87cd7c143f3c79513ea7624ea443\"\u003e\u003ccode\u003e9050ba1\u003c/code\u003e\u003c/a\u003e bump version to 8.17.1 (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2472\"\u003e#2472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/f7831b41c3a27064c6219f51a1e7371ffb582dfe\"\u003e\u003ccode\u003ef7831b4\u003c/code\u003e\u003c/a\u003e fixes \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2217\"\u003e#2217\u003c/a\u003e - clarify custom keyword naming (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2457\"\u003e#2457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/a523784388a79ce65e42caf4d2731da36a94b386\"\u003e\u003ccode\u003ea523784\u003c/code\u003e\u003c/a\u003e fix: changes for \u003ccode\u003e@​typescript-eslint/array-type\u003c/code\u003e rule (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2467\"\u003e#2467\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/595fe58e64e8d5fb8a50fd7a58f9e7f3bcca0bac\"\u003e\u003ccode\u003e595fe58\u003c/code\u003e\u003c/a\u003e feat: add test for encoded refs and bump fast-uri (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2449\"\u003e#2449\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.7.1...v8.18.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.4.38 to 8.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003ePostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e during \u003ca href=\"https://redirect.github.com/postcss/postcss/issues/1995\"\u003ehis work\u003c/a\u003e on \u003ca href=\"https://stylelint.io\"\u003eStylelint\u003c/a\u003e added \u003ccode\u003eInput#document\u003c/code\u003e in additional to \u003ccode\u003eInput#css\u003c/code\u003e.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eroot.source.input.document //=\u0026gt; \u0026quot;\u0026lt;p\u0026gt;Hello\u0026lt;/p\u0026gt;\r\n                           //    \u0026lt;style\u0026gt;\r\n                           //    p {\r\n                           //      color: green;\r\n                           //    }\r\n                           //    \u0026lt;/style\u0026gt;\u0026quot;\r\nroot.source.input.css      //=\u0026gt; \u0026quot;p {\r\n                           //      color: green;\r\n                           //    }\u0026quot;\r\n\u003cp\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eInput#document\u003c/code\u003e for sources like CSS-in-JS or HTML (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.4.49\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax without \u003ccode\u003esource.offset\u003c/code\u003e (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986\"\u003e\u003ccode\u003e33b9790\u003c/code\u003e\u003c/a\u003e Release 8.5.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b\"\u003e\u003ccode\u003e536c79e\u003c/code\u003e\u003c/a\u003e Escape \u0026lt;/style\u0026gt; in CSS output (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2074\"\u003e#2074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4\"\u003e\u003ccode\u003eafa96b2\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2073\"\u003e#2073\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d\"\u003e\u003ccode\u003eeffe88b\u003c/code\u003e\u003c/a\u003e Typo (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2072\"\u003e#2072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad\"\u003e\u003ccode\u003e3ee79a2\u003c/code\u003e\u003c/a\u003e Thread model (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01\"\u003e\u003ccode\u003e2e0683d\u003c/code\u003e\u003c/a\u003e Create incident response docs (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/fe88ac29c06b7b218be32994cdc6ca1525bdf2c9\"\u003e\u003ccode\u003efe88ac2\u003c/code\u003e\u003c/a\u003e Release 8.5.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/c551632496b87ab3f1965bfda5dc386b6c71963e\"\u003e\u003ccode\u003ec551632\u003c/code\u003e\u003c/a\u003e Avoid RegExp when we can use simple JS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/89a6b744060eb8dee743351c785a9fbe37d4525a\"\u003e\u003ccode\u003e89a6b74\u003c/code\u003e\u003c/a\u003e Move SECURITY.txt for docs folder to keep GitHub page cleaner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/6ceb8a46af9f9de821faee98f861bdf84617347b\"\u003e\u003ccode\u003e6ceb8a4\u003c/code\u003e\u003c/a\u003e Create SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.4.38...8.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 9.0.1 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v9.0.1...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack` from 5.97.0 to 5.104.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/releases\"\u003ewebpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.104.1\u003c/h2\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.104.0\u003c/h2\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.103.0\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eDotenvPlugin\u003c/code\u003e and top level \u003ccode\u003edotenv\u003c/code\u003e option to enable this plugin\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eWebpackManifestPlugin\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded support the \u003ccode\u003eignoreList\u003c/code\u003e option in devtool plugins\u003c/li\u003e\n\u003cli\u003eAllow to use custom javascript parse function\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/blob/main/CHANGELOG.md\"\u003ewebpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/24e3c2d2c9f8c6d60810302b2ea70ed86e2863dc\"\u003e\u003ccode\u003e24e3c2d\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20253\"\u003e#20253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/2efd21b0b06baa9b1a7f009b336379dcef24c1a5\"\u003e\u003ccode\u003e2efd21b\u003c/code\u003e\u003c/a\u003e fix(re-exports): reexports runtime calculation should not accessing `__WEBPAC...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/c5100702335a9cdcb75558ccd80def2329bd4abf\"\u003e\u003ccode\u003ec510070\u003c/code\u003e\u003c/a\u003e fix(security): userinfo bypass vulnerability in HttpUriPlugin allowedUris\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/4b0501c69700963bad1285b56f9cfa74704cb963\"\u003e\u003ccode\u003e4b0501c\u003c/code\u003e\u003c/a\u003e ci: fix release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20252\"\u003e#20252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/0c213cecf2906bc41102c3a4cfdd1ad3522d0171\"\u003e\u003ccode\u003e0c213ce\u003c/code\u003e\u003c/a\u003e ci: use \u003ccode\u003e\\\u0026lt;@\u0026amp;1450591255485743204\u0026gt;\u003c/code\u003e over \u003ccode\u003e@here\u003c/code\u003e for discord notificationw\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/5bf8bc51bcfb49d25b73aae450b246cd8b8b423a\"\u003e\u003ccode\u003e5bf8bc5\u003c/code\u003e\u003c/a\u003e refactor: types for benchmarks and tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/505a5e744fbcf4471ddb534bf1d4aebea9643c1b\"\u003e\u003ccode\u003e505a5e7\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20188\"\u003e#20188\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/0c066808d59e4f9406e11bab4ffa2e0feacbd0e2\"\u003e\u003ccode\u003e0c06680\u003c/code\u003e\u003c/a\u003e refactor: update eslint configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/2eb0d6a410513960bd7d65bf15baf15704a612eb\"\u003e\u003ccode\u003e2eb0d6a\u003c/code\u003e\u003c/a\u003e ci: release announcement (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20238\"\u003e#20238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/b2b24590a08755b706d2009ca97a226addf9e83b\"\u003e\u003ccode\u003eb2b2459\u003c/code\u003e\u003c/a\u003e ci: cancel in progress (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20239\"\u003e#20239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/webpack/webpack/compare/v5.97.0...v5.104.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/runtime` from 7.25.7 to 7.26.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/runtime's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.26.10 (2025-03-11)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/jordan-choi\"\u003e\u003ccode\u003e@​jordan-choi\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/mmmsssttt404\"\u003e\u003ccode\u003e@​mmmsssttt404\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003cp\u003eThis release includes a fix for \u003ca href=\"https://github.com/babel/babel/security/advisories/GHSA-968p-4wvh-cqc8\"\u003ehttps://github.com/babel/babel/security/advisories/GHSA-968p-4wvh-cqc8\u003c/a\u003e, a security vulnerability which affects the \u003ccode\u003e.replace\u003c/code\u003e method of transpiled regular expressions that use named capturing groups.\u003c/p\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17159\"\u003e#17159\u003c/a\u003e Disallow decorator in array pattern (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e, \u003ccode\u003ebabel-template\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17164\"\u003e#17164\u003c/a\u003e Fix: always initialize ExportDeclaration attributes (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17142\"\u003e#17142\u003c/a\u003e fix: \u0026quot;Map maximum size exceeded\u0026quot; in deepClone (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-typescript\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17154\"\u003e#17154\u003c/a\u003e Update typescript parser tests (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17151\"\u003e#17151\u003c/a\u003e fix: Should not evaluate vars in child scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17153\"\u003e#17153\u003c/a\u003e fix: Correctly generate \u003ccode\u003eabstract override\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17107\"\u003e#17107\u003c/a\u003e Fix source type detection when parsing TypeScript (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-runtime\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs2\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17173\"\u003e#17173\u003c/a\u003e Fix processing of replacement pattern with named capture groups (\u003ca href=\"https://github.com/%5Bmmmsssttt404%5D(https://github.com/mmmsssttt404)\"\u003e\u003ccode\u003e@​mmmsssttt404\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17158\"\u003e#17158\u003c/a\u003e Avoid warnings when re-bundling \u003ccode\u003e@​babel/standalone\u003c/code\u003e with webpack (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17160\"\u003e#17160\u003c/a\u003e Left-value parsing cleanup (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBabel Bot (\u003ca href=\"https://github.com/babel-bot\"\u003e\u003ccode\u003e@​babel-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eYunyoung Jordan Choi (\u003ca href=\"https://github.com/jordan-choi\"\u003e\u003ccode\u003e@​jordan-choi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mmmsssttt404\"\u003e\u003ccode\u003e@​mmmsssttt404\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.26.9 (2025-02-14)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17103\"\u003e#17103\u003c/a\u003e fix: Definition for \u003ccode\u003eTSPropertySignature.kind\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17062\"\u003e#17062\u003c/a\u003e Print TypeScript optional/definite in ClassPrivateProperty (\u003ca href=\"https://github.com/jamiebuilds-signal\"\u003e\u003ccode\u003e@​jamiebuilds-signal\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/e1ce99df422971175249509e7bbc2b327b8f7957\"\u003e\u003ccode\u003ee1ce99d\u003c/code\u003e\u003c/a\u003e v7.26.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d5952e80c0faa5ec20e35085531b6e572d31dad4\"\u003e\u003ccode\u003ed5952e8\u003c/code\u003e\u003c/a\u003e Fix processing of replacement pattern with named capture groups (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17173\"\u003e#17173\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/64bca7b5f308cd52c192a5c821a57f6d1b0475f4\"\u003e\u003ccode\u003e64bca7b\u003c/code\u003e\u003c/a\u003e v7.26.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/2d9514066e3b135835ed93246ebbcdb7ca0263ca\"\u003e\u003ccode\u003e2d95140\u003c/code\u003e\u003c/a\u003e v7.26.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/63d30381c169780460e01bdb6669c5e01af1dfbe\"\u003e\u003ccode\u003e63d3038\u003c/code\u003e\u003c/a\u003e v7.26.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/b07957ebb316a1e2fc67454fc7423508bb942e63\"\u003e\u003ccode\u003eb07957e\u003c/code\u003e\u003c/a\u003e v7.25.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/af917594e4df3decdde2ce0b1614d607b27367a5\"\u003e\u003ccode\u003eaf91759\u003c/code\u003e\u003c/a\u003e fix: Accidentally publishing useless files (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/16917\"\u003e#16917\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/babel/babel/commits/v7.26.10/packages/babel-runtime\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `showdown` from 1.9.1 to 2.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/showdownjs/showdown/releases\"\u003eshowdown's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.1.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/showdownjs/showdown/compare/2.0.0...2.1.0\"\u003e2.1.0\u003c/a\u003e (2022-04-21)\u003c/h2\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ethe CLI no longer accepts \u0026quot;extra options\u0026quot;. Instead you should pass the \u003ccode\u003e-c\u003c/code\u003e flag. To update:\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ebefore:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eshowdown makehtml -i foo.md -o bar.html --strikethrough --emoji\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eafter:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eshowdown makehtml -i foo.md -o bar.html -c strikethrough -c emoji\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003e2.0.4 (2022-04-21)\u003c/h2\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/showdownjs/showdown/compare/2.0.3...2.0.4\"\u003e2.0.4\u003c/a\u003e (2022-04-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003etest(cli): Add test for multiple config options (\u003ca href=\"https://github.com/showdownjs/showdown/commit/914129f\"\u003e914129f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/showdownjs/showdown/issues/916\"\u003e#916\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecli:\u003c/strong\u003e cli displays the correct version number (\u003ca href=\"https://github.com/showdownjs/showdown/commit/8b48882\"\u003e8b48882\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.3 (2022-03-08)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecli:\u003c/strong\u003e fix cli to work with yargs (\u003ca href=\"https://github.com/showdownjs/showdown/commit/f8c4bd2\"\u003ef8c4bd2\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/showdownjs/showdown/issues/893\"\u003e#893\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.0 (2022-02-15)\u003c/h2\u003e\n\u003cp\u003e2.0.0 is mostly a maintenance release. There are only a few changes beyond 1.9.1 as noted below. The major driver of this update is to update the yargs dependency to a more recent version without security issues.\u003c/p\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupported Node Versions were set to match the \u003ca href=\"https://nodejs.org/en/about/releases/\"\u003enode release schedule\u003c/a\u003e which at the time of writing includes Node 12.x, 14.x, 16.x and 17.x\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eyargs\u003c/code\u003e dependency was updated to \u003ccode\u003e^17.2.1\u003c/code\u003e to mitigate a security issue.\u003c/li\u003e\n\u003cli\u003eThe Showdown license has been changed from BSD-3-Clause to MIT\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eallow escaping of colons (\u003ca href=\"https://github.com/showdownjs/showdown/commit/25c4420\"\u003e25c4420\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ereduce npm package size  (\u003ca href=\"https://github.com/showdownjs/showdown/commit/35730b7\"\u003e35730b7\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/showdownjs/showdown/issues/619\"\u003e#619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eellipsis\u003c/code\u003e option to configure if the ellipsis unicode character is used or not. ( Thanks \u003ca href=\"https://github.com/VladimirV99\"\u003e\u003ccode\u003e@​VladimirV99\u003c/code\u003e\u003c/a\u003e )\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/showdownjs/showdown/blob/master/CHANGELOG.md\"\u003eshowdown's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/showdownjs/showdown/compare/2.0.0...2.1.0\"\u003e2.1.0\u003c/a\u003e (2022-04-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(cli)!: Remove support for \u0026quot;extra options\u0026quot; and add -c flag, closes \u003ca href=\"https://redirect.github.com/showdownjs/showdown/issues/916\"\u003e#916\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecli:\u003c/strong\u003e cli displays the correct version number (\u003ca href=\"https://github.com/showdownjs/showdown/commit/8b48882\"\u003e8b48882\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ethe CLI no longer accepts \u0026quot;extra options\u0026quot;. Instead you should pass the \u003ccode\u003e-c\u003c/code\u003e flag. To update:\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ebefore:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eshowdown makehtml -i foo.md -o bar.html --strikethrough --emoji\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eafter:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eshowdown makehtml -i foo.md -o bar.html -c strikethrough -c emoji\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/showdownjs/showdown/compare/1.9.1...2.0.0\"\u003e2.0.0\u003c/a\u003e (2022-02-15)\u003c/h1\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupported Node Versions were set to match the \u003ca href=\"https://nodejs.org/en/about/releases/\"\u003enode release schedule\u003c/a\u003e which at the time of writing includes Node 12.x, 14.x, 16.x and 17.x\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eyargs\u003c/code\u003e dependecy was updated to \u003ccode\u003e^17.2.1\u003c/code\u003e to mitigate a security issue.\u003c/li\u003e\n\u003cli\u003eThe Showdown Licesnse has been changed from  BSD-3-Clause to MIT\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eallow escaping of colons (\u003ca href=\"https://github.com/showdownjs/showdown/commit/25c4420\"\u003e25c4420\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ereduce npm package size  (\u003ca href=\"https://github.com/showdownjs/showdown/commit/35730b7\"\u003e35730b7\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/showdownjs/showdown/issues/619\"\u003e#619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eellipsis\u003c/code\u003e option to configure if the ellipsis unicode character is used or not. ( Thanks \u003ca href=\"https://github.com/VladimirV99\"\u003e\u003ccode\u003e@​VladimirV99\u003c/code\u003e\u003c/a\u003e )\u003c/li\u003e\n\u003cli\u003eAdded a default security policy. Please report security issues to the issues tab on GitHub.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/showdownjs/showdown/commit/9958ba5cfaf01c93ea9e1a48650fb3074eff98ce\"\u003e\u003ccode\u003e9958ba5\u003c/code\u003e\u003c/a\u003e build: release 2.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/showdownjs/showdown/commit/2be8e2ff0c16e4854120dff0f9270ccc2145e659\"\u003e\u003ccode\u003e2be8e2f\u003c/code\u003e\u003c/a\u003e build: release 2.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/showdownjs/showdown/commit/914129f5dc40ed51632fd140c0dab6b8773bc419\"\u003e\u003ccode\u003e914129f\u003c/code\u003e\u003c/a\u003e test(cli)!: Add test for multiple config options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/showdownjs/showdown/commit/8b488825ac95dd187ef1f32cb8eca886bfefa5a7\"\u003e\u003ccode\u003e8b48882\u003c/code\u003e\u003c/a\u003e fix(cli): cli displays the corrent version number\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/showdownjs/showdown/commit/d5c1b38bc45ed82303369658f59cf3d07d3e49af\"\u003e\u003ccode\u003ed5c1b38\u003c/code\u003e\u003c/a\u003e update funding in package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/showdownjs/showdown/commit/50a1d0b5e8499432c011c64b6ce568f0b426952f\"\u003e\u003ccode\u003e50a1d0b\u003c/code\u003e\u003c/a\u003e release: v 2.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/showdownjs/showdown/commit/f8c4bd26fca4dbf300043a858116197c928bb136\"\u003e\u003ccode\u003ef8c4bd2\u003c/code\u003e\u003c/a\u003e fix(cli): fix cli to work with yargs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/showdownjs/showdown/commit/b3dd26a3a536348bcb65e71edc8df3ddf0a603a0\"\u003e\u003ccode\u003eb3dd26a\u003c/code\u003e\u003c/a\u003e chore: release 2.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/showdownjs/showdown/commit/3871765ac1a35b633b8fa9a431cb73fa06041b6f\"\u003e\u003ccode\u003e3871765\u003c/code\u003e\u003c/a\u003e fix(cli): cli now works properly\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/showdownjs/showdown/commit/612dad0682f7d27d2e19b9857588e8f244f4aebe\"\u003e\u003ccode\u003e612dad0\u003c/code\u003e\u003c/a\u003e chore: build v 2.0.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/showdownjs/showdown/compare/1.9.1...2.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck migration guide in \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/docs\"\u003edocs\u003c/a\u003e for details of all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 2.1.0 to 5.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e@​octokit/request-error's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v5.1.0...v5.1.1\"\u003e5.1.1\u003c/a\u003e (2025-02-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://github.com/octokit/request-error.js/commit/12a14f03dbfbbdc759c1c20a631b277892da09de\"\u003e12a14f0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v5.0.1...v5.1.0\"\u003e5.1.0\u003c/a\u003e (2024-04-05)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade \u003ccode\u003e@octokit/types\u003c/code\u003e to v13 (\u003ca href=\"https://github.com/octokit/request-error.js/commit/3af20bd58fea6cc349bc191c725e78e9cc021da6\"\u003e3af20bd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esecurity:\u003c/strong\u003e Add provenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/416\"\u003e#416\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/94147e8843898e0edd2664d0c46a4f42eb4adaa4\"\u003e94147e8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v5.0.0...v5.0.1\"\u003e5.0.1\u003c/a\u003e (2023-09-23)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v12 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/366\"\u003e#366\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/590fc396a48bb72b4e63f3687f1bdd27fc785a24\"\u003e590fc39\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v4.0.2...v5.0.0\"\u003e5.0.0\u003c/a\u003e (2023-07-07)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v11 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/348\"\u003e#348\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/372097e9b16f70d4ad75089003dc9154e304faa7\"\u003e372097e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e upgrade \u003ccode\u003e@octokit/types\u003c/code\u003e to v11\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v4.0.1...v4.0.2\"\u003e4.0.2\u003c/a\u003e (2023-06-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v10 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/343\"\u003e#343\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/28b1958bb96bccd50d44b69a6769e08069dd3922\"\u003e28b1958\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b51ed2766807a5ca59b5ba477762e84171ccca53\"\u003e\u003ccode\u003eb51ed27\u003c/code\u003e\u003c/a\u003e test: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/12a14f03dbfbbdc759c1c20a631b277892da09de\"\u003e\u003ccode\u003e12a14f0\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/3af20bd58fea6cc349bc191c725e78e9cc021da6\"\u003e\u003ccode\u003e3af20bd\u003c/code\u003e\u003c/a\u003e fix: upgrade \u003ccode\u003e@octokit/types\u003c/code\u003e to v13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/94147e8843898e0edd2664d0c46a4f42eb4adaa4\"\u003e\u003ccode\u003e94147e8\u003c/code\u003e\u003c/a\u003e feat(security): Add provenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/416\"\u003e#416\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/590fc396a48bb72b4e63f3687f1bdd27fc785a24\"\u003e\u003ccode\u003e590fc39\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v12 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/4b9c57ea75054f66b093fc547e94f467b824c99e\"\u003e\u003ccode\u003e4b9c57e\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment digest to 46da6c0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/710afc3553d82b0a0dc3c5d6bd5cf4c756131078\"\u003e\u003ccode\u003e710afc3\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment digest to 1f6c514\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/c82c8ce59ef0d28f7e709c886a876316856cbf22\"\u003e\u003ccode\u003ec82c8ce\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment digest to 223779b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/ec24ead3f170bd248cc5b4ac48e5b2307daba68e\"\u003e\u003ccode\u003eec24ead\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment digest to 46846e5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/362\"\u003e#362\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/365f18db79910407c978767e4ea93c1030ccbac4\"\u003e\u003ccode\u003e365f18d\u003c/code\u003e\u003c/a\u003e ci(action): update actions/checkout action to v4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v2.1.0...v5.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack-dev-server` from 4.15.2 to 5.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack-dev-server/releases\"\u003ewebpack-dev-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.2.4\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.3...v5.2.4\"\u003e5.2.4\u003c/a\u003e (2026-05-11)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eset Cross-Origin-Resource-Policy header to prevent source code theft over HTTP\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.3\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.2...v5.2.3\"\u003e5.2.3\u003c/a\u003e (2026-01-12)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003ecause\u003c/code\u003e for \u003ccode\u003eerrorObject\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5518\"\u003e#5518\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/37b033da2c48335178495a1987c469a26ef3de60\"\u003e37b033d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecompatibility with event target and universal target and lazy compilation  (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/574026c44b9c51f0bbd2f5a2836c54607289a071\"\u003e574026c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eoverlay:\u003c/strong\u003e add ESC key to dismiss overlay (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5598\"\u003e#5598\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/f91baa8831e061e2998849966b8002b40b83fb07\"\u003ef91baa8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eprogress indicator styles (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5557\"\u003e#5557\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/41a53a1accdb0a90785d82cbe8a079794eeed3c8\"\u003e41a53a1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade selfsigned to v5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.2\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.1...v5.2.2\"\u003e5.2.2\u003c/a\u003e (2025-06-03)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u0026quot;Overlay enabled\u0026quot; false positive (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/18e72ee3e57a6e7598a6c068c0ff7c7bb6a857f1\"\u003e18e72ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not crush when error is null for runtime errors (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5447\"\u003e#5447\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/309991f947baa0354140b9930a9654ac792e20c4\"\u003e309991f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove unnecessary header \u003ccode\u003eX_TEST\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5451\"\u003e#5451\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/64a6124bf1b4d158bb42a4341dd03121ae3759fa\"\u003e64a6124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erespect the \u003ccode\u003eallowedHosts\u003c/code\u003e option for cross-origin header check (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5510\"\u003e#5510\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/03d12141bf7be09dfb14e91e5c834ee63bd9a9a2\"\u003e03d1214\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.0...v6.0.0\"\u003e5.2.1\u003c/a\u003e (2025-03-26)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecross-origin requests are not allowed unless allowed by \u003ccode\u003eAccess-Control-Allow-Origin\u003c/code\u003e header\u003c/li\u003e\n\u003cli\u003erequests with an IP addresses in the \u003ccode\u003eOrigin\u003c/code\u003e header are not allowed to connect to WebSocket server unless configured by \u003ccode\u003eallowedHosts\u003c/code\u003e or it different from the \u003ccode\u003eHost\u003c/code\u003e header\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe above changes may make the dev server not work if you relied on such behavior, but unfortunately they carry security risks, so they were considered as fixes.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent overlay for errors caught by React error boundaries (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5431\"\u003e#5431\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/...\n\n_Description has been truncated_","html_url":"https://github.com/goodgollyholly/gutenberg/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/goodgollyholly%2Fgutenberg/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"},{"uuid":"4652773713","node_id":"PR_kwDORhrBm87l73qJ","number":79,"state":"open","title":"deps: Bump the npm-minor-patch group across 1 directory with 37 updates","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-12T21:37:22.000Z","updated_at":"2026-06-12T21:37:23.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps: Bump","group_name":"npm-minor-patch","update_count":37,"packages":[{"name":"express-rate-limit","old_version":"8.3.2","new_version":"8.5.2","repository_url":"https://github.com/express-rate-limit/express-rate-limit"},{"name":"@vitest/coverage-v8","old_version":"4.1.4","new_version":"4.1.8","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"eslint","old_version":"10.2.1","new_version":"10.5.0","repository_url":"https://github.com/eslint/eslint"},{"name":"eslint-plugin-security","old_version":"4.0.0","new_version":"4.0.1","repository_url":"https://github.com/eslint-community/eslint-plugin-security"},{"name":"prettier","old_version":"3.8.3","new_version":"3.8.4","repository_url":"https://github.com/prettier/prettier"},{"name":"typescript-eslint","old_version":"8.58.2","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"ioredis","old_version":"5.10.1","new_version":"5.11.1","repository_url":"https://github.com/luin/ioredis"},{"name":"jose","old_version":"6.2.2","new_version":"6.2.3","repository_url":"https://github.com/panva/jose"},{"name":"helmet","old_version":"8.1.0","new_version":"8.2.0","repository_url":"https://github.com/helmetjs/helmet"},{"name":"tsx","old_version":"4.21.0","new_version":"4.22.4","repository_url":"https://github.com/privatenumber/tsx"},{"name":"@aws-sdk/client-s3","old_version":"3.1032.0","new_version":"3.1068.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@aws-sdk/s3-request-presigner","old_version":"3.1032.0","new_version":"3.1068.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@codemirror/view","old_version":"6.41.1","new_version":"6.43.1","repository_url":"https://github.com/codemirror/view"},{"name":"@tiptap/extension-code-block-lowlight","old_version":"3.22.4","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-image","old_version":"3.22.4","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-link","old_version":"3.22.4","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-placeholder","old_version":"3.22.4","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-task-item","old_version":"3.22.4","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-task-list","old_version":"3.22.4","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/react","old_version":"3.22.4","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/starter-kit","old_version":"3.22.4","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"dompurify","old_version":"3.4.0","new_version":"3.4.10","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"lucide-react","old_version":"1.8.0","new_version":"1.18.0","repository_url":"https://github.com/lucide-icons/lucide"},{"name":"next","old_version":"16.2.6","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"react","old_version":"19.2.5","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"@types/react","old_version":"19.2.14","new_version":"19.2.17","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"react-dom","old_version":"19.2.5","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"tailwind-merge","old_version":"3.5.0","new_version":"3.6.0","repository_url":"https://github.com/dcastil/tailwind-merge"},{"name":"@tailwindcss/postcss","old_version":"4.2.2","new_version":"4.3.1","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@qdrant/js-client-rest","old_version":"1.17.0","new_version":"1.18.0","repository_url":"https://github.com/qdrant/qdrant-js"},{"name":"bullmq","old_version":"5.74.1","new_version":"5.78.0","repository_url":"https://github.com/taskforcesh/bullmq"},{"name":"nodemailer","old_version":"8.0.5","new_version":"8.0.11","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"@types/nodemailer","old_version":"7.0.11","new_version":"8.0.1","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"ajv","old_version":"8.18.0","new_version":"8.20.0","repository_url":"https://github.com/ajv-validator/ajv"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm-minor-patch group with 34 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [express-rate-limit](https://github.com/express-rate-limit/express-rate-limit) | `8.3.2` | `8.5.2` |\n| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.1.4` | `4.1.8` |\n| [eslint](https://github.com/eslint/eslint) | `10.2.1` | `10.5.0` |\n| [eslint-plugin-security](https://github.com/eslint-community/eslint-plugin-security) | `4.0.0` | `4.0.1` |\n| [prettier](https://github.com/prettier/prettier) | `3.8.3` | `3.8.4` |\n| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.58.2` | `8.61.0` |\n| [ioredis](https://github.com/luin/ioredis) | `5.10.1` | `5.11.1` |\n| [jose](https://github.com/panva/jose) | `6.2.2` | `6.2.3` |\n| [helmet](https://github.com/helmetjs/helmet) | `8.1.0` | `8.2.0` |\n| [tsx](https://github.com/privatenumber/tsx) | `4.21.0` | `4.22.4` |\n| [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.1032.0` | `3.1068.0` |\n| [@aws-sdk/s3-request-presigner](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner) | `3.1032.0` | `3.1068.0` |\n| [@codemirror/view](https://github.com/codemirror/view) | `6.41.1` | `6.43.1` |\n| [@tiptap/extension-code-block-lowlight](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-code-block-lowlight) | `3.22.4` | `3.26.1` |\n| [@tiptap/extension-image](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-image) | `3.22.4` | `3.26.1` |\n| [@tiptap/extension-link](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-link) | `3.22.4` | `3.26.1` |\n| [@tiptap/extension-placeholder](https://github.com/ueberdosis/tiptap/tree/HEAD/packages-deprecated/extension-placeholder) | `3.22.4` | `3.26.1` |\n| [@tiptap/extension-task-item](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-task-item) | `3.22.4` | `3.26.1` |\n| [@tiptap/extension-task-list](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-task-list) | `3.22.4` | `3.26.1` |\n| [@tiptap/react](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/react) | `3.22.4` | `3.26.1` |\n| [@tiptap/starter-kit](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/starter-kit) | `3.22.4` | `3.26.1` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.4.0` | `3.4.10` |\n| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.8.0` | `1.18.0` |\n| [next](https://github.com/vercel/next.js) | `16.2.6` | `16.2.9` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.5` | `19.2.7` |\n| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.17` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.5` | `19.2.7` |\n| [tailwind-merge](https://github.com/dcastil/tailwind-merge) | `3.5.0` | `3.6.0` |\n| [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss) | `4.2.2` | `4.3.1` |\n| [@qdrant/js-client-rest](https://github.com/qdrant/qdrant-js/tree/HEAD/packages/js-client-rest) | `1.17.0` | `1.18.0` |\n| [bullmq](https://github.com/taskforcesh/bullmq) | `5.74.1` | `5.78.0` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `8.0.5` | `8.0.11` |\n| [@types/nodemailer](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/nodemailer) | `7.0.11` | `8.0.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.18.0` | `8.20.0` |\n\n\nUpdates `express-rate-limit` from 8.3.2 to 8.5.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/releases\"\u003eexpress-rate-limit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.5.2\u003c/h2\u003e\n\u003cp\u003eYou can view the changelog \u003ca href=\"https://express-rate-limit.mintlify.app/reference/changelog\"\u003ehere\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev8.5.1\u003c/h2\u003e\n\u003cp\u003eYou can view the changelog \u003ca href=\"https://express-rate-limit.mintlify.app/reference/changelog\"\u003ehere\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev8.5.0\u003c/h2\u003e\n\u003cp\u003eYou can view the changelog \u003ca href=\"https://express-rate-limit.mintlify.app/reference/changelog\"\u003ehere\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev8.4.1\u003c/h2\u003e\n\u003cp\u003eYou can view the changelog \u003ca href=\"https://express-rate-limit.mintlify.app/reference/changelog\"\u003ehere\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev8.4.0\u003c/h2\u003e\n\u003cp\u003eYou can view the changelog \u003ca href=\"https://express-rate-limit.mintlify.app/reference/changelog\"\u003ehere\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/commit/97746932253e6c734569140e71357b2633eb1912\"\u003e\u003ccode\u003e9774693\u003c/code\u003e\u003c/a\u003e 8.5.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/commit/0e94cc0176ca0e4960bd6992f1d105766fb9532c\"\u003e\u003ccode\u003e0e94cc0\u003c/code\u003e\u003c/a\u003e v8.5.2 changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/commit/9a583c566aa5aaeb8b94312e9e9dbf711f89e7b3\"\u003e\u003ccode\u003e9a583c5\u003c/code\u003e\u003c/a\u003e feat: simplify IPv6 key generation (\u003ca href=\"https://redirect.github.com/express-rate-limit/express-rate-limit/issues/633\"\u003e#633\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/commit/4f4b3fb78f96ac841a26122be1d82123271d7654\"\u003e\u003ccode\u003e4f4b3fb\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump lint-staged from 16.4.0 to 17.0.4 (\u003ca href=\"https://redirect.github.com/express-rate-limit/express-rate-limit/issues/632\"\u003e#632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/commit/3c1d6c57bddc0d7c9923611fd1ac1e17399a4865\"\u003e\u003ccode\u003e3c1d6c5\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development-dependencies group with 7 updates (\u003ca href=\"https://redirect.github.com/express-rate-limit/express-rate-limit/issues/631\"\u003e#631\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/commit/18884b671441b14dd0e9328a5ebedf51278a16c1\"\u003e\u003ccode\u003e18884b6\u003c/code\u003e\u003c/a\u003e chore(deps): bump basic-ftp from 5.2.0 to 5.3.1 (\u003ca href=\"https://redirect.github.com/express-rate-limit/express-rate-limit/issues/630\"\u003e#630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/commit/dacc9800e640b14c61cd8791ef59d75d0ac037a7\"\u003e\u003ccode\u003edacc980\u003c/code\u003e\u003c/a\u003e chore(deps): bump handlebars from 4.7.8 to 4.7.9 (\u003ca href=\"https://redirect.github.com/express-rate-limit/express-rate-limit/issues/629\"\u003e#629\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/commit/486d0c608a95f344863302bb213fb09ea9ddf5de\"\u003e\u003ccode\u003e486d0c6\u003c/code\u003e\u003c/a\u003e chore(deps): bump follow-redirects from 1.15.11 to 1.16.0 (\u003ca href=\"https://redirect.github.com/express-rate-limit/express-rate-limit/issues/627\"\u003e#627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/commit/50cc3f6345f603ac2fe4eb646edd7338b9a31fbb\"\u003e\u003ccode\u003e50cc3f6\u003c/code\u003e\u003c/a\u003e 8.5.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/commit/92c8e3efd87b9b9f89092b1f9c8c17ac134c1293\"\u003e\u003ccode\u003e92c8e3e\u003c/code\u003e\u003c/a\u003e chore: bump ip-address library to latest (\u003ca href=\"https://redirect.github.com/express-rate-limit/express-rate-limit/issues/626\"\u003e#626\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/compare/v8.3.2...v8.5.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@vitest/coverage-v8` from 4.1.4 to 4.1.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003e@​vitest/coverage-v8's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.8\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eDisable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v4]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10450\"\u003evitest-dev/vitest#10450\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b1\"\u003e\u003c!-- raw HTML omitted --\u003e(e4067)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove orphaned Playwright route when same module is mocked via multiple ids [backport to v4]  -  by \u003ca href=\"https://github.com/toxik\"\u003e\u003ccode\u003e@​toxik\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Zelys-DFKH\"\u003e\u003ccode\u003e@​Zelys-DFKH\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10474\"\u003evitest-dev/vitest#10474\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/675b4343f\"\u003e\u003c!-- raw HTML omitted --\u003e(675b4)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.7...v4.1.8\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner\u003c/strong\u003e: Limit concurrency per task branch in addition to per leaf callbacks (backport)  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10384\"\u003evitest-dev/vitest#10384\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/4f0f2a1ee\"\u003e\u003c!-- raw HTML omitted --\u003e(4f0f2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.6...v4.1.7\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Provide project reference in \u003ccode\u003eToMatchScreenshotResolvePath\u003c/code\u003e  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10138\"\u003evitest-dev/vitest#10138\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/31882607c\"\u003e\u003c!-- raw HTML omitted --\u003e(31882)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGlobal \u003ccode\u003esequence.concurrent: true\u003c/code\u003e with top-level \u003ccode\u003etest(..., { concurrent: false })\u003c/code\u003e + depreacte \u003ccode\u003esequential\u003c/code\u003e test API and options  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003eCodex\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10196\"\u003evitest-dev/vitest#10196\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/2847dfa2a\"\u003e\u003c!-- raw HTML omitted --\u003e(2847d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Simplify orchestrator otel carrier  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10285\"\u003evitest-dev/vitest#10285\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/18af98cee\"\u003e\u003c!-- raw HTML omitted --\u003e(18af9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🏎 Performance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStringify diff objects only once  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10276\"\u003evitest-dev/vitest#10276\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9f7b1528c\"\u003e\u003c!-- raw HTML omitted --\u003e(9f7b1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.5...v4.1.6\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Experimental Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Istanbul to support \u003ccode\u003einstrumenter\u003c/code\u003e option  -  by \u003ca href=\"https://github.com/BartWaardenburg\"\u003e\u003ccode\u003e@​BartWaardenburg\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10119\"\u003evitest-dev/vitest#10119\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/0e0ff41c7\"\u003e\u003c!-- raw HTML omitted --\u003e(0e0ff)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e--project negation excludes browser instances  -  by \u003ca href=\"https://github.com/felamaslen\"\u003e\u003ccode\u003e@​felamaslen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10131\"\u003evitest-dev/vitest#10131\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9423dc084\"\u003e\u003c!-- raw HTML omitted --\u003e(9423d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProject color label on html reporter  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10142\"\u003evitest-dev/vitest#10142\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/596f73986\"\u003e\u003c!-- raw HTML omitted --\u003e(596f7)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003evi.defineHelper\u003c/code\u003e called as object method  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10163\"\u003evitest-dev/vitest#10163\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/122c25b5b\"\u003e\u003c!-- raw HTML omitted --\u003e(122c2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlias \u003ccode\u003eagent\u003c/code\u003e reporter to \u003ccode\u003eminimal\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10157\"\u003evitest-dev/vitest#10157\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/663b99fe3\"\u003e\u003c!-- raw HTML omitted --\u003e(663b9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions  -  by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003esheremet-va\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedad\"\u003e\u003c!-- raw HTML omitted --\u003e(9787d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions \u0026quot;  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd\"\u003e\u003c!-- raw HTML omitted --\u003e(7dc6d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-collect\u003c/strong\u003e: Recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery  -  by \u003ca href=\"https://github.com/Yejneshwar\"\u003e\u003ccode\u003e@​Yejneshwar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10129\"\u003evitest-dev/vitest#10129\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab2\"\u003e\u003c!-- raw HTML omitted --\u003e(32546)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Descriptive error message when reports directory is removed during test run  -  by \u003ca href=\"https://github.com/DaveT1991\"\u003e\u003ccode\u003e@​DaveT1991\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10117\"\u003evitest-dev/vitest#10117\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1413382e1\"\u003e\u003c!-- raw HTML omitted --\u003e(14133)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esnapshot\u003c/strong\u003e: Increase default snapshot max output length  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10150\"\u003evitest-dev/vitest#10150\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/21e66ff63\"\u003e\u003c!-- raw HTML omitted --\u003e(21e66)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eui\u003c/strong\u003e: Fix jsx/tsx syntax highlight  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10152\"\u003evitest-dev/vitest#10152\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/f1b1f6c7b\"\u003e\u003c!-- raw HTML omitted --\u003e(f1b1f)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eweb-worker\u003c/strong\u003e: Support MessagePort objects referenced inside postMessage data  -  by \u003ca href=\"https://github.com/whitphx\"\u003e\u003ccode\u003e@​whitphx\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eClaude Opus 4.6 (1M context)\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9927\"\u003evitest-dev/vitest#9927\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10124\"\u003evitest-dev/vitest#10124\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7ad7d39af\"\u003e\u003c!-- raw HTML omitted --\u003e(7ad7d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Make test-specification options writable  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10154\"\u003evitest-dev/vitest#10154\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/6abd557b7\"\u003e\u003c!-- raw HTML omitted --\u003e(6abd5)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.4...v4.1.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e61f2dd2a0ba0a266c1c5e0334aad3799fee527f\"\u003e\u003ccode\u003ee61f2dd\u003c/code\u003e\u003c/a\u003e chore: release v4.1.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b150005fd42cf75f994300119245806b9\"\u003e\u003ccode\u003ee4067b3\u003c/code\u003e\u003c/a\u003e fix(browser): disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a09d47236e19fd3151351080c667036ca6164dc4\"\u003e\u003ccode\u003ea09d472\u003c/code\u003e\u003c/a\u003e chore: release v4.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a8fd24c1cad2320b19fcc651413c7d928423bdc1\"\u003e\u003ccode\u003ea8fd24c\u003c/code\u003e\u003c/a\u003e chore: release v4.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e399846850fedf10b8228cbe46a419628998acd9\"\u003e\u003ccode\u003ee399846\u003c/code\u003e\u003c/a\u003e chore: release v4.1.5\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/coverage-v8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eslint` from 10.2.1 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint/eslint/releases\"\u003eeslint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.5.0\u003c/h2\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/5ca8c5278edea1fd84d3ba83d8ea3f52fb3831ad\"\u003e\u003ccode\u003e5ca8c52\u003c/code\u003e\u003c/a\u003e feat: correct stack tracking in max-nested-callbacks (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20973\"\u003e#20973\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b5657837604fa5e8cf1278074782025cadd34b6c\"\u003e\u003ccode\u003eb565783\u003c/code\u003e\u003c/a\u003e feat: report no-with violations at the with keyword (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20971\"\u003e#20971\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/2ce032fbc72a1a80c024c084a4f382fb6dece684\"\u003e\u003ccode\u003e2ce032f\u003c/code\u003e\u003c/a\u003e feat: report max-lines-per-function violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20966\"\u003e#20966\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/732cb3e09d5b8b809b5f461d118a5d9fdcd6427f\"\u003e\u003ccode\u003e732cb3e\u003c/code\u003e\u003c/a\u003e feat: report max-nested-callbacks violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20967\"\u003e#20967\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f9c138a0ba7d8e37aed39aef4a3ff1cae8c669f7\"\u003e\u003ccode\u003ef9c138a\u003c/code\u003e\u003c/a\u003e feat: report max-depth violations on keywords (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20943\"\u003e#20943\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/bdb496cc0d54b6d0a023aef9abd5f040ccff2101\"\u003e\u003ccode\u003ebdb496c\u003c/code\u003e\u003c/a\u003e feat: correct max-depth handling for else-if chains (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20944\"\u003e#20944\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c29687354a7f96093f57f7d73eecb866ad5e2953\"\u003e\u003ccode\u003ec296873\u003c/code\u003e\u003c/a\u003e feat: update error loc in \u003ccode\u003emax-statements\u003c/code\u003e to function header (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20907\"\u003e#20907\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/8ae1b5b856dc031cd6c701d89a4df7da4772cd56\"\u003e\u003ccode\u003e8ae1b5b\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/ca7eb90127dcad917188bb1342623f02a272e781\"\u003e\u003ccode\u003eca7eb90\u003c/code\u003e\u003c/a\u003e docs: update Node.js prerequisites to include ICU support (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20962\"\u003e#20962\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f99b47a6799be25321552402a49303bb06a43fe4\"\u003e\u003ccode\u003ef99b47a\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/acf03d4eed31d259c7dc62af5b9640629784f7cc\"\u003e\u003ccode\u003eacf03d4\u003c/code\u003e\u003c/a\u003e docs: clarify precedence of parserOptions over languageOptions (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20926\"\u003e#20926\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b18bf58c5ac748415ffffdff2d96980fbd6a57e8\"\u003e\u003ccode\u003eb18bf58\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20959\"\u003e#20959\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c2d1444df77cb42e5a0b89ab70496879d180a54d\"\u003e\u003ccode\u003ec2d1444\u003c/code\u003e\u003c/a\u003e refactor: replace areAllSegmentsUnreachable with !isAnySegmentReachable (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20951\"\u003e#20951\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/243b8c56014bbbe63771185b0731d8dd4d1316e9\"\u003e\u003ccode\u003e243b8c5\u003c/code\u003e\u003c/a\u003e chore: enhance config-rule to support oneOf, anyOf, and nested schemas (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20788\"\u003e#20788\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/217b2a91f46137c5ffd693965e71306c4c15ea6b\"\u003e\u003ccode\u003e217b2a9\u003c/code\u003e\u003c/a\u003e test: add unit tests for ParserService (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20949\"\u003e#20949\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/72003e781d76bd4ee0d98a6601730d0b829070f9\"\u003e\u003ccode\u003e72003e7\u003c/code\u003e\u003c/a\u003e test: add location information to error messages in \u003ccode\u003emax-statements\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20945\"\u003e#20945\u003c/a\u003e) (lumir)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/7797c266977b0bc4971aa79721813d480de72cd1\"\u003e\u003ccode\u003e7797c26\u003c/code\u003e\u003c/a\u003e refactor: deduplicate isAnySegmentReachable across rules (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20890\"\u003e#20890\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/67c46fa6e4f34e88cc6bc82f8a0dcc917c65d257\"\u003e\u003ccode\u003e67c46fa\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20938\"\u003e#20938\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/95d8c7a99f991abd8ab618d0ee2cbd4f58effc29\"\u003e\u003ccode\u003e95d8c7a\u003c/code\u003e\u003c/a\u003e chore: update dependency \u003ccode\u003e@​eslint/json\u003c/code\u003e to v2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20934\"\u003e#20934\u003c/a\u003e) (renovate[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/cf9e496205142cd4971b9f98aed85866d1010b9c\"\u003e\u003ccode\u003ecf9e496\u003c/code\u003e\u003c/a\u003e chore: update \u003ccode\u003e@​arethetypeswrong/cli\u003c/code\u003e to 0.18.3 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20933\"\u003e#20933\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/fb6d3960cacc51fc12383fa5ded2382adbf90c1c\"\u003e\u003ccode\u003efb6d396\u003c/code\u003e\u003c/a\u003e test: run type tests with TypeScript 7 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20868\"\u003e#20868\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.4.1\u003c/h2\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e557467db7496220eebcbe2ac5ea6d38c12bb1ec\"\u003e\u003ccode\u003ee557467\u003c/code\u003e\u003c/a\u003e fix: update \u003ccode\u003e@eslint/plugin-kit\u003c/code\u003e version to 0.7.2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20930\"\u003e#20930\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d4ce898796ca22c3b96aa70d3014cb85f4bac1cd\"\u003e\u003ccode\u003ed4ce898\u003c/code\u003e\u003c/a\u003e fix: propagate failures from delegated commands (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20917\"\u003e#20917\u003c/a\u003e) (Minh Vu)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f4f3507460bc016b5be979c05d2969793f570cbf\"\u003e\u003ccode\u003ef4f3507\u003c/code\u003e\u003c/a\u003e fix: prefer-arrow-callback invalid autofix with newline after \u003ccode\u003easync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20916\"\u003e#20916\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c5bc78b37e08b9054a11f0cc2d81808bb24acb85\"\u003e\u003ccode\u003ec5bc78b\u003c/code\u003e\u003c/a\u003e fix: false positive for reference in \u003ccode\u003efinally\u003c/code\u003e block (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20655\"\u003e#20655\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/27538c01f5df4e9306f6f4ba867b2dd6307fae59\"\u003e\u003ccode\u003e27538c0\u003c/code\u003e\u003c/a\u003e fix: add missing CodePath and CodePathSegment types (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20853\"\u003e#20853\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/61b0add61ffc52665562be7bb96f526690a78b30\"\u003e\u003ccode\u003e61b0add\u003c/code\u003e\u003c/a\u003e docs: remove deprecated rule from related rules of \u003ccode\u003emax-params\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20921\"\u003e#20921\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/305d5b91aeac24d36fde42f75625a8f183d4ce43\"\u003e\u003ccode\u003e305d5b9\u003c/code\u003e\u003c/a\u003e docs: remove deprecated rules from related rules section (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20911\"\u003e#20911\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/49b0202d01918b8061720d586dffd7c68047090c\"\u003e\u003ccode\u003e49b0202\u003c/code\u003e\u003c/a\u003e docs: fix \u003ccode\u003edisplay: none\u003c/code\u003e of ad (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20901\"\u003e#20901\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/9067f9492ec998afc5b4f057a477ecf6ebd45e44\"\u003e\u003ccode\u003e9067f94\u003c/code\u003e\u003c/a\u003e docs: switch build to Node.js 24 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20893\"\u003e#20893\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c91b0417e3420c76807ce1fa2aea76e2de87ab86\"\u003e\u003ccode\u003ec91b041\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e349265cb37f3ebc837e178e48a725bb782bd870\"\u003e\u003ccode\u003ee349265\u003c/code\u003e\u003c/a\u003e docs: clarify semver strings in rule deprecation objects (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20885\"\u003e#20885\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b0e466b6ab47bfc7de43d8de0c315d8ee83aa584\"\u003e\u003ccode\u003eb0e466b\u003c/code\u003e\u003c/a\u003e test: add \u003ccode\u003edata\u003c/code\u003e property to invalid tests cases for rules (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20924\"\u003e#20924\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f78838bc4c86d487e1bcc7cede260c4467721c46\"\u003e\u003ccode\u003ef78838b\u003c/code\u003e\u003c/a\u003e test: add CodePath type coverage (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20904\"\u003e#20904\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1daa4bd734b79a62e317d0394394a6b38cff49f9\"\u003e\u003ccode\u003e1daa4bd\u003c/code\u003e\u003c/a\u003e chore: update \u003ccode\u003eeslint-plugin-eslint-comments\u003c/code\u003e test data to latest commit (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20922\"\u003e#20922\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/002942ce988ea28b78e0a2f3b074081e638b552c\"\u003e\u003ccode\u003e002942c\u003c/code\u003e\u003c/a\u003e ci: declare contents:read on update-readme workflow (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20919\"\u003e#20919\u003c/a\u003e) (Arpit Jain)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/64bca24e7bed35bc3c864fc625cb2d89eca87d5b\"\u003e\u003ccode\u003e64bca24\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20912\"\u003e#20912\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/de3b672a267e32607db04176ce4775664acb3145\"\u003e\u003ccode\u003ede3b672\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/362a5185134290db696d39f97c9da609ded54040\"\u003e\u003ccode\u003e362a518\u003c/code\u003e\u003c/a\u003e Build: changelog update for 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/5ca8c5278edea1fd84d3ba83d8ea3f52fb3831ad\"\u003e\u003ccode\u003e5ca8c52\u003c/code\u003e\u003c/a\u003e feat: correct stack tracking in max-nested-callbacks (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20973\"\u003e#20973\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b5657837604fa5e8cf1278074782025cadd34b6c\"\u003e\u003ccode\u003eb565783\u003c/code\u003e\u003c/a\u003e feat: report no-with violations at the with keyword (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20971\"\u003e#20971\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/2ce032fbc72a1a80c024c084a4f382fb6dece684\"\u003e\u003ccode\u003e2ce032f\u003c/code\u003e\u003c/a\u003e feat: report max-lines-per-function violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20966\"\u003e#20966\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/732cb3e09d5b8b809b5f461d118a5d9fdcd6427f\"\u003e\u003ccode\u003e732cb3e\u003c/code\u003e\u003c/a\u003e feat: report max-nested-callbacks violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20967\"\u003e#20967\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f9c138a0ba7d8e37aed39aef4a3ff1cae8c669f7\"\u003e\u003ccode\u003ef9c138a\u003c/code\u003e\u003c/a\u003e feat: report max-depth violations on keywords (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20943\"\u003e#20943\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/8ae1b5b856dc031cd6c701d89a4df7da4772cd56\"\u003e\u003ccode\u003e8ae1b5b\u003c/code\u003e\u003c/a\u003e docs: Update README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/ca7eb90127dcad917188bb1342623f02a272e781\"\u003e\u003ccode\u003eca7eb90\u003c/code\u003e\u003c/a\u003e docs: update Node.js prerequisites to include ICU support (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20962\"\u003e#20962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b18bf58c5ac748415ffffdff2d96980fbd6a57e8\"\u003e\u003ccode\u003eb18bf58\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20959\"\u003e#20959\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eslint/eslint/compare/v10.2.1...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eslint-plugin-security` from 4.0.0 to 4.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/releases\"\u003eeslint-plugin-security's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eeslint-plugin-security: v4.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/compare/eslint-plugin-security-v4.0.0...eslint-plugin-security-v4.0.1\"\u003e4.0.1\u003c/a\u003e (2026-06-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etreat import.meta.dirname and import.meta.filename as static (\u003ca href=\"https://redirect.github.com/eslint-community/eslint-plugin-security/issues/200\"\u003e#200\u003c/a\u003e) (\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/commit/74c97bb3326a6b4fe4718b2638bb3b0492cb90fd\"\u003e74c97bb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/blob/main/CHANGELOG.md\"\u003eeslint-plugin-security's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/compare/eslint-plugin-security-v4.0.0...eslint-plugin-security-v4.0.1\"\u003e4.0.1\u003c/a\u003e (2026-06-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etreat import.meta.dirname and import.meta.filename as static (\u003ca href=\"https://redirect.github.com/eslint-community/eslint-plugin-security/issues/200\"\u003e#200\u003c/a\u003e) (\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/commit/74c97bb3326a6b4fe4718b2638bb3b0492cb90fd\"\u003e74c97bb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/commit/cb8645c3150a52eb400ba08d83fb53528797b652\"\u003e\u003ccode\u003ecb8645c\u003c/code\u003e\u003c/a\u003e chore: release 4.0.1 🚀 (\u003ca href=\"https://redirect.github.com/eslint-community/eslint-plugin-security/issues/204\"\u003e#204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/commit/74c97bb3326a6b4fe4718b2638bb3b0492cb90fd\"\u003e\u003ccode\u003e74c97bb\u003c/code\u003e\u003c/a\u003e fix: treat import.meta.dirname and import.meta.filename as static (\u003ca href=\"https://redirect.github.com/eslint-community/eslint-plugin-security/issues/200\"\u003e#200\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/commit/0b45f8277b8018377c3716358faafaa70b474c2c\"\u003e\u003ccode\u003e0b45f82\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump shell-quote from 1.7.4 to 1.8.4 (\u003ca href=\"https://redirect.github.com/eslint-community/eslint-plugin-security/issues/202\"\u003e#202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/commit/954149ae507c95a1f6d61c43bfd4601143083138\"\u003e\u003ccode\u003e954149a\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump handlebars from 4.7.7 to 4.7.9 (\u003ca href=\"https://redirect.github.com/eslint-community/eslint-plugin-security/issues/198\"\u003e#198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/commit/d5012b6b10419c9a3280d094ce10aa944a2b7812\"\u003e\u003ccode\u003ed5012b6\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump picomatch from 2.3.1 to 2.3.2 (\u003ca href=\"https://redirect.github.com/eslint-community/eslint-plugin-security/issues/197\"\u003e#197\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/commit/b53d8b45ebe16c9ce778c25a8cf68a71749e0a78\"\u003e\u003ccode\u003eb53d8b4\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump flatted from 3.3.1 to 3.4.2 (\u003ca href=\"https://redirect.github.com/eslint-community/eslint-plugin-security/issues/196\"\u003e#196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/commit/7876750bfa33eb29285adb7b0af7e5c70838568e\"\u003e\u003ccode\u003e7876750\u003c/code\u003e\u003c/a\u003e chore(deps): bump minimatch (\u003ca href=\"https://redirect.github.com/eslint-community/eslint-plugin-security/issues/194\"\u003e#194\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/compare/eslint-plugin-security-v4.0.0...eslint-plugin-security-v4.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `prettier` from 3.8.3 to 3.8.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prettier/prettier/releases\"\u003eprettier's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.8.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMarkdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (\u003ca href=\"https://redirect.github.com/prettier/prettier/pull/17746\"\u003eprettier/prettier#17746\u003c/a\u003e by \u003ca href=\"https://github.com/byplayer\"\u003e\u003ccode\u003e@​byplayer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e🔗 \u003ca href=\"https://github.com/prettier/prettier/blob/3.8.4/CHANGELOG.md#384\"\u003eChangelog\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prettier/prettier/blob/main/CHANGELOG.md\"\u003eprettier's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e3.8.4\u003c/h1\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/prettier/prettier/compare/3.8.3...3.8.4\"\u003ediff\u003c/a\u003e\u003c/p\u003e\n\u003ch4\u003eMarkdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (\u003ca href=\"https://redirect.github.com/prettier/prettier/pull/17746\"\u003e#17746\u003c/a\u003e by \u003ca href=\"https://github.com/byplayer\"\u003e\u003ccode\u003e@​byplayer\u003c/code\u003e\u003c/a\u003e)\u003c/h4\u003e\n\u003cp\u003ePrettier was removing blank lines between list items and their nested sub-lists, converting loose lists into tight lists and changing their semantic meaning.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre lang=\"markdown\"\u003e\u003ccode\u003e\u0026lt;!-- Input --\u0026gt;\n- a\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eb\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ec\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ed\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u0026lt;!-- Prettier 3.8.3 --\u0026gt;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ea\n\u003cul\u003e\n\u003cli\u003eb\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ec\n\u003cul\u003e\n\u003cli\u003ed\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u0026lt;!-- Prettier 3.8.4 --\u0026gt;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ea\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eb\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ec\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ed\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/1c6ba5539141552e0e8e22d401ea620d8fdff468\"\u003e\u003ccode\u003e1c6ba55\u003c/code\u003e\u003c/a\u003e Release 3.8.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/4a673dc9b59ddf7296bbab9822093d2971da84a8\"\u003e\u003ccode\u003e4a673dc\u003c/code\u003e\u003c/a\u003e Fix blank lines between list items and nested sub-lists being removed in Mark...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/074aaedbb052a288e89d15eb0a4214de37a08866\"\u003e\u003ccode\u003e074aaed\u003c/code\u003e\u003c/a\u003e Replace \u003ccode\u003emain\u003c/code\u003e branch in changelog link with tags (\u003ca href=\"https://redirect.github.com/prettier/prettier/issues/19054\"\u003e#19054\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/c22a003ae97917c5043e8685b4fdff0f93e978f9\"\u003e\u003ccode\u003ec22a003\u003c/code\u003e\u003c/a\u003e Bump Prettier dependency to 3.8.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/07bad1f04536e9799927007baf466e67151576f0\"\u003e\u003ccode\u003e07bad1f\u003c/code\u003e\u003c/a\u003e Clean changelog_unreleased\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/prettier/prettier/compare/3.8.3...3.8.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `typescript-eslint` from 8.58.2 to 8.61.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases\"\u003etypescript-eslint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.61.0\u003c/h2\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e change type of \u003ccode\u003eUnaryExpression.prefix\u003c/code\u003e to always \u003ccode\u003etrue\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12372\"\u003e#12372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e tighten types of \u003ccode\u003eArrowFunction\u003c/code\u003e, \u003ccode\u003eYieldExpression\u003c/code\u003e, \u003ccode\u003eTSTypePredicate\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12373\"\u003e#12373\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erule-schema-to-typescript-types:\u003c/strong\u003e respect ECMAScript line terminators (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12374\"\u003e#12374\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elumir\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003ev8.60.1\u003c/h2\u003e\n\u003ch2\u003e8.60.1 (2026-06-01)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eeslint-plugin:\u003c/strong\u003e respect ECMAScript line terminators in ts-comment rules (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12352\"\u003e#12352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eeslint-plugin:\u003c/strong\u003e [no-shadow] correct rule to match ESLint v10 handling (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12182\"\u003e#12182\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elumir\u003c/li\u003e\n\u003cli\u003eNevette Bailey \u003ca href=\"https://github.com/nevette-bailey\"\u003e\u003ccode\u003e@​nevette-bailey\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.1\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003ev8.60.0\u003c/h2\u003e\n\u003ch2\u003e8.60.0 (2026-05-25)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erule-tester:\u003c/strong\u003e added updates of RuleTester from upstream (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12291\"\u003e#12291\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eplayground TS version selector is not working (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12326\"\u003e#12326\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/issues/12325\"\u003e#12325\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md\"\u003etypescript-eslint's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.60.1 (2026-06-01)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.1\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.60.0 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.59.4 (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript-eslint:\u003c/strong\u003e export Compatible* types from typescript-eslint to resolve pnpm TS error (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12340\"\u003e#12340\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.4\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.59.3 (2026-05-11)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.3\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.59.2 (2026-05-04)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/16a5b247affc32af21b695cf96dfd75d7ded50a3\"\u003e\u003ccode\u003e16a5b24\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.61.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/4f84a697aedc436559c3ae09b5b357d98b448d68\"\u003e\u003ccode\u003e4f84a69\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.60.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/1849b530c254fb4f89d7270160f3a998e4acd964\"\u003e\u003ccode\u003e1849b53\u003c/code\u003e\u003c/a\u003e chore: typecheck using tsgo (\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/12139\"\u003e#12139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/f891c29de5f3e23f3d8c59cc599d3196e54e9b58\"\u003e\u003ccode\u003ef891c29\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.60.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/ca6ca1431b6d18235297a7e29feb5d98f012dff2\"\u003e\u003ccode\u003eca6ca14\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/4b927c607755b2648d5854b9e928c1dbb2b8e088\"\u003e\u003ccode\u003e4b927c6\u003c/code\u003e\u003c/a\u003e fix(typescript-eslint): export Compatible* types from typescript-eslint to re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/48e13c0261e3cb1bf4f4dfaa462cdb3a56ef7383\"\u003e\u003ccode\u003e48e13c0\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/44f9625336841a8ee3eb01a9e02e49b1d7b12648\"\u003e\u003ccode\u003e44f9625\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4.1.5 (\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/12307\"\u003e#12307\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/2ec35f1760aade4df4c631d76d78c7ed5e136333\"\u003e\u003ccode\u003e2ec35f1\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/52457932e5507b5ca01e720a541f3f8d01e09b9d\"\u003e\u003ccode\u003e5245793\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commits/v8.61.0/packages/typescript-eslint\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 4.1.4 to 4.1.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.8\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eDisable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v4]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10450\"\u003evitest-dev/vitest#10450\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b1\"\u003e\u003c!-- raw HTML omitted --\u003e(e4067)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove orphaned Playwright route when same module is mocked via multiple ids [backport to v4]  -  by \u003ca href=\"https://github.com/toxik\"\u003e\u003ccode\u003e@​toxik\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Zelys-DFKH\"\u003e\u003ccode\u003e@​Zelys-DFKH\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10474\"\u003evitest-dev/vitest#10474\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/675b4343f\"\u003e\u003c!-- raw HTML omitted --\u003e(675b4)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.7...v4.1.8\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner\u003c/strong\u003e: Limit concurrency per task branch in addition to per leaf callbacks (backport)  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10384\"\u003evitest-dev/vitest#10384\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/4f0f2a1ee\"\u003e\u003c!-- raw HTML omitted --\u003e(4f0f2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.6...v4.1.7\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Provide project reference in \u003ccode\u003eToMatchScreenshotResolvePath\u003c/code\u003e  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10138\"\u003evitest-dev/vitest#10138\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/31882607c\"\u003e\u003c!-- raw HTML omitted --\u003e(31882)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGlobal \u003ccode\u003esequence.concurrent: true\u003c/code\u003e with top-level \u003ccode\u003etest(..., { concurrent: false })\u003c/code\u003e + depreacte \u003ccode\u003esequential\u003c/code\u003e test API and options  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003eCodex\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10196\"\u003evitest-dev/vitest#10196\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/2847dfa2a\"\u003e\u003c!-- raw HTML omitted --\u003e(2847d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Simplify orchestrator otel carrier  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10285\"\u003evitest-dev/vitest#10285\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/18af98cee\"\u003e\u003c!-- raw HTML omitted --\u003e(18af9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🏎 Performance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStringify diff objects only once  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10276\"\u003evitest-dev/vitest#10276\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9f7b1528c\"\u003e\u003c!-- raw HTML omitted --\u003e(9f7b1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.5...v4.1.6\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Experimental Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Istanbul to support \u003ccode\u003einstrumenter\u003c/code\u003e option  -  by \u003ca href=\"https://github.com/BartWaardenburg\"\u003e\u003ccode\u003e@​BartWaardenburg\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10119\"\u003evitest-dev/vitest#10119\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/0e0ff41c7\"\u003e\u003c!-- raw HTML omitted --\u003e(0e0ff)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e--project negation excludes browser instances  -  by \u003ca href=\"https://github.com/felamaslen\"\u003e\u003ccode\u003e@​felamaslen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10131\"\u003evitest-dev/vitest#10131\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9423dc084\"\u003e\u003c!-- raw HTML omitted --\u003e(9423d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProject color label on html reporter  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10142\"\u003evitest-dev/vitest#10142\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/596f73986\"\u003e\u003c!-- raw HTML omitted --\u003e(596f7)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003evi.defineHelper\u003c/code\u003e called as object method  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10163\"\u003evitest-dev/vitest#10163\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/122c25b5b\"\u003e\u003c!-- raw HTML omitted --\u003e(122c2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlias \u003ccode\u003eagent\u003c/code\u003e reporter to \u003ccode\u003eminimal\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10157\"\u003evitest-dev/vitest#10157\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/663b99fe3\"\u003e\u003c!-- raw HTML omitted --\u003e(663b9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions  -  by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003esheremet-va\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedad\"\u003e\u003c!-- raw HTML omitted --\u003e(9787d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions \u0026quot;  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd\"\u003e\u003c!-- raw HTML omitted --\u003e(7dc6d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-collect\u003c/strong\u003e: Recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery  -  by \u003ca href=\"https://github.com/Yejneshwar\"\u003e\u003ccode\u003e@​Yejneshwar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10129\"\u003evitest-dev/vitest#10129\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab2\"\u003e\u003c!-- raw HTML omitted --\u003e(32546)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Descriptive error message when reports directory is removed during test run  -  by \u003ca href=\"https://github.com/DaveT1991\"\u003e\u003ccode\u003e@​DaveT1991\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10117\"\u003evitest-dev/vitest#10117\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1413382e1\"\u003e\u003c!-- raw HTML omitted --\u003e(14133)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esnapshot\u003c/strong\u003e: Increase default snapshot max output length  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10150\"\u003evitest-dev/vitest#10150\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/21e66ff63\"\u003e\u003c!-- raw HTML omitted --\u003e(21e66)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eui\u003c/strong\u003e: Fix jsx/tsx syntax highlight  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10152\"\u003evitest-dev/vitest#10152\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/f1b1f6c7b\"\u003e\u003c!-- raw HTML omitted --\u003e(f1b1f)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eweb-worker\u003c/strong\u003e: Support MessagePort objects referenced inside postMessage data  -  by \u003ca href=\"https://github.com/whitphx\"\u003e\u003ccode\u003e@​whitphx\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eClaude Opus 4.6 (1M context)\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9927\"\u003evitest-dev/vitest#9927\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10124\"\u003evitest-dev/vitest#10124\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7ad7d39af\"\u003e\u003c!-- raw HTML omitted --\u003e(7ad7d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Make test-specification options writable  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10154\"\u003evitest-dev/vitest#10154\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/6abd557b7\"\u003e\u003c!-- raw HTML omitted --\u003e(6abd5)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.4...v4.1.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e61f2dd2a0ba0a266c1c5e0334aad3799fee527f\"\u003e\u003ccode\u003ee61f2dd\u003c/code\u003e\u003c/a\u003e chore: release v4.1.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b150005fd42cf75f994300119245806b9\"\u003e\u003ccode\u003ee4067b3\u003c/code\u003e\u003c/a\u003e fix(browser): disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a09d47236e19fd3151351080c667036ca6164dc4\"\u003e\u003ccode\u003ea09d472\u003c/code\u003e\u003c/a\u003e chore: release v4.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a8fd24c1cad2320b19fcc651413c7d928423bdc1\"\u003e\u003ccode\u003ea8fd24c\u003c/code\u003e\u003c/a\u003e chore: release v4.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/18af98cee1830604d57f6a02bf28f8067cdffc06\"\u003e\u003ccode\u003e18af98c\u003c/code\u003e\u003c/a\u003e fix(browser): simplify orchestrator otel carrier (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10285\"\u003e#10285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/31882607cc67c7bf52ead13a606321ffdb06a857\"\u003e\u003ccode\u003e3188260\u003c/code\u003e\u003c/a\u003e feat(browser): provide project reference in \u003ccode\u003eToMatchScreenshotResolvePath\u003c/code\u003e (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e399846850fedf10b8228cbe46a419628998acd9\"\u003e\u003ccode\u003ee399846\u003c/code\u003e\u003c/a\u003e chore: release v4.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd9dda0fe6fee2fb6451d0611a9ecb6e7\"\u003e\u003ccode\u003e7dc6d54\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;fix: respect diff config options in soft assertions (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696\"\u003e#8696\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedade9896a6d3eeed7739177d6c583a68a7\"\u003e\u003ccode\u003e9787ded\u003c/code\u003e\u003c/a\u003e fix: respect diff config options in soft assertions (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696\"\u003e#8696\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab292c45c3ef27aa21ec7da380c307052c\"\u003e\u003ccode\u003e325463a\u003c/code\u003e\u003c/a\u003e fix(ast-collect): recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ioredis` from 5.10.1 to 5.11.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/luin/ioredis/releases\"\u003eioredis's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.11.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/luin/ioredis/compare/v5.11.0...v5.11.1\"\u003e5.11.1\u003c/a\u003e (2026-06-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecluster:\u003c/strong\u003e reconnect to nodes that restart without slot changes (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2096\"\u003e#2096\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/c84b2ee97fd7b25d8f6ef8b509c228a602f47cca\"\u003ec84b2ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eparse protocol-relative Redis URLs as TCP connections (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2125\"\u003e#2125\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/131ee24173380b986e62ecc428ddde82be12bc40\"\u003e131ee24\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.11.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/luin/ioredis/compare/v5.10.1...v5.11.0\"\u003e5.11.0\u003c/a\u003e (2026-05-26)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent RangeError from string accumulation in pipeline (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2088\"\u003e#2088\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/defc07716a9ef10c2077ec4e23ea48cb9ea731fc\"\u003edefc077\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ereplace deprecated url.parse() with WHATWG URL API (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2081\"\u003e#2081\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/0021a4590e286aabbf27f4e2fc18f9d2de829ef0\"\u003e0021a45\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/redis/ioredis/issues/1747\"\u003eredis/ioredis#1747\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd array commands, typings and tests (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2114\"\u003e#2114\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/baf68d6d89553672cfac3e08543467b910b561c5\"\u003ebaf68d6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd increx command (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2115\"\u003e#2115\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/37d0695b212d865ef24132acff85420ae51dde50\"\u003e37d0695\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd Redis MSETEX support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2111\"\u003e#2111\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/04a4615e8e96b9c58d017e360b5eaafede8973d0\"\u003e04a4615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd typed GCRA command support and functional tests (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2094\"\u003e#2094\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/468a8023cd2c8f342ec7c55a01bf0c8d17e4b877\"\u003e468a802\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd vector set command support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2116\"\u003e#2116\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/b7b3defbd119d07fb86d071d5eefc255db4920c2\"\u003eb7b3def\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd xnack command (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2103\"\u003e#2103\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/187d29b45000ee46a4baa8ce91eacfa04675aee8\"\u003e187d29b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd zinter zunion count (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2104\"\u003e#2104\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/0d510bbc1cfc8b01d862b76c408f6687f6e77809\"\u003e0d510bb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImplement \u003ccode\u003eTracingChannel\u003c/code\u003e support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2089\"\u003e#2089\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/4760e0a19c194f29f4feb703003dcf046e4509cd\"\u003e4760e0a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/redis/ioredis/blob/main/CHANGELOG.md\"\u003eioredis's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/luin/ioredis/compare/v5.11.0...v5.11.1\"\u003e5.11.1\u003c/a\u003e (2026-06-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecluster:\u003c/strong\u003e reconnect to nodes that restart without slot changes (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2096\"\u003e#2096\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/c84b2ee97fd7b25d8f6ef8b509c228a602f47cca\"\u003ec84b2ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eparse protocol-relative Redis URLs as TCP connections (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2125\"\u003e#2125\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/131ee24173380b986e62ecc428ddde82be12bc40\"\u003e131ee24\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/luin/ioredis/compare/v5.10.1...v5.11.0\"\u003e5.11.0\u003c/a\u003e (2026-05-26)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent RangeError from string accumulation in pipeline (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2088\"\u003e#2088\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/defc07716a9ef10c2077ec4e23ea48cb9ea731fc\"\u003edefc077\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ereplace deprecated url.parse() with WHATWG URL API (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2081\"\u003e#2081\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/0021a4590e286aabbf27f4e2fc18f9d2de829ef0\"\u003e0021a45\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/redis/ioredis/issues/1747\"\u003eredis/ioredis#1747\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd array commands, typings and tests (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2114\"\u003e#2114\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/baf68d6d89553672cfac3e08543467b910b561c5\"\u003ebaf68d6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd increx command (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2115\"\u003e#2115\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/37d0695b212d865ef24132acff85420ae51dde50\"\u003e37d0695\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd Redis MSETEX support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2111\"\u003e#2111\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/04a4615e8e96b9c58d017e360b5eaafede8973d0\"\u003e04a4615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd typed GCRA command support and functional tests (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2094\"\u003e#2094\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/468a8023cd2c8f342ec7c55a01bf0c8d17e4b877\"\u003e468a802\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd vector set command support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2116\"\u003e#2116\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/b7b3defbd119d07fb86d071d5eefc255db4920c2\"\u003eb7b3def\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd xnack command (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2103\"\u003e#2103\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/187d29b45000ee46a4baa8ce91eacfa04675aee8\"\u003e187d29b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd zinter zunion count (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2104\"\u003e#2104\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/0d510bbc1cfc8b01d862b76c408f6687f6e77809\"\u003e0d510bb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImplement \u003ccode\u003eTracingChannel\u003c/code\u003e support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2089\"\u003e#2089\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/4760e0a19c194f29f4feb703003dcf046e4509cd\"\u003e4760e0a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/fb224a7609b6d25959e06e31fdab2460d1f75691\"\u003e\u003ccode\u003efb224a7\u003c/code\u003e\u003c/a\u003e chore(release): 5.11.1 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/131ee24173380b986e62ecc428ddde82be12bc40\"\u003e\u003ccode\u003e131ee24\u003c/code\u003e\u003c/a\u003e fix: parse protocol-relative Redis URLs as TCP connections (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/c84b2ee97fd7b25d8f6ef8b509c228a602f47cca\"\u003e\u003ccode\u003ec84b2ee\u003c/code\u003e\u003c/a\u003e fix(cluster): reconnect to nodes that restart without slot changes (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2096\"\u003e#2096\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/14904327fc212d1f592172d776ebe45178fb7ee7\"\u003e\u003ccode\u003e1490432\u003c/code\u003e\u003c/a\u003e chore(release): 5.11.0 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/5359d4d090c17f2ca1e86d92b139cd935ba4643d\"\u003e\u003ccode\u003e5359d4d\u003c/code\u003e\u003c/a\u003e refactor(utils): inline defaults and isArguments helpers (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2107\"\u003e#2107\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/b...\n\n_Description has been truncated_","html_url":"https://github.com/xaverric/atlas-lab/pull/79","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/xaverric%2Fatlas-lab/issues/79","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/79/packages"},{"uuid":"4645178374","node_id":"PR_kwDOQlGdBs7ljOgl","number":118,"state":"closed","title":"chore(deps): bump the dependencies group in /panel with 215 updates","user":"dependabot[bot]","labels":["dependencies","area: panel","javascript"],"assignees":[],"locked":true,"comments_count":2,"pull_request":true,"closed_at":"2026-06-15T00:41:33.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-12T00:20:25.000Z","updated_at":"2026-06-15T00:41:43.000Z","time_to_close":260468,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"dependencies","update_count":215,"packages":[{"name":"@hookform/resolvers","old_version":"5.2.2","new_version":"5.4.0","repository_url":"https://github.com/react-hook-form/resolvers"},{"name":"@radix-ui/react-alert-dialog","old_version":"1.1.15","new_version":"1.1.16","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-avatar","old_version":"1.1.11","new_version":"1.1.12","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-checkbox","old_version":"1.3.3","new_version":"1.3.4","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-collapsible","old_version":"1.1.12","new_version":"1.1.13","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-dialog","old_version":"1.1.15","new_version":"1.1.16","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-dropdown-menu","old_version":"2.1.16","new_version":"2.1.17","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-label","old_version":"2.1.8","new_version":"2.1.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-popover","old_version":"1.1.15","new_version":"1.1.16","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-progress","old_version":"1.1.8","new_version":"1.1.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-scroll-area","old_version":"1.2.10","new_version":"1.2.11","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-select","old_version":"2.2.6","new_version":"2.3.0","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-separator","old_version":"1.1.8","new_version":"1.1.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-slot","old_version":"1.2.4","new_version":"1.2.5","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-switch","old_version":"1.2.6","new_version":"1.3.0","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-tabs","old_version":"1.1.13","new_version":"1.1.14","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-tooltip","old_version":"1.2.8","new_version":"1.2.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@tailwindcss/typography","old_version":"0.5.19","new_version":"0.5.20","repository_url":"https://github.com/tailwindlabs/tailwindcss-typography"},{"name":"@tanstack/react-query","old_version":"5.90.16","new_version":"5.101.0","repository_url":"https://github.com/TanStack/query"},{"name":"axios","old_version":"1.13.2","new_version":"1.17.0","repository_url":"https://github.com/axios/axios"},{"name":"date-fns","old_version":"4.1.0","new_version":"4.4.0","repository_url":"https://github.com/date-fns/date-fns"},{"name":"lucide-react","old_version":"0.562.0","new_version":"1.17.0","repository_url":"https://github.com/lucide-icons/lucide"},{"name":"next","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"react","old_version":"19.2.3","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"@types/react","old_version":"19.2.8","new_version":"19.2.17","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"react-dom","old_version":"19.2.3","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"react-hook-form","old_version":"7.71.0","new_version":"7.78.0","repository_url":"https://github.com/react-hook-form/react-hook-form"},{"name":"tailwind-merge","old_version":"3.4.0","new_version":"3.6.0","repository_url":"https://github.com/dcastil/tailwind-merge"},{"name":"zod","old_version":"4.3.5","new_version":"4.4.3","repository_url":"https://github.com/colinhacks/zod"},{"name":"zustand","old_version":"5.0.10","new_version":"5.0.14","repository_url":"https://github.com/pmndrs/zustand"},{"name":"@tailwindcss/postcss","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tanstack/react-query-devtools","old_version":"5.91.2","new_version":"5.101.0","repository_url":"https://github.com/TanStack/query"},{"name":"@types/node","old_version":"25.0.8","new_version":"25.9.3","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"eslint","old_version":"9.39.2","new_version":"10.4.1","repository_url":"https://github.com/eslint/eslint"},{"name":"eslint-config-next","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"tailwindcss","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"typescript","old_version":"5.9.3","new_version":"6.0.3","repository_url":"https://github.com/microsoft/TypeScript"},{"name":"@babel/code-frame","old_version":"7.27.1","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/compat-data","old_version":"7.28.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/core","old_version":"7.28.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/generator","old_version":"7.28.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/helper-compilation-targets","old_version":"7.27.2","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/helper-globals","old_version":"7.28.0","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/helper-module-imports","old_version":"7.27.1","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/helper-module-transforms","old_version":"7.28.3","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/helper-string-parser","old_version":"7.27.1","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/helper-validator-identifier","old_version":"7.28.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/helper-validator-option","old_version":"7.27.1","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/helpers","old_version":"7.28.4","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/parser","old_version":"7.28.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/template","old_version":"7.27.2","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/traverse","old_version":"7.28.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/types","old_version":"7.28.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@emnapi/core","old_version":"1.7.1","new_version":"1.10.0","repository_url":"https://github.com/toyobayashi/emnapi"},{"name":"@emnapi/runtime","old_version":"1.7.1","new_version":"1.10.0","repository_url":"https://github.com/toyobayashi/emnapi"},{"name":"@emnapi/wasi-threads","old_version":"1.1.0","new_version":"1.2.1","repository_url":"https://github.com/toyobayashi/emnapi"},{"name":"@eslint-community/eslint-utils","old_version":"4.9.0","new_version":"4.9.1","repository_url":"https://github.com/eslint-community/eslint-utils"},{"name":"@eslint/config-array","old_version":"0.21.1","new_version":"0.23.5","repository_url":"https://github.com/eslint/rewrite"},{"name":"@eslint/config-helpers","old_version":"0.4.2","new_version":"0.6.0","repository_url":"https://github.com/eslint/rewrite"},{"name":"@eslint/core","old_version":"0.17.0","new_version":"1.2.1","repository_url":"https://github.com/eslint/rewrite"},{"name":"@eslint/object-schema","old_version":"2.1.7","new_version":"3.0.5","repository_url":"https://github.com/eslint/rewrite"},{"name":"@eslint/plugin-kit","old_version":"0.4.1","new_version":"0.7.2","repository_url":"https://github.com/eslint/rewrite"},{"name":"@floating-ui/core","old_version":"1.7.3","new_version":"1.7.5","repository_url":"https://github.com/floating-ui/floating-ui"},{"name":"@floating-ui/dom","old_version":"1.7.4","new_version":"1.7.6","repository_url":"https://github.com/floating-ui/floating-ui"},{"name":"@floating-ui/react-dom","old_version":"2.1.6","new_version":"2.1.8","repository_url":"https://github.com/floating-ui/floating-ui"},{"name":"@floating-ui/utils","old_version":"0.2.10","new_version":"0.2.11","repository_url":"https://github.com/floating-ui/floating-ui"},{"name":"@humanfs/core","old_version":"0.19.1","new_version":"0.19.2","repository_url":"https://github.com/humanwhocodes/humanfs"},{"name":"@humanfs/node","old_version":"0.16.7","new_version":"0.16.8","repository_url":"https://github.com/humanwhocodes/humanfs"},{"name":"@img/colour","old_version":"1.0.0","new_version":"1.1.0","repository_url":"https://github.com/lovell/colour"},{"name":"@napi-rs/wasm-runtime","old_version":"0.2.12","new_version":"1.1.5","repository_url":"https://github.com/napi-rs/napi-rs"},{"name":"@next/env","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"@next/eslint-plugin-next","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"@next/swc-darwin-arm64","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"@next/swc-darwin-x64","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"@next/swc-linux-arm64-gnu","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"@next/swc-linux-arm64-musl","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"@next/swc-linux-x64-gnu","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"@next/swc-linux-x64-musl","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"@next/swc-win32-arm64-msvc","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"@next/swc-win32-x64-msvc","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"@radix-ui/number","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/primitive","old_version":"1.1.3","new_version":"1.1.4","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-arrow","old_version":"1.1.7","new_version":"1.1.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-collection","old_version":"1.1.7","new_version":"1.1.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-compose-refs","old_version":"1.1.2","new_version":"1.1.3","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-context","old_version":"1.1.2","new_version":"1.1.4","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-direction","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-dismissable-layer","old_version":"1.1.11","new_version":"1.1.12","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-focus-guards","old_version":"1.1.3","new_version":"1.1.4","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-focus-scope","old_version":"1.1.7","new_version":"1.1.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-id","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-menu","old_version":"2.1.16","new_version":"2.1.17","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-popper","old_version":"1.2.8","new_version":"1.3.0","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-portal","old_version":"1.1.9","new_version":"1.1.11","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-presence","old_version":"1.1.5","new_version":"1.1.6","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-primitive","old_version":"2.1.3","new_version":"2.1.5","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-roving-focus","old_version":"1.1.11","new_version":"1.1.12","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-use-callback-ref","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-use-controllable-state","old_version":"1.2.2","new_version":"1.2.3","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-use-effect-event","old_version":"0.0.2","new_version":"0.0.3","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-use-escape-keydown","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-use-is-hydrated","old_version":"0.1.0","new_version":"0.1.1","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-use-layout-effect","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-use-previous","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-use-rect","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-use-size","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-visually-hidden","old_version":"1.2.3","new_version":"1.2.5","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/rect","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@tailwindcss/node","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-android-arm64","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-darwin-arm64","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-darwin-x64","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-freebsd-x64","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-linux-arm-gnueabihf","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-linux-arm64-gnu","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-linux-arm64-musl","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-linux-x64-gnu","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-linux-x64-musl","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-wasm32-wasi","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-win32-arm64-msvc","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-win32-x64-msvc","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tanstack/query-core","old_version":"5.90.16","new_version":"5.101.0","repository_url":"https://github.com/TanStack/query"},{"name":"@tanstack/query-devtools","old_version":"5.92.0","new_version":"5.101.0","repository_url":"https://github.com/TanStack/query"},{"name":"@tybys/wasm-util","old_version":"0.10.1","new_version":"0.10.2","repository_url":"https://github.com/toyobayashi/wasm-util"},{"name":"@types/estree","old_version":"1.0.8","new_version":"1.0.9","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"@typescript-eslint/eslint-plugin","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/parser","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/project-service","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/scope-manager","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/tsconfig-utils","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/type-utils","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/types","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/typescript-estree","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/utils","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/visitor-keys","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@unrs/resolver-binding-android-arm-eabi","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-android-arm64","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-darwin-arm64","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-darwin-x64","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-freebsd-x64","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-linux-arm-gnueabihf","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-linux-arm-musleabihf","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-linux-arm64-gnu","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-linux-arm64-musl","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-linux-ppc64-gnu","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-linux-riscv64-gnu","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-linux-riscv64-musl","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-linux-s390x-gnu","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-linux-x64-gnu","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-linux-x64-musl","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-wasm32-wasi","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-win32-arm64-msvc","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-win32-ia32-msvc","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-win32-x64-msvc","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"acorn","old_version":"8.15.0","new_version":"8.17.0","repository_url":"https://github.com/acornjs/acorn"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"axe-core","old_version":"4.11.0","new_version":"4.12.1","repository_url":"https://github.com/dequelabs/axe-core"},{"name":"baseline-browser-mapping","old_version":"2.9.7","new_version":"2.10.36","repository_url":"https://github.com/web-platform-dx/baseline-browser-mapping"},{"name":"brace-expansion","old_version":"1.1.12","new_version":"1.1.15","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"browserslist","old_version":"4.28.1","new_version":"4.28.2","repository_url":"https://github.com/browserslist/browserslist"},{"name":"call-bind","old_version":"1.0.8","new_version":"1.0.9","repository_url":"https://github.com/ljharb/call-bind"},{"name":"caniuse-lite","old_version":"1.0.30001760","new_version":"1.0.30001799","repository_url":"https://github.com/browserslist/caniuse-lite"},{"name":"electron-to-chromium","old_version":"1.5.267","new_version":"1.5.371","repository_url":"https://github.com/Kilian/electron-to-chromium"},{"name":"enhanced-resolve","old_version":"5.18.4","new_version":"5.24.0","repository_url":"https://github.com/webpack/enhanced-resolve"},{"name":"es-abstract","old_version":"1.24.1","new_version":"1.24.2","repository_url":"https://github.com/ljharb/es-abstract"},{"name":"es-iterator-helpers","old_version":"1.2.2","new_version":"1.3.3","repository_url":"https://github.com/es-shims/iterator-helpers"},{"name":"es-object-atoms","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/ljharb/es-object-atoms"},{"name":"eslint-import-resolver-node","old_version":"0.3.9","new_version":"0.3.10","repository_url":"https://github.com/import-js/eslint-plugin-import"},{"name":"eslint-module-utils","old_version":"2.12.1","new_version":"2.13.0","repository_url":"https://github.com/import-js/eslint-plugin-import"},{"name":"eslint-plugin-react-hooks","old_version":"7.0.1","new_version":"7.1.1","repository_url":"https://github.com/facebook/react"},{"name":"eslint-scope","old_version":"8.4.0","new_version":"9.1.2","repository_url":"https://github.com/eslint/js"},{"name":"espree","old_version":"10.4.0","new_version":"11.2.0","repository_url":"https://github.com/eslint/js"},{"name":"esquery","old_version":"1.6.0","new_version":"1.7.0","repository_url":"https://github.com/estools/esquery"},{"name":"fastq","old_version":"1.19.1","new_version":"1.20.1","repository_url":"https://github.com/mcollina/fastq"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.15.11","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"function.prototype.name","old_version":"1.1.8","new_version":"1.2.0","repository_url":"https://github.com/es-shims/Function.prototype.name"},{"name":"get-tsconfig","old_version":"4.13.0","new_version":"4.14.0","repository_url":"https://github.com/privatenumber/get-tsconfig"},{"name":"globals","old_version":"14.0.0","new_version":"16.4.0","repository_url":"https://github.com/sindresorhus/globals"},{"name":"hasown","old_version":"2.0.2","new_version":"2.0.4","repository_url":"https://github.com/inspect-js/hasOwn"},{"name":"is-core-module","old_version":"2.16.1","new_version":"2.16.2","repository_url":"https://github.com/inspect-js/is-core-module"},{"name":"jiti","old_version":"2.6.1","new_version":"2.7.0","repository_url":"https://github.com/unjs/jiti"},{"name":"lightningcss-android-arm64","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss-darwin-arm64","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss-darwin-x64","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss-freebsd-x64","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss-linux-arm-gnueabihf","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss-linux-arm64-gnu","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss-linux-arm64-musl","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss-linux-x64-gnu","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss-linux-x64-musl","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss-win32-arm64-msvc","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss-win32-x64-msvc","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"nanoid","old_version":"3.3.11","new_version":"3.3.12","repository_url":"https://github.com/ai/nanoid"},{"name":"node-releases","old_version":"2.0.27","new_version":"2.0.47","repository_url":"https://github.com/chicoxyzzy/node-releases"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"proxy-from-env","old_version":"1.1.0","new_version":"2.1.0","repository_url":"https://github.com/Rob--W/proxy-from-env"},{"name":"resolve","old_version":"1.22.11","new_version":"2.0.0-next.7","repository_url":"https://github.com/browserify/resolve"},{"name":"safe-array-concat","old_version":"1.1.3","new_version":"1.1.4","repository_url":"https://github.com/ljharb/safe-array-concat"},{"name":"side-channel-list","old_version":"1.0.0","new_version":"1.0.1","repository_url":"https://github.com/ljharb/side-channel-list"},{"name":"side-channel","old_version":"1.1.0","new_version":"1.1.1","repository_url":"https://github.com/ljharb/side-channel"},{"name":"string.prototype.trim","old_version":"1.2.10","new_version":"1.2.11","repository_url":"https://github.com/es-shims/String.prototype.trim"},{"name":"string.prototype.trimend","old_version":"1.0.9","new_version":"1.0.10","repository_url":"https://github.com/es-shims/String.prototype.trimEnd"},{"name":"tapable","old_version":"2.3.0","new_version":"2.3.3","repository_url":"https://github.com/webpack/tapable"},{"name":"tinyglobby","old_version":"0.2.15","new_version":"0.2.17","repository_url":"https://github.com/SuperchupuDev/tinyglobby"},{"name":"ts-api-utils","old_version":"2.1.0","new_version":"2.5.0","repository_url":"https://github.com/JoshuaKGoldberg/ts-api-utils"},{"name":"typed-array-length","old_version":"1.0.7","new_version":"1.0.8","repository_url":"https://github.com/inspect-js/typed-array-length"},{"name":"typescript-eslint","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"undici-types","old_version":"7.16.0","new_version":"7.24.6","repository_url":"https://github.com/nodejs/undici"},{"name":"unrs-resolver","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"update-browserslist-db","old_version":"1.2.2","new_version":"1.2.3","repository_url":"https://github.com/browserslist/update-db"},{"name":"which-typed-array","old_version":"1.1.19","new_version":"1.1.22","repository_url":"https://github.com/inspect-js/which-typed-array"}],"path":"/panel","ecosystem":"npm"},"body":"Bumps the dependencies group in /panel with 215 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@hookform/resolvers](https://github.com/react-hook-form/resolvers) | `5.2.2` | `5.4.0` |\n| [@radix-ui/react-alert-dialog](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/alert-dialog) | `1.1.15` | `1.1.16` |\n| [@radix-ui/react-avatar](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/avatar) | `1.1.11` | `1.1.12` |\n| [@radix-ui/react-checkbox](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/checkbox) | `1.3.3` | `1.3.4` |\n| [@radix-ui/react-collapsible](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/collapsible) | `1.1.12` | `1.1.13` |\n| [@radix-ui/react-dialog](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dialog) | `1.1.15` | `1.1.16` |\n| [@radix-ui/react-dropdown-menu](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dropdown-menu) | `2.1.16` | `2.1.17` |\n| [@radix-ui/react-label](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/label) | `2.1.8` | `2.1.9` |\n| [@radix-ui/react-popover](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/popover) | `1.1.15` | `1.1.16` |\n| [@radix-ui/react-progress](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/progress) | `1.1.8` | `1.1.9` |\n| [@radix-ui/react-scroll-area](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/scroll-area) | `1.2.10` | `1.2.11` |\n| [@radix-ui/react-select](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/select) | `2.2.6` | `2.3.0` |\n| [@radix-ui/react-separator](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/separator) | `1.1.8` | `1.1.9` |\n| [@radix-ui/react-slot](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/slot) | `1.2.4` | `1.2.5` |\n| [@radix-ui/react-switch](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/switch) | `1.2.6` | `1.3.0` |\n| [@radix-ui/react-tabs](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/tabs) | `1.1.13` | `1.1.14` |\n| [@radix-ui/react-tooltip](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/tooltip) | `1.2.8` | `1.2.9` |\n| [@tailwindcss/typography](https://github.com/tailwindlabs/tailwindcss-typography) | `0.5.19` | `0.5.20` |\n| [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.90.16` | `5.101.0` |\n| [axios](https://github.com/axios/axios) | `1.13.2` | `1.17.0` |\n| [date-fns](https://github.com/date-fns/date-fns) | `4.1.0` | `4.4.0` |\n| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `0.562.0` | `1.17.0` |\n| [next](https://github.com/vercel/next.js) | `16.1.1` | `16.2.9` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.3` | `19.2.7` |\n| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.8` | `19.2.17` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.3` | `19.2.7` |\n| [react-hook-form](https://github.com/react-hook-form/react-hook-form) | `7.71.0` | `7.78.0` |\n| [tailwind-merge](https://github.com/dcastil/tailwind-merge) | `3.4.0` | `3.6.0` |\n| [zod](https://github.com/colinhacks/zod) | `4.3.5` | `4.4.3` |\n| [zustand](https://github.com/pmndrs/zustand) | `5.0.10` | `5.0.14` |\n| [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss) | `4.1.18` | `4.3.0` |\n| [@tanstack/react-query-devtools](https://github.com/TanStack/query/tree/HEAD/packages/react-query-devtools) | `5.91.2` | `5.101.0` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.0.8` | `25.9.3` |\n| [eslint](https://github.com/eslint/eslint) | `9.39.2` | `10.4.1` |\n| [eslint-config-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next) | `16.1.1` | `16.2.9` |\n| [tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss) | `4.1.18` | `4.3.0` |\n| [typescript](https://github.com/microsoft/TypeScript) | `5.9.3` | `6.0.3` |\n| [@babel/code-frame](https://github.com/babel/babel/tree/HEAD/packages/babel-code-frame) | `7.27.1` | `7.29.7` |\n| [@babel/compat-data](https://github.com/babel/babel/tree/HEAD/packages/babel-compat-data) | `7.28.5` | `7.29.7` |\n| [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) | `7.28.5` | `7.29.7` |\n| [@babel/generator](https://github.com/babel/babel/tree/HEAD/packages/babel-generator) | `7.28.5` | `7.29.7` |\n| [@babel/helper-compilation-targets](https://github.com/babel/babel/tree/HEAD/packages/babel-helper-compilation-targets) | `7.27.2` | `7.29.7` |\n| [@babel/helper-globals](https://github.com/babel/babel/tree/HEAD/packages/babel-helper-globals) | `7.28.0` | `7.29.7` |\n| [@babel/helper-module-imports](https://github.com/babel/babel/tree/HEAD/packages/babel-helper-module-imports) | `7.27.1` | `7.29.7` |\n| [@babel/helper-module-transforms](https://github.com/babel/babel/tree/HEAD/packages/babel-helper-module-transforms) | `7.28.3` | `7.29.7` |\n| [@babel/helper-string-parser](https://github.com/babel/babel/tree/HEAD/packages/babel-helper-string-parser) | `7.27.1` | `7.29.7` |\n| [@babel/helper-validator-identifier](https://github.com/babel/babel/tree/HEAD/packages/babel-helper-validator-identifier) | `7.28.5` | `7.29.7` |\n| [@babel/helper-validator-option](https://github.com/babel/babel/tree/HEAD/packages/babel-helper-validator-option) | `7.27.1` | `7.29.7` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.28.4` | `7.29.7` |\n| [@babel/parser](https://github.com/babel/babel/tree/HEAD/packages/babel-parser) | `7.28.5` | `7.29.7` |\n| [@babel/template](https://github.com/babel/babel/tree/HEAD/packages/babel-template) | `7.27.2` | `7.29.7` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.28.5` | `7.29.7` |\n| [@babel/types](https://github.com/babel/babel/tree/HEAD/packages/babel-types) | `7.28.5` | `7.29.7` |\n| [@emnapi/core](https://github.com/toyobayashi/emnapi) | `1.7.1` | `1.10.0` |\n| [@emnapi/runtime](https://github.com/toyobayashi/emnapi) | `1.7.1` | `1.10.0` |\n| [@emnapi/wasi-threads](https://github.com/toyobayashi/emnapi) | `1.1.0` | `1.2.1` |\n| [@eslint-community/eslint-utils](https://github.com/eslint-community/eslint-utils) | `4.9.0` | `4.9.1` |\n| [@eslint/config-array](https://github.com/eslint/rewrite/tree/HEAD/packages/config-array) | `0.21.1` | `0.23.5` |\n| [@eslint/config-helpers](https://github.com/eslint/rewrite/tree/HEAD/packages/config-helpers) | `0.4.2` | `0.6.0` |\n| [@eslint/core](https://github.com/eslint/rewrite/tree/HEAD/packages/core) | `0.17.0` | `1.2.1` |\n| [@eslint/object-schema](https://github.com/eslint/rewrite/tree/HEAD/packages/object-schema) | `2.1.7` | `3.0.5` |\n| [@eslint/plugin-kit](https://github.com/eslint/rewrite/tree/HEAD/packages/plugin-kit) | `0.4.1` | `0.7.2` |\n| [@floating-ui/core](https://github.com/floating-ui/floating-ui/tree/HEAD/packages/core) | `1.7.3` | `1.7.5` |\n| [@floating-ui/dom](https://github.com/floating-ui/floating-ui/tree/HEAD/packages/dom) | `1.7.4` | `1.7.6` |\n| [@floating-ui/react-dom](https://github.com/floating-ui/floating-ui/tree/HEAD/packages/react-dom) | `2.1.6` | `2.1.8` |\n| [@floating-ui/utils](https://github.com/floating-ui/floating-ui/tree/HEAD/packages/utils) | `0.2.10` | `0.2.11` |\n| [@humanfs/core](https://github.com/humanwhocodes/humanfs) | `0.19.1` | `0.19.2` |\n| [@humanfs/node](https://github.com/humanwhocodes/humanfs/tree/HEAD/packages/node) | `0.16.7` | `0.16.8` |\n| [@img/colour](https://github.com/lovell/colour) | `1.0.0` | `1.1.0` |\n| [@napi-rs/wasm-runtime](https://github.com/napi-rs/napi-rs/tree/HEAD/wasm-runtime) | `0.2.12` | `1.1.5` |\n| [@next/env](https://github.com/vercel/next.js/tree/HEAD/packages/next-env) | `16.1.1` | `16.2.9` |\n| [@next/eslint-plugin-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-plugin-next) | `16.1.1` | `16.2.9` |\n| [@next/swc-darwin-arm64](https://github.com/vercel/next.js/tree/HEAD/crates/next-napi-bindings/npm/darwin-arm64) | `16.1.1` | `16.2.9` |\n| [@next/swc-darwin-x64](https://github.com/vercel/next.js/tree/HEAD/crates/next-napi-bindings/npm/darwin-x64) | `16.1.1` | `16.2.9` |\n| [@next/swc-linux-arm64-gnu](https://github.com/vercel/next.js/tree/HEAD/crates/next-napi-bindings/npm/linux-arm64-gnu) | `16.1.1` | `16.2.9` |\n| [@next/swc-linux-arm64-musl](https://github.com/vercel/next.js/tree/HEAD/crates/next-napi-bindings/npm/linux-arm64-musl) | `16.1.1` | `16.2.9` |\n| [@next/swc-linux-x64-gnu](https://github.com/vercel/next.js/tree/HEAD/crates/next-napi-bindings/npm/linux-x64-gnu) | `16.1.1` | `16.2.9` |\n| [@next/swc-linux-x64-musl](https://github.com/vercel/next.js/tree/HEAD/crates/next-napi-bindings/npm/linux-x64-musl) | `16.1.1` | `16.2.9` |\n| [@next/swc-win32-arm64-msvc](https://github.com/vercel/next.js/tree/HEAD/crates/next-napi-bindings/npm/win32-arm64-msvc) | `16.1.1` | `16.2.9` |\n| [@next/swc-win32-x64-msvc](https://github.com/vercel/next.js/tree/HEAD/crates/next-napi-bindings/npm/win32-x64-msvc) | `16.1.1` | `16.2.9` |\n| [@radix-ui/number](https://github.com/radix-ui/primitives/tree/HEAD/packages/core/number) | `1.1.1` | `1.1.2` |\n| [@radix-ui/primitive](https://github.com/radix-ui/primitives/tree/HEAD/packages/core/primitive) | `1.1.3` | `1.1.4` |\n| [@radix-ui/react-arrow](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/arrow) | `1.1.7` | `1.1.9` |\n| [@radix-ui/react-collection](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/collection) | `1.1.7` | `1.1.9` |\n| [@radix-ui/react-compose-refs](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/compose-refs) | `1.1.2` | `1.1.3` |\n| [@radix-ui/react-context](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/context) | `1.1.2` | `1.1.4` |\n| [@radix-ui/react-direction](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/direction) | `1.1.1` | `1.1.2` |\n| [@radix-ui/react-dismissable-layer](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dismissable-layer) | `1.1.11` | `1.1.12` |\n| [@radix-ui/react-focus-guards](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/focus-guards) | `1.1.3` | `1.1.4` |\n| [@radix-ui/react-focus-scope](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/focus-scope) | `1.1.7` | `1.1.9` |\n| [@radix-ui/react-id](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/id) | `1.1.1` | `1.1.2` |\n| [@radix-ui/react-menu](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/menu) | `2.1.16` | `2.1.17` |\n| [@radix-ui/react-popper](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/popper) | `1.2.8` | `1.3.0` |\n| [@radix-ui/react-portal](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/portal) | `1.1.9` | `1.1.11` |\n| [@radix-ui/react-presence](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/presence) | `1.1.5` | `1.1.6` |\n| [@radix-ui/react-primitive](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/primitive) | `2.1.3` | `2.1.5` |\n| [@radix-ui/react-roving-focus](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/roving-focus) | `1.1.11` | `1.1.12` |\n| [@radix-ui/react-use-callback-ref](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/use-callback-ref) | `1.1.1` | `1.1.2` |\n| [@radix-ui/react-use-controllable-state](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/use-controllable-state) | `1.2.2` | `1.2.3` |\n| [@radix-ui/react-use-effect-event](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/use-effect-event) | `0.0.2` | `0.0.3` |\n| [@radix-ui/react-use-escape-keydown](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/use-escape-keydown) | `1.1.1` | `1.1.2` |\n| [@radix-ui/react-use-is-hydrated](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/use-is-hydrated) | `0.1.0` | `0.1.1` |\n| [@radix-ui/react-use-layout-effect](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/use-layout-effect) | `1.1.1` | `1.1.2` |\n| [@radix-ui/react-use-previous](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/use-previous) | `1.1.1` | `1.1.2` |\n| [@radix-ui/react-use-rect](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/use-rect) | `1.1.1` | `1.1.2` |\n| [@radix-ui/react-use-size](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/use-size) | `1.1.1` | `1.1.2` |\n| [@radix-ui/react-visually-hidden](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/visually-hidden) | `1.2.3` | `1.2.5` |\n| [@radix-ui/rect](https://github.com/radix-ui/primitives/tree/HEAD/packages/core/rect) | `1.1.1` | `1.1.2` |\n| [@tailwindcss/node](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-node) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-android-arm64](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/android-arm64) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-darwin-arm64](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/darwin-arm64) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-darwin-x64](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/darwin-x64) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-freebsd-x64](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/freebsd-x64) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-linux-arm-gnueabihf](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/linux-arm-gnueabihf) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-linux-arm64-gnu](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/linux-arm64-gnu) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-linux-arm64-musl](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/linux-arm64-musl) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-linux-x64-gnu](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/linux-x64-gnu) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-linux-x64-musl](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/linux-x64-musl) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-wasm32-wasi](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-win32-arm64-msvc](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/win32-arm64-msvc) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-win32-x64-msvc](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/win32-x64-msvc) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node) | `4.1.18` | `4.3.0` |\n| [@tanstack/query-core](https://github.com/TanStack/query/tree/HEAD/packages/query-core) | `5.90.16` | `5.101.0` |\n| [@tanstack/query-devtools](https://github.com/TanStack/query/tree/HEAD/packages/query-devtools) | `5.92.0` | `5.101.0` |\n| [@tybys/wasm-util](https://github.com/toyobayashi/wasm-util) | `0.10.1` | `0.10.2` |\n| [@types/estree](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/estree) | `1.0.8` | `1.0.9` |\n| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.49.0` | `8.61.0` |\n| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.49.0` | `8.61.0` |\n| [@typescript-eslint/project-service](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/project-service) | `8.49.0` | `8.61.0` |\n| [@typescript-eslint/scope-manager](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/scope-manager) | `8.49.0` | `8.61.0` |\n| [@typescript-eslint/tsconfig-utils](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/tsconfig-utils) | `8.49.0` | `8.61.0` |\n| [@typescript-eslint/type-utils](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/type-utils) | `8.49.0` | `8.61.0` |\n| [@typescript-eslint/types](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/types) | `8.49.0` | `8.61.0` |\n| [@typescript-eslint/typescript-estree](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-estree) | `8.49.0` | `8.61.0` |\n| [@typescript-eslint/utils](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/utils) | `8.49.0` | `8.61.0` |\n| [@typescript-eslint/visitor-keys](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/visitor-keys) | `8.49.0` | `8.61.0` |\n| [@unrs/resolver-binding-android-arm-eabi](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-android-arm64](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-darwin-arm64](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-darwin-x64](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-freebsd-x64](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-linux-arm-gnueabihf](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-linux-arm-musleabihf](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-linux-arm64-gnu](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-linux-arm64-musl](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-linux-ppc64-gnu](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-linux-riscv64-gnu](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-linux-riscv64-musl](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-linux-s390x-gnu](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-linux-x64-gnu](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-linux-x64-musl](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-wasm32-wasi](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-win32-arm64-msvc](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-win32-ia32-msvc](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-win32-x64-msvc](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [acorn](https://github.com/acornjs/acorn) | `8.15.0` | `8.17.0` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [axe-core](https://github.com/dequelabs/axe-core) | `4.11.0` | `4.12.1` |\n| [baseline-browser-mapping](https://github.com/web-platform-dx/baseline-browser-mapping) | `2.9.7` | `2.10.36` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.15` |\n| [browserslist](https://github.com/browserslist/browserslist) | `4.28.1` | `4.28.2` |\n| [call-bind](https://github.com/ljharb/call-bind) | `1.0.8` | `1.0.9` |\n| [caniuse-lite](https://github.com/browserslist/caniuse-lite) | `1.0.30001760` | `1.0.30001799` |\n| [electron-to-chromium](https://github.com/Kilian/electron-to-chromium) | `1.5.267` | `1.5.371` |\n| [enhanced-resolve](https://github.com/webpack/enhanced-resolve) | `5.18.4` | `5.24.0` |\n| [es-abstract](https://github.com/ljharb/es-abstract) | `1.24.1` | `1.24.2` |\n| [es-iterator-helpers](https://github.com/es-shims/iterator-helpers) | `1.2.2` | `1.3.3` |\n| [es-object-atoms](https://github.com/ljharb/es-object-atoms) | `1.1.1` | `1.1.2` |\n| [eslint-import-resolver-node](https://github.com/import-js/eslint-plugin-import/tree/HEAD/resolvers/node) | `0.3.9` | `0.3.10` |\n| [eslint-module-utils](https://github.com/import-js/eslint-plugin-import/tree/HEAD/utils) | `2.12.1` | `2.13.0` |\n| [eslint-plugin-react-hooks](https://github.com/facebook/react/tree/HEAD/packages/eslint-plugin-react-hooks) | `7.0.1` | `7.1.1` |\n| [eslint-scope](https://github.com/eslint/js/tree/HEAD/packages/eslint-scope) | `8.4.0` | `9.1.2` |\n| [espree](https://github.com/eslint/js/tree/HEAD/packages/espree) | `10.4.0` | `11.2.0` |\n| [esquery](https://github.com/estools/esquery) | `1.6.0` | `1.7.0` |\n| [fastq](https://github.com/mcollina/fastq) | `1.19.1` | `1.20.1` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.11` | `1.16.0` |\n| [function.prototype.name](https://github.com/es-shims/Function.prototype.name) | `1.1.8` | `1.2.0` |\n| [get-tsconfig](https://github.com/privatenumber/get-tsconfig) | `4.13.0` | `4.14.0` |\n| [globals](https://github.com/sindresorhus/globals) | `14.0.0` | `16.4.0` |\n| [hasown](https://github.com/inspect-js/hasOwn) | `2.0.2` | `2.0.4` |\n| [is-core-module](https://github.com/inspect-js/is-core-module) | `2.16.1` | `2.16.2` |\n| [jiti](https://github.com/unjs/jiti) | `2.6.1` | `2.7.0` |\n| [lightningcss-android-arm64](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss-darwin-arm64](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss-darwin-x64](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss-freebsd-x64](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss-linux-arm-gnueabihf](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss-linux-arm64-gnu](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss-linux-arm64-musl](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss-linux-x64-gnu](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss-linux-x64-musl](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss-win32-arm64-msvc](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss-win32-x64-msvc](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.11` | `3.3.12` |\n| [node-releases](https://github.com/chicoxyzzy/node-releases) | `2.0.27` | `2.0.47` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [proxy-from-env](https://github.com/Rob--W/proxy-from-env) | `1.1.0` | `2.1.0` |\n| [resolve](https://github.com/browserify/resolve) | `1.22.11` | `2.0.0-next.7` |\n| [safe-array-concat](https://github.com/ljharb/safe-array-concat) | `1.1.3` | `1.1.4` |\n| [side-channel-list](https://github.com/ljharb/side-channel-list) | `1.0.0` | `1.0.1` |\n| [side-channel](https://github.com/ljharb/side-channel) | `1.1.0` | `1.1.1` |\n| [string.prototype.trim](https://github.com/es-shims/String.prototype.trim) | `1.2.10` | `1.2.11` |\n| [string.prototype.trimend](https://github.com/es-shims/String.prototype.trimEnd) | `1.0.9` | `1.0.10` |\n| [tapable](https://github.com/webpack/tapable) | `2.3.0` | `2.3.3` |\n| [tinyglobby](https://github.com/SuperchupuDev/tinyglobby) | `0.2.15` | `0.2.17` |\n| [ts-api-utils](https://github.com/JoshuaKGoldberg/ts-api-utils) | `2.1.0` | `2.5.0` |\n| [typed-array-length](https://github.com/inspect-js/typed-array-length) | `1.0.7` | `1.0.8` |\n| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.49.0` | `8.61.0` |\n| [undici-types](https://github.com/nodejs/undici) | `7.16.0` | `7.24.6` |\n| [unrs-resolver](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [update-browserslist-db](https://github.com/browserslist/update-db) | `1.2.2` | `1.2.3` |\n| [which-typed-array](https://github.com/inspect-js/which-typed-array) | `1.1.19` | `1.1.22` |\n\nUpdates `@hookform/resolvers` from 5.2.2 to 5.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/react-hook-form/resolvers/releases\"\u003e@​hookform/resolvers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.4.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v5.3.0...v5.4.0\"\u003e5.4.0\u003c/a\u003e (2026-05-21)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add ata-validator resolver (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/845\"\u003e#845\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix issue with toNestErrors.ts (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/848\"\u003e#848\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eadd guidance on passing context to \u003ccode\u003eyupResolver\u003c/code\u003e (useForm context) (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/835\"\u003e#835\u003c/a\u003e)  (\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/3d2992472adf5735b46b175e22bea82fddf13854\"\u003e3d29924\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/3d2992472adf5735b46b175e22bea82fddf13854\"\u003e\u003ccode\u003e3d29924\u003c/code\u003e\u003c/a\u003e feat: add guidance on passing context to \u003ccode\u003eyupResolver\u003c/code\u003e (useForm context) (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/835\"\u003e#835\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/56b68f3798612601190a533887847d8fef2c94af\"\u003e\u003ccode\u003e56b68f3\u003c/code\u003e\u003c/a\u003e feat: 5.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/cf8562d88ce3a1658676b2ef996347f29e05b3ee\"\u003e\u003ccode\u003ecf8562d\u003c/code\u003e\u003c/a\u003e update readme on ata-validator\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/5e5b6103692fa599ddacca39a03bf707e73a5012\"\u003e\u003ccode\u003e5e5b610\u003c/code\u003e\u003c/a\u003e fix issue with toNestErrors.ts (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/848\"\u003e#848\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/72aacf8604d697a29a1859f8bffccf18adb86add\"\u003e\u003ccode\u003e72aacf8\u003c/code\u003e\u003c/a\u003e Revise supported versions in SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/ad89a20d869f2dc21b905168c5578b3522c01b64\"\u003e\u003ccode\u003ead89a20\u003c/code\u003e\u003c/a\u003e feat: add ata-validator resolver (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/845\"\u003e#845\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/02286db88310fd23e1de61ad880c23e210801813\"\u003e\u003ccode\u003e02286db\u003c/code\u003e\u003c/a\u003e ci: updated publish workflow to use node 24 (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/838\"\u003e#838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/2e9bc7c7d02506d336e20d8c0bae0c479f3662ec\"\u003e\u003ccode\u003e2e9bc7c\u003c/code\u003e\u003c/a\u003e Fix(zodResolver): error paths in complex unions \u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/787\"\u003e#787\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/819\"\u003e#819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v5.2.2...v5.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-alert-dialog` from 1.1.15 to 1.1.16\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/alert-dialog/CHANGELOG.md\"\u003e@​radix-ui/react-alert-dialog's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dialog@1.1.16\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/alert-dialog\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-alert-dialog\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-avatar` from 1.1.11 to 1.1.12\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/avatar/CHANGELOG.md\"\u003e@​radix-ui/react-avatar's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-callback-ref@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-is-hydrated@0.1.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-layout-effect@1.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/avatar\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-avatar\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-checkbox` from 1.3.3 to 1.3.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/checkbox/CHANGELOG.md\"\u003e@​radix-ui/react-checkbox's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.3.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-previous@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-size@1.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/checkbox\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-checkbox\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-collapsible` from 1.1.12 to 1.1.13\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/collapsible/CHANGELOG.md\"\u003e@​radix-ui/react-collapsible's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed triggers referencing a non-existent element via \u003ccode\u003earia-controls\u003c/code\u003e when their content is removed from the DOM (credit to \u003ca href=\"https://github.com/dodomorandi\"\u003e\u003ccode\u003e@​dodomorandi\u003c/code\u003e\u003c/a\u003e for the \u003ca href=\"https://redirect.github.com/radix-ui/primitives/pull/3243\"\u003eoriginal PR\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-layout-effect@1.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/collapsible\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-collapsible\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-dialog` from 1.1.15 to 1.1.16\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/dialog/CHANGELOG.md\"\u003e@​radix-ui/react-dialog's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed disabled pointer events in closed dialogs\u003c/li\u003e\n\u003cli\u003eFixed a bug where iOS text selection and editing on HTML inputs within \u003ccode\u003ereact-dialog\u003c/code\u003e were broken\u003c/li\u003e\n\u003cli\u003eFixed triggers referencing a non-existent element via \u003ccode\u003earia-controls\u003c/code\u003e when their content is removed from the DOM (credit to \u003ca href=\"https://github.com/dodomorandi\"\u003e\u003ccode\u003e@​dodomorandi\u003c/code\u003e\u003c/a\u003e for the \u003ca href=\"https://redirect.github.com/radix-ui/primitives/pull/3243\"\u003eoriginal PR\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-guards@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/dialog\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-dialog\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-dropdown-menu` from 2.1.16 to 2.1.17\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/dropdown-menu/CHANGELOG.md\"\u003e@​radix-ui/react-dropdown-menu's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.1.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.17\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/dropdown-menu\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-dropdown-menu\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-label` from 2.1.8 to 2.1.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/label/CHANGELOG.md\"\u003e@​radix-ui/react-label's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/label\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-label\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-popover` from 1.1.15 to 1.1.16\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/popover/CHANGELOG.md\"\u003e@​radix-ui/react-popover's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug where iOS text selection and editing on HTML inputs within \u003ccode\u003ereact-dialog\u003c/code\u003e were broken\u003c/li\u003e\n\u003cli\u003eFixed triggers referencing a non-existent element via \u003ccode\u003earia-controls\u003c/code\u003e when their content is removed from the DOM (credit to \u003ca href=\"https://github.com/dodomorandi\"\u003e\u003ccode\u003e@​dodomorandi\u003c/code\u003e\u003c/a\u003e for the \u003ca href=\"https://redirect.github.com/radix-ui/primitives/pull/3243\"\u003eoriginal PR\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.3.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-guards@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/popover\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-popover\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-progress` from 1.1.8 to 1.1.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/progress/CHANGELOG.md\"\u003e@​radix-ui/react-progress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/progress\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-progress\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-scroll-area` from 1.2.10 to 1.2.11\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/scroll-area/CHANGELOG.md\"\u003e@​radix-ui/react-scroll-area's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.2.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed missing \u003ccode\u003edata-state\u003c/code\u003e attribute for Scroll Area scrollbars\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-direction@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/number@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-callback-ref@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-layout-effect@1.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/scroll-area\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-scroll-area\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-select` from 2.2.6 to 2.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/select/CHANGELOG.md\"\u003e@​radix-ui/react-select's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded unstable \u003ccode\u003eProvider\u003c/code\u003e and \u003ccode\u003eBubbleInput\u003c/code\u003e parts to Select. \u003ccode\u003eSelect.unstable_Provider\u003c/code\u003e sets up Select's context and state without implicitly rendering the hidden native \u003ccode\u003eselect\u003c/code\u003e, and \u003ccode\u003eSelect.unstable_BubbleInput\u003c/code\u003e exposes that previously internal native \u003ccode\u003eselect\u003c/code\u003e so consumers can recompose it explicitly. \u003ccode\u003eSelect\u003c/code\u003e continues to render both by default.\u003c/li\u003e\n\u003cli\u003eAdded support for presence-based exit animations in Select\u003c/li\u003e\n\u003cli\u003eFixed Select hidden input so it submits empty string when no value is selected\u003c/li\u003e\n\u003cli\u003eFixed placeholder rendering when a controlled Select is reset to an empty value\u003c/li\u003e\n\u003cli\u003eAdded missing \u003ccode\u003e__selectScope\u003c/code\u003e prop to \u003ccode\u003ePopperContent\u003c/code\u003e component\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eSelect\u003c/code\u003e closing unexpectedly after touch-scrolling its content when rendered inside an open shadow DOM\u003c/li\u003e\n\u003cli\u003eFixed a bug where iOS text selection and editing on HTML inputs within \u003ccode\u003ereact-dialog\u003c/code\u003e were broken\u003c/li\u003e\n\u003cli\u003eFixed triggers referencing a non-existent element via \u003ccode\u003earia-controls\u003c/code\u003e when their content is removed from the DOM (credit to \u003ca href=\"https://github.com/dodomorandi\"\u003e\u003ccode\u003e@​dodomorandi\u003c/code\u003e\u003c/a\u003e for the \u003ca href=\"https://redirect.github.com/radix-ui/primitives/pull/3243\"\u003eoriginal PR\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eSelectValue\u003c/code\u003e logging invalid prop errors when used with both \u003ccode\u003easChild\u003c/code\u003e and a placeholder\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.3.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-guards@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-collection@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-direction@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/number@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-callback-ref@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-layout-effect@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-previous@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-visually-hidden@1.2.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/select\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-select\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-separator` from 1.1.8 to 1.1.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/separator/CHANGELOG.md\"\u003e@​radix-ui/react-separator's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/separator\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-separator\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-slot` from 1.2.4 to 1.2.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/slot/CHANGELOG.md\"\u003e@​radix-ui/react-slot's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.2.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed infinite re-render loop in React 19 caused by \u003ccode\u003eSlot\u003c/code\u003e creating a new ref callback on every render\u003c/li\u003e\n\u003cli\u003eAdded support for nested \u003ccode\u003eSlottable\u003c/code\u003e via a render prop, so a slotted element can be wrapped while still merging Slot props and refs onto it\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eImproved error messages for invalid slot children\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/slot\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-slot\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-switch` from 1.2.6 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/switch/CHANGELOG.md\"\u003e@​radix-ui/react-switch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded unstable \u003ccode\u003eProvider\u003c/code\u003e, \u003ccode\u003eTrigger\u003c/code\u003e and \u003ccode\u003eBubbleInput\u003c/code\u003e parts to Switch. These expose the previously internal composition (context provider, the interactive control, and the hidden form input) so consumers can directly access and recompose them. The \u003ccode\u003eSwitch\u003c/code\u003e component continues to render them by default.\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-previous@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-size@1.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/switch\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-switch\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-tabs` from 1.1.13 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/tabs/CHANGELOG.md\"\u003e@​radix-ui/react-tabs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed triggers referencing a non-existent element via \u003ccode\u003earia-controls\u003c/code\u003e when their content is removed from the DOM (credit to \u003ca href=\"https://github.com/dodomorandi\"\u003e\u003ccode\u003e@​dodomorandi\u003c/code\u003e\u003c/a\u003e for the \u003ca href=\"https://redirect.github.com/radix-ui/primitives/pull/3243\"\u003eoriginal PR\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-direction@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/tabs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-tabs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-tooltip` from 1.2.8 to 1.2.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/tooltip/CHANGELOG.md\"\u003e@​radix-ui/react-tooltip's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.2.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed runtime error when event target is non-Node\u003c/li\u003e\n\u003cli\u003eFixed a Tooltip bug so that \u003ccode\u003eskipDelayDuration={0}\u003c/code\u003e works as expected. Previously, the open delay could still be skipped when moving between triggers.\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.3.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-visually-hidden@1.2.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/tooltip\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-tooltip\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tailwindcss/typography` from 0.5.19 to 0.5.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tailwindlabs/tailwindcss-typography/releases\"\u003e@​tailwindcss/typography's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.5.20\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport installing with stable versions of Tailwind CSS v4 (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss-typography/pull/424\"\u003e#424\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tailwindlabs/tailwindcss-typography/blob/main/CHANGELOG.md\"\u003e@​tailwindcss/typography's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[0.5.20] - 2026-06-08\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport installing with stable versions of Tailwind CSS v4 (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss-typography/pull/424\"\u003e#424\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss-typography/commit/e3714a3fe55551ce9d51eec4721183ed6b1d5cd1\"\u003e\u003ccode\u003ee3714a3\u003c/code\u003e\u003c/a\u003e 0.5.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss-typography/commit/f34283d2961e18dd0dc2a849702e0dfd45fc80cb\"\u003e\u003ccode\u003ef34283d\u003c/code\u003e\u003c/a\u003e Update tailwindcss peer dependency version (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss-typography/issues/424\"\u003e#424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss-typography/commit/543de4274390e90c4aab5d216729b46a3ba5541b\"\u003e\u003ccode\u003e543de42\u003c/code\u003e\u003c/a\u003e bump Node.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss-typography/commit/881b0488df9fd05e5361276b66a9ee8e7f39a3a7\"\u003e\u003ccode\u003e881b048\u003c/code\u003e\u003c/a\u003e Setup OIDC (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss-typography/issues/423\"\u003e#423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss-typography/commit/74a3da779bb43e4e68f446395224c768704c1fb6\"\u003e\u003ccode\u003e74a3da7\u003c/code\u003e\u003c/a\u003e Fix typo in README.md (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss-typography/issues/413\"\u003e#413\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss-typography/commit/3963dfede4845f46451db1863fd5321f4cdea03b\"\u003e\u003ccode\u003e3963dfe\u003c/code\u003e\u003c/a\u003e Bump js-yaml from 3.14.1 to 3.14.2 (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss-typography/issues/410\"\u003e#410\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss-typography/commit/abf85cc6e1b4f9b914b0f66453e5a97a9899a15c\"\u003e\u003ccode\u003eabf85cc\u003c/code\u003e\u003c/a\u003e className instead of classname (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss-typography/issues/406\"\u003e#406\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/tailwindlabs/tailwindcss-typography/compare/v0.5.19...v0.5.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​tailwindcss/typography\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tanstack/react-query` from 5.90.16 to 5.101.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TanStack/query/releases\"\u003e@​tanstack/react-query's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/3042860e3c8731c94ca4dec0e277e415d0484fce\"\u003e\u003ccode\u003e3042860\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/TanStack/query/commit/e631dc3fa17bff71f413246b7a770a730016d346\"\u003e\u003ccode\u003ee631dc3\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-next-experimental\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/TanStack/query/pull/10857\"\u003e#10857\u003c/a\u003e \u003ca href=\"https://github.com/TanStack/query/commit/7cf5923308fb91f3eff0fe952d8c64676e2bdad7\"\u003e\u003ccode\u003e7cf5923\u003c/code\u003e\u003c/a\u003e - fix(react-query-next-experimental): replace deprecated 'isServer' with 'environmentManager.isServer()'\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies []:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-persist-client\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-persist-client-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-next-experimental\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-persist-client\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-persist-client-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md\"\u003e@​tanstack/react-query's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.101.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix(react-query): do not go into optimistic fetching state when not subscribed (\u003ca href=\"https://redirect.github.com/TanStack/query/pull/10759\"\u003e#10759\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies []:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/d423168f6261a5cb3d353e53b27c8150cc271151\"\u003e\u003ccode\u003ed423168\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.12\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.12\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.11\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.11\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.10\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.10\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.9\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/fcee7bdc429385ae8ffa224fa8a7a9ec7b8ee380\"\u003e\u003ccode\u003efcee7bd\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.9\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/f3d8d2abbf15bf81ff7575d3be9845d7b402f25a\"\u003e\u003ccode\u003ef3d8d2a\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10774\"\u003e#10774\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/532bb298fba15e945e69c6ee4edc0c759ff21324\"\u003e\u003ccode\u003e532bb29\u003c/code\u003e\u003c/a\u003e fix(tests): disable local coverage instrumentation (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/ba6e7beebd50143408f01fcf5d9aee2ec1486f60\"\u003e\u003ccode\u003eba6e7be\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e fix(react): do not go into optimistic fetching state when not subscribed (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/05cf2bc0a4eae64959dc8a40152e2878190c971b\"\u003e\u003ccode\u003e05cf2bc\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10758\"\u003e#10758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/d423168f6261a5cb3d353e53b27c8150cc271151\"\u003e\u003ccode\u003ed423168\u003c/code\u003e\u003c/a\u003e fix(query-core): use built-in NoInfer for generic indexed-access types (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10593\"\u003e#10593\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/5ff4f6936bb66a64267eb4413430f956eecf7248\"\u003e\u003ccode\u003e5ff4f69\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10755\"\u003e#10755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/3e85350749751eef055fffb65f6838dfafa74891\"\u003e\u003ccode\u003e3e85350\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10706\"\u003e#10706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/9d2692cec4d538c2f96489027ba546f11638dfb1\"\u003e\u003ccode\u003e9d2692c\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10695\"\u003e#10695\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/74fa05eb1b16f40ea7068afd0e5e082687d22338\"\u003e\u003ccode\u003e74fa05e\u003c/code\u003e\u003c/a\u003e chore(tsconfig.json): narrow 'include' pattern to prevent TS6053 race conditi...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/TanStack/query/commits/@tanstack/react-query@5.101.0/packages/react-query\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.2 to 1.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10875\"\u003e#10875\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cl...\n\n_Description has been truncated_","html_url":"https://github.com/rennf93/roboco/pull/118","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/rennf93%2Froboco/issues/118","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/118/packages"},{"uuid":"4641959790","node_id":"PR_kwDOQBu2287lYxPv","number":13,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 24 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-06-14T02:39:15.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-11T15:32:56.000Z","updated_at":"2026-06-14T02:39:17.000Z","time_to_close":212779,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":24,"packages":[{"name":"simple-git","old_version":"3.28.0","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"glob","old_version":"10.4.5","new_version":"13.0.6","repository_url":"https://github.com/isaacs/node-glob"},{"name":"glob","old_version":"11.0.3","new_version":"11.1.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"vitest","old_version":"3.2.4","new_version":"4.1.8","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"tar","old_version":"7.5.1","new_version":"7.5.16","repository_url":"https://github.com/isaacs/node-tar"},{"name":"uuid","old_version":"11.1.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"@modelcontextprotocol/sdk","old_version":"1.15.1","new_version":"1.29.0","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"diff","old_version":"7.0.0","new_version":"9.0.0","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"shell-quote","old_version":"1.8.3","new_version":"1.8.4","repository_url":"https://github.com/ljharb/shell-quote"},{"name":"undici","old_version":"7.15.0","new_version":"7.27.2","repository_url":"https://github.com/nodejs/undici"},{"name":"ajv","old_version":"8.17.1","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"fast-uri","old_version":"3.0.6","new_version":"3.1.2","repository_url":"https://github.com/fastify/fast-uri"},{"name":"picomatch","old_version":"4.0.3","new_version":"4.0.4","repository_url":"https://github.com/micromatch/picomatch"},{"name":"ws","old_version":"8.18.3","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"fast-xml-parser","old_version":"4.5.3","new_version":"5.8.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"jws","old_version":"4.0.0","new_version":"4.0.1","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"jws","old_version":"3.2.2","new_version":"3.2.3","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"tmp","old_version":"0.2.5","new_version":"0.2.7","repository_url":"https://github.com/raszi/node-tmp"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 19 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.28.0` | `3.36.0` |\n| [glob](https://github.com/isaacs/node-glob) | `10.4.5` | `13.0.6` |\n| [glob](https://github.com/isaacs/node-glob) | `11.0.3` | `11.1.0` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `3.2.4` | `4.1.8` |\n| [tar](https://github.com/isaacs/node-tar) | `7.5.1` | `7.5.16` |\n| [uuid](https://github.com/uuidjs/uuid) | `11.1.0` | `14.0.0` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.15.1` | `1.29.0` |\n| [diff](https://github.com/kpdecker/jsdiff) | `7.0.0` | `9.0.0` |\n| [shell-quote](https://github.com/ljharb/shell-quote) | `1.8.3` | `1.8.4` |\n| [undici](https://github.com/nodejs/undici) | `7.15.0` | `7.27.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.17.1` | `8.18.0` |\n| [fast-uri](https://github.com/fastify/fast-uri) | `3.0.6` | `3.1.2` |\n| [picomatch](https://github.com/micromatch/picomatch) | `4.0.3` | `4.0.4` |\n| [ws](https://github.com/websockets/ws) | `8.18.3` | `8.20.1` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.3` | `5.8.0` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [jws](https://github.com/brianloveswords/node-jws) | `4.0.0` | `4.0.1` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [tmp](https://github.com/raszi/node-tmp) | `0.2.5` | `0.2.7` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/core directory: [diff](https://github.com/kpdecker/jsdiff).\n\nUpdates `simple-git` from 3.28.0 to 3.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/releases\"\u003esimple-git's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esimple-git@3.36.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e89a2294: Extend known exploitable configuration keys and per-task environment variables.\u003c/p\u003e\n\u003cp\u003eNote - \u003ccode\u003eParsedVulnerabilities\u003c/code\u003e from \u003ccode\u003eargv-parser\u003c/code\u003e is removed in favour of a readonly array of \u003ccode\u003eVulnerability\u003c/code\u003e to match usage in \u003ccode\u003esimple-git\u003c/code\u003e, rolled into the new \u003ccode\u003evulnerabilityCheck\u003c/code\u003e for simpler access to the identified issues.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/zebbern\"\u003e\u003ccode\u003e@​zebbern\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003ecore.fsmonitor\u003c/code\u003e.\nThanks to \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003eGIT_CONFIG_COUNT\u003c/code\u003e environment variables and \u003ccode\u003e--template\u003c/code\u003e / \u003ccode\u003emerge\u003c/code\u003e related config.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1ad57e8: Remove conflicting node:buffer import\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [89a2294]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [675570a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.35.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0cf9d8c: Improvements for mono-repo publishing pipeline\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0cf9d8c]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.35.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0de400e: Update monorepo version handling during publish\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0de400e]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.33.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea263635: Use \u003ccode\u003epathspec\u003c/code\u003e wrappers for remote and local paths when running either \u003ccode\u003egit.clone\u003c/code\u003e or \u003ccode\u003egit.mirror\u003c/code\u003e to\navoid leaving them less open for unexpected outcomes when passing unsanitised data into these tasks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ee253a0d: Enhanced \u003ccode\u003egit -c\u003c/code\u003e checks in \u003ccode\u003eunsafe\u003c/code\u003e plugin.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JohannesLks\"\u003e\u003ccode\u003e@​JohannesLks\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md\"\u003esimple-git's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.36.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e89a2294: Extend known exploitable configuration keys and per-task environment variables.\u003c/p\u003e\n\u003cp\u003eNote - \u003ccode\u003eParsedVulnerabilities\u003c/code\u003e from \u003ccode\u003eargv-parser\u003c/code\u003e is removed in favour of a readonly array of \u003ccode\u003eVulnerability\u003c/code\u003e to match usage in \u003ccode\u003esimple-git\u003c/code\u003e, rolled into the new \u003ccode\u003evulnerabilityCheck\u003c/code\u003e for simpler access to the identified issues.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/zebbern\"\u003e\u003ccode\u003e@​zebbern\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003ecore.fsmonitor\u003c/code\u003e.\nThanks to \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003eGIT_CONFIG_COUNT\u003c/code\u003e environment variables and \u003ccode\u003e--template\u003c/code\u003e / \u003ccode\u003emerge\u003c/code\u003e related config.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1ad57e8: Remove conflicting node:buffer import\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [89a2294]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [675570a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0cf9d8c: Improvements for mono-repo publishing pipeline\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0cf9d8c]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0de400e: Update monorepo version handling during publish\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0de400e]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e3d8708b: Updating publish config\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [3d8708b]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.34.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/7dc1a532a9ec92fb08c93202954be73175b07d83\"\u003e\u003ccode\u003e7dc1a53\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/76f5376bd418cb8baf5ec32757af442d47128e22\"\u003e\u003ccode\u003e76f5376\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1061\"\u003e#1061\u003c/a\u003e from Vinzent03/fix/buffer-import\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/89a2294febed5dfe737c4c735d936bb6018746a8\"\u003e\u003ccode\u003e89a2294\u003c/code\u003e\u003c/a\u003e Environment Parsing (\u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1156\"\u003e#1156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/1b91b762f047777ca6686f34ac3f7b8a543a4780\"\u003e\u003ccode\u003e1b91b76\u003c/code\u003e\u003c/a\u003e fix: remove explicit node:buffer import\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/e390685960a3461875dce89d87ab80e3143d79fe\"\u003e\u003ccode\u003ee390685\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/3c9e4b8309667d0cb4102cda770f92075fc781dd\"\u003e\u003ccode\u003e3c9e4b8\u003c/code\u003e\u003c/a\u003e Pin version of \u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/94ee21fd5a2a6182fbf0f218a5efca2057b567cd\"\u003e\u003ccode\u003e94ee21f\u003c/code\u003e\u003c/a\u003e Export \u003ccode\u003epathspec\u003c/code\u003e types through \u003ccode\u003esimple-git\u003c/code\u003e for backward compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/6d7cb5174273aa33d131172d3770cb386e795171\"\u003e\u003ccode\u003e6d7cb51\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/0de400e7b014a48113acf673b3409a95b9c87a15\"\u003e\u003ccode\u003e0de400e\u003c/code\u003e\u003c/a\u003e Switch to semver from workspace revisions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/2264722abcb637042dd4cc50d903d69e4ee14b38\"\u003e\u003ccode\u003e2264722\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/steveukx/git-js/commits/simple-git@3.36.0/simple-git\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for simple-git since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.4.5 to 13.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/e80cb38ae60d6cbff9e75f39032a994858994d35\"\u003e\u003ccode\u003ee80cb38\u003c/code\u003e\u003c/a\u003e 13.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/9cdbbfff75c64fb158c8842d4d0eb3e908676a41\"\u003e\u003ccode\u003e9cdbbff\u003c/code\u003e\u003c/a\u003e revert tsgo, not ready for test coverage correctness yet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/89c99ba8e276438b8e31ce878b63186e2cd375b4\"\u003e\u003ccode\u003e89c99ba\u003c/code\u003e\u003c/a\u003e use tsgo compiler\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/b7275d54f294174607f544acf07cc7ec526b7878\"\u003e\u003ccode\u003eb7275d5\u003c/code\u003e\u003c/a\u003e update deps, expand engines to include node 18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/942e360a669e0c378c0abd261e7d329ca2cee661\"\u003e\u003ccode\u003e942e360\u003c/code\u003e\u003c/a\u003e update workflows, pull taprc out of package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/4a0d53c7531f3f0df97f9e4d26c78489e7f6d7ef\"\u003e\u003ccode\u003e4a0d53c\u003c/code\u003e\u003c/a\u003e update tap for mockImport bugfix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/ef94ad2696c12129628208cf4e38575e7240c1c4\"\u003e\u003ccode\u003eef94ad2\u003c/code\u003e\u003c/a\u003e update tap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/180c2d43cb135f134c0c5446408dc107c79a5a9b\"\u003e\u003ccode\u003e180c2d4\u003c/code\u003e\u003c/a\u003e update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/37993c86faddcb780458b2d7ae3c2ead7a84bf31\"\u003e\u003ccode\u003e37993c8\u003c/code\u003e\u003c/a\u003e remove stray console.error in test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/03ae4c244cac6331817158b0bc12effd30deeb43\"\u003e\u003ccode\u003e03ae4c2\u003c/code\u003e\u003c/a\u003e 13.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.4.5...v13.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 11.0.3 to 11.1.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/e80cb38ae60d6cbff9e75f39032a994858994d35\"\u003e\u003ccode\u003ee80cb38\u003c/code\u003e\u003c/a\u003e 13.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/9cdbbfff75c64fb158c8842d4d0eb3e908676a41\"\u003e\u003ccode\u003e9cdbbff\u003c/code\u003e\u003c/a\u003e revert tsgo, not ready for test coverage correctness yet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/89c99ba8e276438b8e31ce878b63186e2cd375b4\"\u003e\u003ccode\u003e89c99ba\u003c/code\u003e\u003c/a\u003e use tsgo compiler\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/b7275d54f294174607f544acf07cc7ec526b7878\"\u003e\u003ccode\u003eb7275d5\u003c/code\u003e\u003c/a\u003e update deps, expand engines to include node 18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/942e360a669e0c378c0abd261e7d329ca2cee661\"\u003e\u003ccode\u003e942e360\u003c/code\u003e\u003c/a\u003e update workflows, pull taprc out of package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/4a0d53c7531f3f0df97f9e4d26c78489e7f6d7ef\"\u003e\u003ccode\u003e4a0d53c\u003c/code\u003e\u003c/a\u003e update tap for mockImport bugfix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/ef94ad2696c12129628208cf4e38575e7240c1c4\"\u003e\u003ccode\u003eef94ad2\u003c/code\u003e\u003c/a\u003e update tap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/180c2d43cb135f134c0c5446408dc107c79a5a9b\"\u003e\u003ccode\u003e180c2d4\u003c/code\u003e\u003c/a\u003e update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/37993c86faddcb780458b2d7ae3c2ead7a84bf31\"\u003e\u003ccode\u003e37993c8\u003c/code\u003e\u003c/a\u003e remove stray console.error in test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/03ae4c244cac6331817158b0bc12effd30deeb43\"\u003e\u003ccode\u003e03ae4c2\u003c/code\u003e\u003c/a\u003e 13.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.4.5...v13.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 3.2.4 to 4.1.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.8\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eDisable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v4]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10450\"\u003evitest-dev/vitest#10450\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b1\"\u003e\u003c!-- raw HTML omitted --\u003e(e4067)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove orphaned Playwright route when same module is mocked via multiple ids [backport to v4]  -  by \u003ca href=\"https://github.com/toxik\"\u003e\u003ccode\u003e@​toxik\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Zelys-DFKH\"\u003e\u003ccode\u003e@​Zelys-DFKH\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10474\"\u003evitest-dev/vitest#10474\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/675b4343f\"\u003e\u003c!-- raw HTML omitted --\u003e(675b4)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.7...v4.1.8\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner\u003c/strong\u003e: Limit concurrency per task branch in addition to per leaf callbacks (backport)  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10384\"\u003evitest-dev/vitest#10384\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/4f0f2a1ee\"\u003e\u003c!-- raw HTML omitted --\u003e(4f0f2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.6...v4.1.7\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Provide project reference in \u003ccode\u003eToMatchScreenshotResolvePath\u003c/code\u003e  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10138\"\u003evitest-dev/vitest#10138\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/31882607c\"\u003e\u003c!-- raw HTML omitted --\u003e(31882)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGlobal \u003ccode\u003esequence.concurrent: true\u003c/code\u003e with top-level \u003ccode\u003etest(..., { concurrent: false })\u003c/code\u003e + depreacte \u003ccode\u003esequential\u003c/code\u003e test API and options  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003eCodex\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10196\"\u003evitest-dev/vitest#10196\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/2847dfa2a\"\u003e\u003c!-- raw HTML omitted --\u003e(2847d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Simplify orchestrator otel carrier  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10285\"\u003evitest-dev/vitest#10285\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/18af98cee\"\u003e\u003c!-- raw HTML omitted --\u003e(18af9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🏎 Performance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStringify diff objects only once  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10276\"\u003evitest-dev/vitest#10276\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9f7b1528c\"\u003e\u003c!-- raw HTML omitted --\u003e(9f7b1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.5...v4.1.6\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Experimental Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Istanbul to support \u003ccode\u003einstrumenter\u003c/code\u003e option  -  by \u003ca href=\"https://github.com/BartWaardenburg\"\u003e\u003ccode\u003e@​BartWaardenburg\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10119\"\u003evitest-dev/vitest#10119\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/0e0ff41c7\"\u003e\u003c!-- raw HTML omitted --\u003e(0e0ff)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e--project negation excludes browser instances  -  by \u003ca href=\"https://github.com/felamaslen\"\u003e\u003ccode\u003e@​felamaslen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10131\"\u003evitest-dev/vitest#10131\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9423dc084\"\u003e\u003c!-- raw HTML omitted --\u003e(9423d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProject color label on html reporter  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10142\"\u003evitest-dev/vitest#10142\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/596f73986\"\u003e\u003c!-- raw HTML omitted --\u003e(596f7)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003evi.defineHelper\u003c/code\u003e called as object method  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10163\"\u003evitest-dev/vitest#10163\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/122c25b5b\"\u003e\u003c!-- raw HTML omitted --\u003e(122c2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlias \u003ccode\u003eagent\u003c/code\u003e reporter to \u003ccode\u003eminimal\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10157\"\u003evitest-dev/vitest#10157\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/663b99fe3\"\u003e\u003c!-- raw HTML omitted --\u003e(663b9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions  -  by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003esheremet-va\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedad\"\u003e\u003c!-- raw HTML omitted --\u003e(9787d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions \u0026quot;  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd\"\u003e\u003c!-- raw HTML omitted --\u003e(7dc6d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-collect\u003c/strong\u003e: Recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery  -  by \u003ca href=\"https://github.com/Yejneshwar\"\u003e\u003ccode\u003e@​Yejneshwar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10129\"\u003evitest-dev/vitest#10129\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab2\"\u003e\u003c!-- raw HTML omitted --\u003e(32546)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Descriptive error message when reports directory is removed during test run  -  by \u003ca href=\"https://github.com/DaveT1991\"\u003e\u003ccode\u003e@​DaveT1991\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10117\"\u003evitest-dev/vitest#10117\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1413382e1\"\u003e\u003c!-- raw HTML omitted --\u003e(14133)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esnapshot\u003c/strong\u003e: Increase default snapshot max output length  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10150\"\u003evitest-dev/vitest#10150\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/21e66ff63\"\u003e\u003c!-- raw HTML omitted --\u003e(21e66)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eui\u003c/strong\u003e: Fix jsx/tsx syntax highlight  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10152\"\u003evitest-dev/vitest#10152\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/f1b1f6c7b\"\u003e\u003c!-- raw HTML omitted --\u003e(f1b1f)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eweb-worker\u003c/strong\u003e: Support MessagePort objects referenced inside postMessage data  -  by \u003ca href=\"https://github.com/whitphx\"\u003e\u003ccode\u003e@​whitphx\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eClaude Opus 4.6 (1M context)\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9927\"\u003evitest-dev/vitest#9927\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10124\"\u003evitest-dev/vitest#10124\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7ad7d39af\"\u003e\u003c!-- raw HTML omitted --\u003e(7ad7d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Make test-specification options writable  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10154\"\u003evitest-dev/vitest#10154\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/6abd557b7\"\u003e\u003c!-- raw HTML omitted --\u003e(6abd5)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.4...v4.1.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e61f2dd2a0ba0a266c1c5e0334aad3799fee527f\"\u003e\u003ccode\u003ee61f2dd\u003c/code\u003e\u003c/a\u003e chore: release v4.1.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b150005fd42cf75f994300119245806b9\"\u003e\u003ccode\u003ee4067b3\u003c/code\u003e\u003c/a\u003e fix(browser): disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a09d47236e19fd3151351080c667036ca6164dc4\"\u003e\u003ccode\u003ea09d472\u003c/code\u003e\u003c/a\u003e chore: release v4.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a8fd24c1cad2320b19fcc651413c7d928423bdc1\"\u003e\u003ccode\u003ea8fd24c\u003c/code\u003e\u003c/a\u003e chore: release v4.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/18af98cee1830604d57f6a02bf28f8067cdffc06\"\u003e\u003ccode\u003e18af98c\u003c/code\u003e\u003c/a\u003e fix(browser): simplify orchestrator otel carrier (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10285\"\u003e#10285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/31882607cc67c7bf52ead13a606321ffdb06a857\"\u003e\u003ccode\u003e3188260\u003c/code\u003e\u003c/a\u003e feat(browser): provide project reference in \u003ccode\u003eToMatchScreenshotResolvePath\u003c/code\u003e (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e399846850fedf10b8228cbe46a419628998acd9\"\u003e\u003ccode\u003ee399846\u003c/code\u003e\u003c/a\u003e chore: release v4.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd9dda0fe6fee2fb6451d0611a9ecb6e7\"\u003e\u003ccode\u003e7dc6d54\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;fix: respect diff config options in soft assertions (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696\"\u003e#8696\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedade9896a6d3eeed7739177d6c583a68a7\"\u003e\u003ccode\u003e9787ded\u003c/code\u003e\u003c/a\u003e fix: respect diff config options in soft assertions (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696\"\u003e#8696\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab292c45c3ef27aa21ec7da380c307052c\"\u003e\u003ccode\u003e325463a\u003c/code\u003e\u003c/a\u003e fix(ast-collect): recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for vitest since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.5.1 to 7.5.16\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/cf213384ac558b539c07c830ed7cca5ffc9e8550\"\u003e\u003ccode\u003ecf21338\u003c/code\u003e\u003c/a\u003e 7.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/21a822027658c8063542be330530bbecdf0dbbfe\"\u003e\u003ccode\u003e21a8220\u003c/code\u003e\u003c/a\u003e do not apply PAX header fields to meta entries\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/52632cf38fdbdbbc7ab86184d68a85b11fdb0970\"\u003e\u003ccode\u003e52632cf\u003c/code\u003e\u003c/a\u003e update project deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/302f51ff3f8eefeccc06be4caf7d0de9b7c321d7\"\u003e\u003ccode\u003e302f51f\u003c/code\u003e\u003c/a\u003e fix inconsequential typo in PENDINGLINKS symbol name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/55dbb99b27640bb12b2ac059b26883c23523b3e3\"\u003e\u003ccode\u003e55dbb99\u003c/code\u003e\u003c/a\u003e remove some uses of mutate-fs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/87cc309f13c21d598b0b833235d387a252455058\"\u003e\u003ccode\u003e87cc309\u003c/code\u003e\u003c/a\u003e 7.5.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7aef486f0d21c10fd7790b16b1b28f04648cf334\"\u003e\u003ccode\u003e7aef486\u003c/code\u003e\u003c/a\u003e fix: regression in pending links detection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6244eb33846bbd407443f5d0e339bd8c91663cd6\"\u003e\u003ccode\u003e6244eb3\u003c/code\u003e\u003c/a\u003e 7.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/9704d8c6f639573775133cbbd541aba83cb46c9c\"\u003e\u003ccode\u003e9704d8c\u003c/code\u003e\u003c/a\u003e stricter protection against hardlinks preempting their targets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/700734f9aeb113bcc5f1400d81b8be7d499e54a2\"\u003e\u003ccode\u003e700734f\u003c/code\u003e\u003c/a\u003e update workflows and deps\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.1...v7.5.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 11.1.0 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.15.1 to 1.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e@​modelcontextprotocol/sdk's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.29.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: treat v1.x as primary branch for npm latest tag (backport \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1577\"\u003e#1577\u003c/a\u003e) by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1749\"\u003emodelcontextprotocol/typescript-sdk#1749\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] fix: disallow null (infinite) requested TTL by \u003ca href=\"https://github.com/LucaButBoring\"\u003e\u003ccode\u003e@​LucaButBoring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1339\"\u003emodelcontextprotocol/typescript-sdk#1339\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] fix: add missing size field to ResourceSchema by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1575\"\u003emodelcontextprotocol/typescript-sdk#1575\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd typings exports by \u003ca href=\"https://github.com/tdraier\"\u003e\u003ccode\u003e@​tdraier\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1623\"\u003emodelcontextprotocol/typescript-sdk#1623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev1.x npm audit fix by \u003ca href=\"https://github.com/KKonstantinov\"\u003e\u003ccode\u003e@​KKonstantinov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1780\"\u003emodelcontextprotocol/typescript-sdk#1780\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev1.x \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1623\"\u003e#1623\u003c/a\u003e follow up -add missing types to package.json by \u003ca href=\"https://github.com/KKonstantinov\"\u003e\u003ccode\u003e@​KKonstantinov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1773\"\u003emodelcontextprotocol/typescript-sdk#1773\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x backport] Allow servers / clients to advertise extensions in the capability object by \u003ca href=\"https://github.com/localden\"\u003e\u003ccode\u003e@​localden\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1811\"\u003emodelcontextprotocol/typescript-sdk#1811\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(stdio): always set windowsHide on Windows, not just in Electron by \u003ca href=\"https://github.com/jnMetaCode\"\u003e\u003ccode\u003e@​jnMetaCode\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1640\"\u003emodelcontextprotocol/typescript-sdk#1640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.29.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1820\"\u003emodelcontextprotocol/typescript-sdk#1820\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tdraier\"\u003e\u003ccode\u003e@​tdraier\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1623\"\u003emodelcontextprotocol/typescript-sdk#1623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnMetaCode\"\u003e\u003ccode\u003e@​jnMetaCode\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1640\"\u003emodelcontextprotocol/typescript-sdk#1640\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.28.0...v1.29.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.28.0...v1.29.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.28.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: use scopes_supported from resource metadata by default (fixes \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/580\"\u003e#580\u003c/a\u003e) by \u003ca href=\"https://github.com/antogyn\"\u003e\u003ccode\u003e@​antogyn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/757\"\u003emodelcontextprotocol/typescript-sdk#757\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x backport] Default to client_secret_basic when server omits token_endpoint_auth_methods_supported by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1611\"\u003emodelcontextprotocol/typescript-sdk#1611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: reject plain JSON Schema objects passed as inputSchema by \u003ca href=\"https://github.com/tiluckdave\"\u003e\u003ccode\u003e@​tiluckdave\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1596\"\u003emodelcontextprotocol/typescript-sdk#1596\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: clear _timeoutInfo in _onclose() and scope .finally() abort controller cleanup by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1462\"\u003emodelcontextprotocol/typescript-sdk#1462\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(server/auth): RFC 8252 loopback port relaxation by \u003ca href=\"https://github.com/poteat\"\u003e\u003ccode\u003e@​poteat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1738\"\u003emodelcontextprotocol/typescript-sdk#1738\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.28.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1746\"\u003emodelcontextprotocol/typescript-sdk#1746\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/antogyn\"\u003e\u003ccode\u003e@​antogyn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/757\"\u003emodelcontextprotocol/typescript-sdk#757\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tiluckdave\"\u003e\u003ccode\u003e@​tiluckdave\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1596\"\u003emodelcontextprotocol/typescript-sdk#1596\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/poteat\"\u003e\u003ccode\u003e@​poteat\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1738\"\u003emodelcontextprotocol/typescript-sdk#1738\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.1...v1.28.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.1...v1.28.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: implement auth/pre-registration conformance scenario by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1545\"\u003emodelcontextprotocol/typescript-sdk#1545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add governance documentation for SEP-1730 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1547\"\u003emodelcontextprotocol/typescript-sdk#1547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: comprehensive feature documentation for SEP-1730 Tier 1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1548\"\u003emodelcontextprotocol/typescript-sdk#1548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent command injection in example URL opening (v1.x backport) by \u003ca href=\"https://github.com/maxisbey\"\u003e\u003ccode\u003e@​maxisbey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1579\"\u003emodelcontextprotocol/typescript-sdk#1579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: call onerror for silently swallowed transport errors by \u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.27.1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1581\"\u003emodelcontextprotocol/typescript-sdk#1581\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/e12cbd7078db388152f6e839abdbe09ba01f3f32\"\u003e\u003ccode\u003ee12cbd7\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.29.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1820\"\u003e#1820\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/3913fd4443a86536155e3ebef9edd2045c372c1e\"\u003e\u003ccode\u003e3913fd4\u003c/code\u003e\u003c/a\u003e fix(stdio): always set windowsHide on Windows, not just in Electron (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1640\"\u003e#1640\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/5608e78dd0d4ca6cd7dd03278419578f1780365a\"\u003e\u003ccode\u003e5608e78\u003c/code\u003e\u003c/a\u003e [v1.x backport] Allow servers / clients to advertise extensions in the capabi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/7213816788e634ffb9d09affe50f0295093bfb73\"\u003e\u003ccode\u003e7213816\u003c/code\u003e\u003c/a\u003e v1.x \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1623\"\u003e#1623\u003c/a\u003e follow up -add missing types to package.json (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1773\"\u003e#1773\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/364f38ca2d8895aed7c37b7a0a1031bb7ae4841c\"\u003e\u003ccode\u003e364f38c\u003c/code\u003e\u003c/a\u003e v1.x npm audit fix (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1780\"\u003e#1780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/c95cc0943b045517e4cc414baf1f168b216c3142\"\u003e\u003ccode\u003ec95cc09\u003c/code\u003e\u003c/a\u003e Add typings exports (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1623\"\u003e#1623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/ddadaa6cc633fb5db0c094bf031b15b68a357820\"\u003e\u003ccode\u003eddadaa6\u003c/code\u003e\u003c/a\u003e [v1.x] fix: add missing size field to ResourceSchema (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1575\"\u003e#1575\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/2a158513028d9f862c4188b6957e78cd5663f26b\"\u003e\u003ccode\u003e2a15851\u003c/code\u003e\u003c/a\u003e [v1.x] fix: disallow null (infinite) requested TTL (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1339\"\u003e#1339\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/13e30f1d36de8442417fec695983bdb155c00768\"\u003e\u003ccode\u003e13e30f1\u003c/code\u003e\u003c/a\u003e fix: treat v1.x as primary branch for npm latest tag (backport \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1577\"\u003e#1577\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1749\"\u003e#1749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/a0565695218544fc53e99bf5b544a887d373cefa\"\u003e\u003ccode\u003ea056569\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.28.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1746\"\u003e#1746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.15.1...v1.29.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~pcarleton\"\u003epcarleton\u003c/a\u003e, a new releaser for \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 7.0.0 to 9.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e9.0.0\u003c/h2\u003e\n\u003cp\u003e(All changes part of PR \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/672\"\u003e#672\u003c/a\u003e.)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eES5 support is dropped\u003c/strong\u003e. \u003ccode\u003eparsePatch\u003c/code\u003e now uses \u003ccode\u003eTextDecoder\u003c/code\u003e and \u003ccode\u003eUint8Array\u003c/code\u003e, which are not available in ES5, and TypeScript is now compiled with the \u0026quot;es6\u0026quot; \u003ccode\u003etarget\u003c/code\u003e. From now on, I intend to freely use any features that are deemed \u0026quot;Widely available\u0026quot; by \u003ca href=\"https://web.dev/baseline\"\u003eBaseline\u003c/a\u003e. Users who need ES5 support should stick to version 8.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eC-style quoted strings in filename headers are now properly supported\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eWhen the name of either the old or new file in a patch contains \u0026quot;special characters\u0026quot;, both GNU \u003ccode\u003ediff\u003c/code\u003e and Git quote the filename in the patch's headers and escape special characters using the same escape sequences that are used in string literals in C, including octal escapes for all non-ASCII characters. Previously, jsdiff had very little support for this; \u003ccode\u003eparsePatch\u003c/code\u003e would remove the quotes, and unescape any escaped backslashes, but would not unescape other escape sequences. \u003ccode\u003eformatPatch\u003c/code\u003e, meanwhile, did not quote or escape special characters at all.\u003c/p\u003e\n\u003cp\u003eNow, \u003ccode\u003eparsePatch\u003c/code\u003e parses all the possible escape sequences that GNU diff (or Git) ever output, and \u003ccode\u003eformatPatch\u003c/code\u003e quotes and escapes filenames containing special characters in the same way GNU diff does.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e now omits file headers when \u003ccode\u003eoldFileName\u003c/code\u003e or \u003ccode\u003enewFileName\u003c/code\u003e in the provided patch object are \u003ccode\u003eundefined\u003c/code\u003e\u003c/strong\u003e, regardless of the \u003ccode\u003eheaderOptions\u003c/code\u003e parameter. (Previously, it would treat the absence of \u003ccode\u003eoldFileName\u003c/code\u003e or \u003ccode\u003enewFileName\u003c/code\u003e as indicating the filename was the word \u0026quot;undefined\u0026quot; and emit headers \u003ccode\u003e--- undefined\u003c/code\u003e / \u003ccode\u003e+++ undefined\u003c/code\u003e.)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e no longer outputs trailing tab characters at the end of \u003ccode\u003e---\u003c/code\u003e/\u003ccode\u003e+++\u003c/code\u003e headers.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003ePreviously, if \u003ccode\u003eformatPatch\u003c/code\u003e was passed a patch object to serialize that had empty strings for the \u003ccode\u003eoldHeader\u003c/code\u003e or \u003ccode\u003enewHeader\u003c/code\u003e property, it would include a trailing tab character after the filename in the \u003ccode\u003e---\u003c/code\u003e and/or \u003ccode\u003e+++\u003c/code\u003e file header. Now, this scenario is treated the same as when \u003ccode\u003eoldHeader\u003c/code\u003e/\u003ccode\u003enewHeader\u003c/code\u003e is \u003ccode\u003eundefined\u003c/code\u003e - i.e. the trailing tab is omitted.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e no longer mutates its input\u003c/strong\u003e when serializing a patch containing a hunk where either the old or new content contained zero lines. (Such a hunk occurs only when the hunk has no context lines and represents a pure insertion or pure deletion, which for instance will occur whenever one of the two files being diffed is completely empty.) Previously \u003ccode\u003eformatPatch\u003c/code\u003e would provide the correct output but also mutate the \u003ccode\u003eoldLines\u003c/code\u003e or \u003ccode\u003enewLines\u003c/code\u003e property on the hunk, changing the meaning of the underlying patch.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eGit-style patches are now supported by \u003ccode\u003eparsePatch\u003c/code\u003e, \u003ccode\u003eformatPatch\u003c/code\u003e, and \u003ccode\u003ereversePatch\u003c/code\u003e\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003ePatches output by \u003ccode\u003egit diff\u003c/code\u003e can include some features that are unlike those output by GNU \u003ccode\u003ediff\u003c/code\u003e, and therefore not handled by an ordinary unified diff format parser. An ordinary diff simply describes the differences between the \u003cem\u003econtent\u003c/em\u003e of two files, but Git diffs can also indicate, via \u0026quot;extended headers\u0026quot;, the creation or deletion of (potentially empty) files, indicate that a file was renamed, and contain information about file mode changes. Furthermore, when these changes appear in a diff in the absence of a content change (e.g. when an empty file is created, or a file is renamed without content changes), the patch will contain no associated \u003ccode\u003e---\u003c/code\u003e/\u003ccode\u003e+++\u003c/code\u003e file headers nor any hunks.\u003c/p\u003e\n\u003cp\u003ejsdiff previously did not support parsing Git's extended headers, nor hunkless patches. Now \u003ccode\u003eparsePatch\u003c/code\u003e parses some of the extended headers, parses hunkless Git patches, and can determine filenames (e.g. from the extended headers) when parsing a patch that includes no \u003ccode\u003e---\u003c/code\u003e or \u003ccode\u003e+++\u003c/code\u003e file headers. The additional information conveyed by the extended headers we support is recorded on new fields on the result object returned by \u003ccode\u003eparsePatch\u003c/code\u003e. See \u003ccode\u003eisGit\u003c/code\u003e and subsequent properties in the docs in the README.md file.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003eformatPatch\u003c/code\u003e now outputs extended headers based on these new Git-specific properties, and \u003ccode\u003ereversePatch\u003c/code\u003e respects them as far as possible (with one unavoidable caveat noted in the README.md file).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eUnpaired file headers now cause \u003ccode\u003eparsePatch\u003c/code\u003e to throw\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eIt remains acceptable to have a patch with no file headers whatsoever (e.g. one that begins with a \u003ccode\u003e@@\u003c/code\u003e hunk header on the very first line), but a patch with \u003cem\u003eonly\u003c/em\u003e a \u003ccode\u003e---\u003c/code\u003e header or only a \u003ccode\u003e+++\u003c/code\u003e header is now considered an error.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eparsePatch\u003c/code\u003e is now more tolerant of \u0026quot;trailing garbage\u0026quot;\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThat is: after a patch, or between files/indexes in a patch, it is now acceptable to have arbitrary lines of \u0026quot;garbage\u0026quot; (so long as they unambiguously have no syntactic meaning - e.g. trailing garbage that leads with a \u003ccode\u003e+\u003c/code\u003e, \u003ccode\u003e-\u003c/code\u003e, or \u003ccode\u003e \u003c/code\u003e and thus is interpretable as part of a hunk still triggers a throw).\u003c/p\u003e\n\u003cp\u003eThis means we no longer reject patches output by tools that include extra data in \u0026quot;garbage\u0026quot; lines not understood by generic unified diff parsers. (For example, SVN patches can include \u0026quot;Property changes on:\u0026quot; lines that generic unified diff parsers should discard as garbage; jsdiff previously threw errors when encountering them.)\u003c/p\u003e\n\u003cp\u003eThis change brings jsdiff's behaviour more in line with GNU \u003ccode\u003epatch\u003c/code\u003e, which is highly permissive of \u0026quot;garbage\u0026quot;.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThe \u003ccode\u003eoldFileName\u003c/code\u003e and \u003ccode\u003enewFileName\u003c/code\u003e fields of \u003ccode\u003eStructuredPatch\u003c/code\u003e are now typed as \u003ccode\u003estring | undefined\u003c/code\u003e instead of \u003ccode\u003estring\u003c/code\u003e\u003c/strong\u003e. This type change reflects the (pre-existing) reality that \u003ccode\u003eparsePatch\u003c/code\u003e can produce patches without filenames (e.g. when parsing a patch that simply contains hunks with no file headers).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/667\"\u003e#667\u003c/a\u003e - \u003cstrong\u003efix another bug in \u003ccode\u003ediffWords\u003c/code\u003e when used with an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e\u003c/strong\u003e. If the text to be diffed included a combining mark after a whitespace character (i.e. roughly speaking, an accented space), \u003ccode\u003ediffWords\u003c/code\u003e would previously crash. Now this case is handled correctly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/631\"\u003e#631\u003c/a\u003e - \u003cstrong\u003efix support for using an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e with \u003ccode\u003ediffWords\u003c/code\u003e\u003c/strong\u003e. This has been almost completely broken since the feature was added in v6.0.0, since it would outright crash on any text that featured two consecutive newlines between a pair of words (a very common case).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/635\"\u003e#635\u003c/a\u003e - \u003cstrong\u003esmall tweaks to tokenization behaviour of \u003ccode\u003ediffWords\u003c/code\u003e\u003c/strong\u003e when used \u003cem\u003ewithout\u003c/em\u003e an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e. Specifically, the soft hyphen (U+00AD) is no longer considered to be a word break, and the multiplication and division signs (\u003ccode\u003e×\u003c/code\u003e and \u003ccode\u003e÷\u003c/code\u003e) are now treated as punctuation instead of as letters / word characters.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/ed13aca03aa25735fafc0645d1185e7a1c68fd8c\"\u003e\u003ccode\u003eed13aca\u003c/code\u003e\u003c/a\u003e Update version in package.json and in release notes (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/683\"\u003e#683\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/7a49317b503a932b88fc72ad9c57a481df038e24\"\u003e\u003ccode\u003e7a49317\u003c/code\u003e\u003c/a\u003e Bump dependencies again (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/682\"\u003e#682\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/afe5aecad189c9f5941ad3feb3c94c46b32ecb0a\"\u003e\u003ccode\u003eafe5aec\u003c/code\u003e\u003c/a\u003e Add Git support, and otherwise variously improve \u0026amp; fix parsePatch (and other ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/2e46779d8866ce7da1303a03db33ed038590c6f6\"\u003e\u003ccode\u003e2e46779\u003c/code\u003e\u003c/a\u003e Fix a typo (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/679\"\u003e#679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/dd2f99497703a1540b2ae406b51c49b74b5fc1a1\"\u003e\u003ccode\u003edd2f994\u003c/code\u003e\u003c/a\u003e 8.0.4 release (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/3cc438434db53c5d1c40412b727ea7650f6f145a\"\u003e\u003ccode\u003e3cc4384\u003c/code\u003e\u003c/a\u003e Update docs on releasing to reflect migration to yarn berry (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/6fc2aa6b7672af08774b50aae00d97b99c5b5715\"\u003e\u003ccode\u003e6fc2aa6\u003c/code\u003e\u003c/a\u003e yarn up '*' \u0026amp;\u0026amp; yarn up -R '**' (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/676\"\u003e#676\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/af7393ac3404565dc8da655c2e7aeeed28c01ff7\"\u003e\u003ccode\u003eaf7393a\u003c/code\u003e\u003c/a\u003e yarn up '*' \u0026amp;\u0026amp; yarn up -R '**' (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4b5d1800370bf29b61a3378fb8086aeb231d3ef7\"\u003e\u003ccode\u003e4b5d180\u003c/code\u003e\u003c/a\u003e Fix another bug in diffWords's \u0026quot;intlSegmenter\u0026quot; mode (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/667\"\u003e#667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/10da50c466709e7bd4b192dac96af0af46f8b7bd\"\u003e\u003ccode\u003e10da50c\u003c/code\u003e\u003c/a\u003e yarn up '*' \u0026amp;\u0026amp; yarn up -R '**' (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/666\"\u003e#666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/7.0.0...v9.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `shell-quote` from 1.8.3 to 1.8.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md\"\u003eshell-quote's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/ljharb/shell-quote/compare/v1.8.3...v1.8.4\"\u003ev1.8.4\u003c/a\u003e - 2026-05-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003equote\u003c/code\u003e: validate object-token shapes \u003ca href=\"https://github.com/ljharb/shell-quote/commit/4378a6e613db5948168684864e49b42b83134d2d\"\u003e\u003ccode\u003e4378a6e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/ljharb/shell-quote/commit/22ebec04349065a45ad8afc8cc8d53c4624634a6\"\u003e\u003ccode\u003e22ebec0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage \u003ca href=\"https://github.com/ljharb/shell-quote/commit/9f3caa31900cc6ee64858b31134144c648ce206d\"\u003e\u003ccode\u003e9f3caa3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge \u003ca href=\"https://github.com/ljharb/shell-quote/commit/3344a047dd1e95f71c4ca27522cbfd05c56277e0\"\u003e\u003ccode\u003e3344a04\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/ljharb/shell-quote/commit/699c5113d135f4d4591574bebf173334ffa453d4\"\u003e\u003ccode\u003e699c511\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/shell-quote/commit/ff166e2b63eb5f932bd131a8886a99e9afdf45ae\"\u003e\u003ccode\u003eff166e2\u003c/code\u003e\u003c/a\u003e v1.8.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github....\n\n_Description has been truncated_","html_url":"https://github.com/HarleyCoops/gemini-cli/pull/13","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HarleyCoops%2Fgemini-cli/issues/13","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/13/packages"},{"uuid":"4632678706","node_id":"PR_kwDOQIL6Ks7k7Ec0","number":1,"state":"closed","title":"build(deps): bump the npm_and_yarn group across 1 directory with 16 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-11T01:25:38.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-10T15:34:51.000Z","updated_at":"2026-06-11T01:25:40.000Z","time_to_close":35447,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"npm_and_yarn","update_count":16,"packages":[{"name":"@babel/runtime","old_version":"7.17.8","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"base-x","old_version":"3.0.9","new_version":"3.0.11","repository_url":"https://github.com/cryptocoinjs/base-x"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.15","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"cross-spawn","old_version":"7.0.3","new_version":"7.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"follow-redirects","old_version":"1.14.9","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.6","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"protocol-buffers-schema","old_version":"3.6.0","new_version":"3.6.1","repository_url":"https://github.com/mafintosh/protocol-buffers-schema"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar-fs","old_version":"1.16.3","new_version":"1.16.6","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tmp","old_version":"0.2.1","new_version":"0.2.7","repository_url":"https://github.com/raszi/node-tmp"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 16 updates in the /subgraphs/yeti-finance directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.17.8` | `7.29.7` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [base-x](https://github.com/cryptocoinjs/base-x) | `3.0.9` | `3.0.11` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.15` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.9` | `1.16.0` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.6` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [protocol-buffers-schema](https://github.com/mafintosh/protocol-buffers-schema) | `3.6.0` | `3.6.1` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `1.16.3` | `1.16.6` |\n| [tmp](https://github.com/raszi/node-tmp) | `0.2.1` | `0.2.7` |\n\n\nUpdates `@babel/runtime` from 7.17.8 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/runtime's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6\"\u003e\u003ccode\u003ecac0ff4\u003c/code\u003e\u003c/a\u003e v7.28.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/f68ac511f091f6d1f698e8ce59cd668d3bfc6102\"\u003e\u003ccode\u003ef68ac51\u003c/code\u003e\u003c/a\u003e chore: Avoid CITGM errors (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17382\"\u003e#17382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/baa4cb8b9f8a551d7dae9042b19ea2f74df6b110\"\u003e\u003ccode\u003ebaa4cb8\u003c/code\u003e\u003c/a\u003e v7.27.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/7d069309fdfcedda2928a043f6f7c98135c1242a\"\u003e\u003ccode\u003e7d06930\u003c/code\u003e\u003c/a\u003e v7.27.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/5b9468d9bf1ab4f427241673e9f03593da115a69\"\u003e\u003ccode\u003e5b9468d\u003c/code\u003e\u003c/a\u003e Reduce \u003ccode\u003eregenerator\u003c/code\u003e size more (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17287\"\u003e#17287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-runtime\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/runtime\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `base-x` from 3.0.9 to 3.0.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/043a888a9bae09bc4b40500e37792e2c6398e9f2\"\u003e\u003ccode\u003e043a888\u003c/code\u003e\u003c/a\u003e 3.0.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/2705dddd2565b455641985974b534291d8defb31\"\u003e\u003ccode\u003e2705ddd\u003c/code\u003e\u003c/a\u003e [backport 3.x] Prohibit char codes that would overflow the \u003ccode\u003eBASE_MAP\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/3d43c0e16bfbc045a0a8bb6423e6e336df81b512\"\u003e\u003ccode\u003e3d43c0e\u003c/code\u003e\u003c/a\u003e 3.0.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/0a3544695fa6800649a8b78ed46cece61bcdbbe5\"\u003e\u003ccode\u003e0a35446\u003c/code\u003e\u003c/a\u003e Improve decoding performance\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cryptocoinjs/base-x/compare/v3.0.9...v3.0.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `braces` from 3.0.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/74b2db2938fad48a2ea54a9c8bf27a37a62c350d\"\u003e\u003ccode\u003e74b2db2\u003c/code\u003e\u003c/a\u003e 3.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/88f1429a0f47e1dd3813de35211fc97ffda27f9e\"\u003e\u003ccode\u003e88f1429\u003c/code\u003e\u003c/a\u003e update eslint. lint, fix unit tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff\"\u003e\u003ccode\u003e415d660\u003c/code\u003e\u003c/a\u003e Snyk js braces 6838727 (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/190510f79db1adf21d92798b0bb6fccc1f72c9d6\"\u003e\u003ccode\u003e190510f\u003c/code\u003e\u003c/a\u003e fix tests, skip 1 test in test/braces.expand\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/716eb9f12d820b145a831ad678618731927e8856\"\u003e\u003ccode\u003e716eb9f\u003c/code\u003e\u003c/a\u003e readme bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/a5851e57f45c3431a94d83fc565754bc10f5bbc3\"\u003e\u003ccode\u003ea5851e5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/braces/issues/37\"\u003e#37\u003c/a\u003e from coderaiser/fix/vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/2092bd1fb108d2c59bd62e243b70ad98db961538\"\u003e\u003ccode\u003e2092bd1\u003c/code\u003e\u003c/a\u003e feature: braces: add maxSymbols (\u003ca href=\"https://github.com/micromatch/braces/issues/\"\u003ehttps://github.com/micromatch/braces/issues/\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/9f5b4cf47329351bcb64287223ffb6ecc9a5e6d3\"\u003e\u003ccode\u003e9f5b4cf\u003c/code\u003e\u003c/a\u003e fix: vulnerability (\u003ca href=\"https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\"\u003ehttps://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/98414f9f1fabe021736e26836d8306d5de747e0d\"\u003e\u003ccode\u003e98414f9\u003c/code\u003e\u003c/a\u003e remove funding file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/665ab5d561c017a38ba7aafd92cc6655b91d8c14\"\u003e\u003ccode\u003e665ab5d\u003c/code\u003e\u003c/a\u003e update keepEscaping doc (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/27\"\u003e#27\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/braces/compare/3.0.2...3.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 7.0.3 to 7.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.5...v7.0.6\"\u003e7.0.6\u003c/a\u003e (2024-11-18)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate cross-spawn version to 7.0.5 in package-lock.json (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003ef700743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.4...v7.0.5\"\u003e7.0.5\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix escaping bug introduced by backtracking (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e640d391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.4\"\u003e7.0.4\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e5ff3a07\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/77cd97f3ca7b62c904a63a698fc4a79bf41977d0\"\u003e\u003ccode\u003e77cd97f\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/6717de49ff1e5de49622488dcb9c33fb25370c85\"\u003e\u003ccode\u003e6717de4\u003c/code\u003e\u003c/a\u003e chore: upgrade standard-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003e\u003ccode\u003ef700743\u003c/code\u003e\u003c/a\u003e fix: update cross-spawn version to 7.0.5 in package-lock.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9a7e3b2165917367f74b8365faad9873b30d7263\"\u003e\u003ccode\u003e9a7e3b2\u003c/code\u003e\u003c/a\u003e chore: fix build status badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/085268352dcbcad8064c64c5efb25268b4023184\"\u003e\u003ccode\u003e0852683\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e\u003ccode\u003e640d391\u003c/code\u003e\u003c/a\u003e fix: fix escaping bug introduced by backtracking\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/bff0c87c8b627c4e6d04ec2449e733048bebb464\"\u003e\u003ccode\u003ebff0c87\u003c/code\u003e\u003c/a\u003e chore: remove codecov\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/a7c6abc6fee79641d45b452fe6217deaa1bd0973\"\u003e\u003ccode\u003ea7c6abc\u003c/code\u003e\u003c/a\u003e chore: replace travis with github workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9b9246e0969e86656d7ccd527716bc3c18842a19\"\u003e\u003ccode\u003e9b9246e\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e\u003ccode\u003e5ff3a07\u003c/code\u003e\u003c/a\u003e fix: disable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.14.9 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.14.9...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pbkdf2` from 3.1.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md\"\u003epbkdf2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.5...v3.1.6\"\u003ev3.1.6\u003c/a\u003e - 2026-05-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[New] add TypeScript type declarations \u003ca href=\"https://github.com/browserify/pbkdf2/commit/fb1f74746f8f1ab171d7d43ede48eeca9e694ce3\"\u003e\u003ccode\u003efb1f747\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] coerce \u003ccode\u003e-0\u003c/code\u003e keylen to \u003ccode\u003e+0\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7c4a4959142269cbfae8b1448e3a5848b84ac2f4\"\u003e\u003ccode\u003e7c4a495\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3cce1691f5021a70673ecb8833f729c1840cd38\"\u003e\u003ccode\u003ee3cce16\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix an error \u003ca href=\"https://github.com/browserify/pbkdf2/commit/f6b0e424257980e3331da18bd7d1ed3232d17afd\"\u003e\u003ccode\u003ef6b0e42\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix \u003ccode\u003enpm run postlint\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/b729629ca1ced08e42ecd5419a7971f20307ebb5\"\u003e\u003ccode\u003eb729629\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/5e0cf517d1124dd42df315b0cc5cc6219426350b\"\u003e\u003ccode\u003e5e0cf51\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/1c3b1f526b052a29b3b42120c9821895772df7e8\"\u003e\u003ccode\u003e1c3b1f5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge \u003ca href=\"https://github.com/browserify/pbkdf2/commit/528bd3861dda05e2d7e1ef7cbb724baca43766e3\"\u003e\u003ccode\u003e528bd38\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.4...v3.1.5\"\u003ev3.1.5\u003c/a\u003e - 2025-09-23\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] only allow finite iterations \u003ca href=\"https://github.com/browserify/pbkdf2/commit/67bd94dbbf21b93f5e282ee910728945c8ef2827\"\u003e\u003ccode\u003e67bd94d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] restore node 0.10 support \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8f59d962f71dcb2cc14067d7f514ff96e3406f81\"\u003e\u003ccode\u003e8f59d96\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] check parameters before the \u0026quot;no Promise\u0026quot; bailout \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d2dc5f052cacadf3d4a09d87164158da875ca740\"\u003e\u003ccode\u003ed2dc5f0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.3...v3.1.4\"\u003ev3.1.4\u003c/a\u003e - 2025-09-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ecreate-hash\u003c/code\u003e, \u003ccode\u003eripemd160\u003c/code\u003e, \u003ccode\u003esha.js\u003c/code\u003e, \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8dbf49b38235066c565a92eaf3722720a1333a2d\"\u003e\u003ccode\u003e8dbf49b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] update repo URLs \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d15bc351de0edbed394d2a6189176960aaa0d050\"\u003e\u003ccode\u003ed15bc35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/aaf870b1d1855e6a381af05021f304294a79f7c9\"\u003e\u003ccode\u003eaaf870b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.2...v3.1.3\"\u003ev3.1.3\u003c/a\u003e - 2025-06-20\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8b067308eedcc3b7da3e06202d437ff532de75bd\"\u003e\u003ccode\u003e8b06730\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix whitespace \u003ca href=\"https://github.com/browserify/pbkdf2/commit/9a76e2f37ef4541aeff92d97b7335b7fa6e989a8\"\u003e\u003ccode\u003e9a76e2f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix parens/curlies/semis/etc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/6fd84bf64a423d207d9e665f3e9fd88b148c4480\"\u003e\u003ccode\u003e6fd84bf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/796c38d428ed9546e7ddfbb38322faa99921d716\"\u003e\u003ccode\u003e796c38d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node 17 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/3661fb0156177bfe380c7bcc133917e7ee501bc7\"\u003e\u003ccode\u003e3661fb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;[Tests] fix tests in node \u0026lt; 3\u0026quot; \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7431b5766805cbf880c1b3d0f38d484357844ff7\"\u003e\u003ccode\u003e7431b57\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node \u0026lt; 3 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/eb9f97a66ed83836bebc4ff563a1588248708501\"\u003e\u003ccode\u003eeb9f97a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] ensure unknown algorithms throw + known ones match node \u003ca href=\"https://github.com/browserify/pbkdf2/commit/26d4fd391e00ed806840ea1ef7341937985f4ba8\"\u003e\u003ccode\u003e26d4fd3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add GHA, always run nyc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/513906a735e80a0e125e1a3363c5dbe90bb34bb7\"\u003e\u003ccode\u003e513906a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix a few more rules \u003ca href=\"https://github.com/browserify/pbkdf2/commit/ab04da834a0342cb3779486314fa67ebc1e3f035\"\u003e\u003ccode\u003eab04da8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] switch to eslint \u003ca href=\"https://github.com/browserify/pbkdf2/commit/89694cf7e4062a8c924fbe74ad2b2d3cf78f1715\"\u003e\u003ccode\u003e89694cf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add coverage \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d0d534bfdc4db6d6ea9f719606ad18a78db6c124\"\u003e\u003ccode\u003ed0d534b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb\"\u003e\u003ccode\u003ee3102a8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] improve badges \u003ca href=\"https://github.com/browserify/pbkdf2/commit/fca0c9d4c5b053d911315a3607367d1db9f9f605\"\u003e\u003ccode\u003efca0c9d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] remove unused travis file \u003ca href=\"https://github.com/browserify/pbkdf2/commit/a2c7d93bbcad73c49dad0c18fef6b8a4af8c3310\"\u003e\u003ccode\u003ea2c7d93\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] switch from \u003ccode\u003efiles\u003c/code\u003e to \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7f31fbca528fa5af3b7d3910daf09a7e5ed8adb4\"\u003e\u003ccode\u003e7f31fbc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] use .nycrc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8d628e8d5559b4acd4d4a714afb04a2990f901b7\"\u003e\u003ccode\u003e8d628e8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/ea4768bd09be327904b4ac075d9328c7c7ee2404\"\u003e\u003ccode\u003eea4768b\u003c/code\u003e\u003c/a\u003e v3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/b729629ca1ced08e42ecd5419a7971f20307ebb5\"\u003e\u003ccode\u003eb729629\u003c/code\u003e\u003c/a\u003e [Tests] fix \u003ccode\u003enpm run postlint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/7c4a4959142269cbfae8b1448e3a5848b84ac2f4\"\u003e\u003ccode\u003e7c4a495\u003c/code\u003e\u003c/a\u003e [Fix] coerce \u003ccode\u003e-0\u003c/code\u003e keylen to \u003ccode\u003e+0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/5e0cf517d1124dd42df315b0cc5cc6219426350b\"\u003e\u003ccode\u003e5e0cf51\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/1c3b1f526b052a29b3b42120c9821895772df7e8\"\u003e\u003ccode\u003e1c3b1f5\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3cce1691f5021a70673ecb8833f729c1840cd38\"\u003e\u003ccode\u003ee3cce16\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/f6b0e424257980e3331da18bd7d1ed3232d17afd\"\u003e\u003ccode\u003ef6b0e42\u003c/code\u003e\u003c/a\u003e [eslint] fix an error\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/fb1f74746f8f1ab171d7d43ede48eeca9e694ce3\"\u003e\u003ccode\u003efb1f747\u003c/code\u003e\u003c/a\u003e [New] add TypeScript type declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/528bd3861dda05e2d7e1ef7cbb724baca43766e3\"\u003e\u003ccode\u003e528bd38\u003c/code\u003e\u003c/a\u003e [readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/36879052911703147a6dfa5e97422126bf3cda5b\"\u003e\u003ccode\u003e3687905\u003c/code\u003e\u003c/a\u003e v3.1.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.2...v3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for pbkdf2 since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protocol-buffers-schema` from 3.6.0 to 3.6.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/protocol-buffers-schema/commit/46c34bd3199aa1e32374a1af59d02413b9ea197a\"\u003e\u003ccode\u003e46c34bd\u003c/code\u003e\u003c/a\u003e 3.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/protocol-buffers-schema/commit/2351031dd6f1d58930b8e46548e91b1e96f7c20c\"\u003e\u003ccode\u003e2351031\u003c/code\u003e\u003c/a\u003e Fixed parse.js to prevent Prototype Pollution (\u003ca href=\"https://redirect.github.com/mafintosh/protocol-buffers-schema/issues/70\"\u003e#70\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mafintosh/protocol-buffers-schema/compare/v3.6.0...v3.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sha.js` from 2.4.11 to 2.4.12\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/sha.js/blob/master/CHANGELOG.md\"\u003esha.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/sha.js/compare/v2.4.11...v2.4.12\"\u003ev2.4.12\u003c/a\u003e - 2025-07-01\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] switch to eslint \u003ca href=\"https://github.com/browserify/sha.js/commit/7acadfbd3abb558880212b20669fcb09e1aa1c58\"\u003e\u003ccode\u003e7acadfb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/b46e7116ebeaa82f34bbf2d7494fff7ef46eab3e\"\u003e\u003ccode\u003eb46e711\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix package.json indentation \u003ca href=\"https://github.com/browserify/sha.js/commit/df9d521e16ddf55dc877c43c05706d43c057fad4\"\u003e\u003ccode\u003edf9d521\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/sha.js/commit/c43c64adc6d3607d470538df72338fc02e63bc24\"\u003e\u003ccode\u003ec43c64a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] support multi-byte wide typed arrays \u003ca href=\"https://github.com/browserify/sha.js/commit/f2a258e9f2d0fcd113bfbaa49706e1ac0d979ba5\"\u003e\u003ccode\u003ef2a258e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] reorder package.json \u003ca href=\"https://github.com/browserify/sha.js/commit/d8d77c0a729c99593e304047f9d4335b498fd9ed\"\u003e\u003ccode\u003ed8d77c0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/35aec35c667b606b2495be3e4186bbe977b9e087\"\u003e\u003ccode\u003e35aec35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] avoid console logs \u003ca href=\"https://github.com/browserify/sha.js/commit/73e33ae0ca6bca232627cac7473028e1d218f67e\"\u003e\u003ccode\u003e73e33ae\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests run in batch \u003ca href=\"https://github.com/browserify/sha.js/commit/262913006e94616c8cd245ef6bd61bc4410b29e3\"\u003e\u003ccode\u003e2629130\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] drop node requirement to 0.10 \u003ca href=\"https://github.com/browserify/sha.js/commit/00c7f234aa3bdbd427ffeb929bacbb05334eb3e9\"\u003e\u003ccode\u003e00c7f23\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ebuffer\u003c/code\u003e, \u003ccode\u003ehash-test-vectors\u003c/code\u003e, \u003ccode\u003estandard\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypedarray\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/92b5de5f67472d9f18413d38ad5b9aba29ff4c22\"\u003e\u003ccode\u003e92b5de5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] drop node requirement to v3 \u003ca href=\"https://github.com/browserify/sha.js/commit/9b5eca80fd9bb21cf05bdf43ce42661f1bbafeaa\"\u003e\u003ccode\u003e9b5eca8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] set engines to \u003ccode\u003e\u0026amp;gt;= 4\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/807084c5c0f943459e89838252cafbd175b549b7\"\u003e\u003ccode\u003e807084c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/sha.js/commit/c72789c7a129cf453d44008ba27a88b90ac7989b\"\u003e\u003ccode\u003ec72789c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/5428cfc6f7177ad1a41c837b9387308848db96de\"\u003e\u003ccode\u003e5428cfc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/2dbe0aab419e90add5032c70c9663b8fc562adb8\"\u003e\u003ccode\u003e2dbe0aa\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate README to reflect LICENSE \u003ca href=\"https://github.com/browserify/sha.js/commit/8938256dbb2241a7c749e4a399dbaff48cbe8e95\"\u003e\u003ccode\u003e8938256\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/sha.js/commit/d52889688ce524e63570f35e448635a29e6dd791\"\u003e\u003ccode\u003ed528896\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused \u003ccode\u003ebuffer\u003c/code\u003e dep \u003ca href=\"https://github.com/browserify/sha.js/commit/94ca7247f467ef045f41d534708bf7c700e03828\"\u003e\u003ccode\u003e94ca724\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/eb4ea2fd3da93d41e250f9ac8a1a133ce450e0a2\"\u003e\u003ccode\u003eeb4ea2f\u003c/code\u003e\u003c/a\u003e v2.4.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/d8d77c0a729c99593e304047f9d4335b498fd9ed\"\u003e\u003ccode\u003ed8d77c0\u003c/code\u003e\u003c/a\u003e [meta] reorder package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/df9d521e16ddf55dc877c43c05706d43c057fad4\"\u003e\u003ccode\u003edf9d521\u003c/code\u003e\u003c/a\u003e [eslint] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/35aec35c667b606b2495be3e4186bbe977b9e087\"\u003e\u003ccode\u003e35aec35\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/d52889688ce524e63570f35e448635a29e6dd791\"\u003e\u003ccode\u003ed528896\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing peer dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/b46e7116ebeaa82f34bbf2d7494fff7ef46eab3e\"\u003e\u003ccode\u003eb46e711\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/94ca7247f467ef045f41d534708bf7c700e03828\"\u003e\u003ccode\u003e94ca724\u003c/code\u003e\u003c/a\u003e [Dev Deps] remove unused \u003ccode\u003ebuffer\u003c/code\u003e dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/2dbe0aab419e90add5032c70c9663b8fc562adb8\"\u003e\u003ccode\u003e2dbe0aa\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/73e33ae0ca6bca232627cac7473028e1d218f67e\"\u003e\u003ccode\u003e73e33ae\u003c/code\u003e\u003c/a\u003e [Tests] avoid console logs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/f2a258e9f2d0fcd113bfbaa49706e1ac0d979ba5\"\u003e\u003ccode\u003ef2a258e\u003c/code\u003e\u003c/a\u003e [Fix] support multi-byte wide typed arrays\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/sha.js/compare/v2.4.11...v2.4.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for sha.js since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar-fs` from 1.16.3 to 1.16.6\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/6c89b946d0f0043f94a7deb8820f7c3922bc2568\"\u003e\u003ccode\u003e6c89b94\u003c/code\u003e\u003c/a\u003e 1.16.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/4884466fee755d3e462ea9390748a1bf802cdfde\"\u003e\u003ccode\u003e4884466\u003c/code\u003e\u003c/a\u003e refactor to same pattern as v3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/3c6eddb6008d14f4ca83a439dd432263d29ecb0f\"\u003e\u003ccode\u003e3c6eddb\u003c/code\u003e\u003c/a\u003e 1.16.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/c5e7d961a50aaa9614fba3019516227756ea63b6\"\u003e\u003ccode\u003ec5e7d96\u003c/code\u003e\u003c/a\u003e hardlink tweak from main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/ff6510d7ba63b6ee200442b80f4326f369e7d4bd\"\u003e\u003ccode\u003eff6510d\u003c/code\u003e\u003c/a\u003e 1.16.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/df4bca54402e1f03bcbee0bb8ccbe3c4ca84636e\"\u003e\u003ccode\u003edf4bca5\u003c/code\u003e\u003c/a\u003e port fix from main\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mafintosh/tar-fs/compare/v1.16.3...v1.16.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tmp` from 0.2.1 to 0.2.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md\"\u003etmp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.2 (2024-02-28)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/raszi/node-tmp/pull/278\"\u003e#278\u003c/a\u003e Closes \u003ca href=\"https://redirect.github.com/raszi/node-tmp/issues/268\"\u003e#268\u003c/a\u003e: Revert \u0026quot;fix \u003ca href=\"https://redirect.github.com/raszi/node-tmp/issues/246\"\u003e#246\u003c/a\u003e: remove any double quotes or single quotes… (\u003ca href=\"https://github.com/mbargiel\"\u003e\u003ccode\u003e@​mbargiel\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:memo: Documentation\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/raszi/node-tmp/pull/279\"\u003e#279\u003c/a\u003e Closes \u003ca href=\"https://redirect.github.com/raszi/node-tmp/issues/266\"\u003e#266\u003c/a\u003e: move paragraph on graceful cleanup to the head of the documentation (\u003ca href=\"https://github.com/silkentrance\"\u003e\u003ccode\u003e@​silkentrance\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 5\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCarsten Klein (\u003ca href=\"https://github.com/silkentrance\"\u003e\u003ccode\u003e@​silkentrance\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDave Nicolson (\u003ca href=\"https://github.com/dnicolson\"\u003e\u003ccode\u003e@​dnicolson\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKARASZI István (\u003ca href=\"https://github.com/raszi\"\u003e\u003ccode\u003e@​raszi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMaxime Bargiel (\u003ca href=\"https://github.com/mbargiel\"\u003e\u003ccode\u003e@​mbargiel\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robertoaceves\"\u003e\u003ccode\u003e@​robertoaceves\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/8ea1f37d75c67569e0f151448330d52f7babf211\"\u003e\u003ccode\u003e8ea1f37\u003c/code\u003e\u003c/a\u003e Bump up the version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/8f24f788a356b5d45c9bec894632bd4931338153\"\u003e\u003ccode\u003e8f24f78\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/ce787f37aaacccad921ae90990c9da33481fe59c\"\u003e\u003ccode\u003ece787f3\u003c/code\u003e\u003c/a\u003e Reject non-string prefix, postfix, template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/41f71598d03f104a67e0448a7cb9bd4efcdd5980\"\u003e\u003ccode\u003e41f7159\u003c/code\u003e\u003c/a\u003e Bump up the version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/efa4a06f24374797ae32ab2b6ae39b7a611ae429\"\u003e\u003ccode\u003eefa4a06\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/7ef2728ce0211b8110b2033dfe62eaf030341acf\"\u003e\u003ccode\u003e7ef2728\u003c/code\u003e\u003c/a\u003e Check for relative values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/3d2fe387f3f91b13830b9182faa02c3231ea8258\"\u003e\u003ccode\u003e3d2fe38\u003c/code\u003e\u003c/a\u003e Bump up the version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/e16282879e5d0554fe824e1ab3df724847e91183\"\u003e\u003ccode\u003ee162828\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/raszi/node-tmp/issues/309\"\u003e#309\u003c/a\u003e from fflorent/fix-tmp-dir-with-dir\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/b847d2f1a42b625c26149f4a2029ed00a1edf90b\"\u003e\u003ccode\u003eb847d2f\u003c/code\u003e\u003c/a\u003e Fix use of tmp.dir() with \u003ccode\u003edir\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/08fa3abac32b621506512724b28b56b9c4a95846\"\u003e\u003ccode\u003e08fa3ab\u003c/code\u003e\u003c/a\u003e Update version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/raszi/node-tmp/compare/v0.2.1...v0.2.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Domimueller85/subgraphs/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Domimueller85/subgraphs/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Domimueller85%2Fsubgraphs/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4627363898","node_id":"PR_kwDOGb1TMc7kppNR","number":1,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-10T02:25:38.000Z","updated_at":"2026-06-10T02:26:49.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"next","old_version":"12.0.4","new_version":"15.5.18","repository_url":"https://github.com/vercel/next.js"},{"name":"apollo-server","old_version":"3.5.0","new_version":"3.13.0","repository_url":"https://github.com/apollographql/apollo-server"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.14.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@protobufjs/utf8","old_version":"1.1.0","new_version":"1.1.1","repository_url":"https://github.com/dcodeIO/protobuf.js"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"bn.js","old_version":"4.12.0","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"express","old_version":"4.17.1","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"flatted","old_version":"3.2.0","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.14.1","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.6","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.3.0","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar","old_version":"6.1.11","new_version":"6.2.1","repository_url":"https://github.com/isaacs/node-tar"},{"name":"yaml","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 17 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [next](https://github.com/vercel/next.js) | `12.0.4` | `15.5.18` |\n| [apollo-server](https://github.com/apollographql/apollo-server/tree/HEAD/packages/apollo-server) | `3.5.0` | `3.13.0` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.14.5` | `7.29.7` |\n| [@protobufjs/utf8](https://github.com/dcodeIO/protobuf.js) | `1.1.0` | `1.1.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.0` | `4.12.3` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.2` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.0` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.1` | `1.16.0` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.6` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.0` | `2.3.2` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar](https://github.com/isaacs/node-tar) | `6.1.11` | `6.2.1` |\n| [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` |\n\n\nUpdates `next` from 12.0.4 to 15.5.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.18\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.16\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.15\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23869\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23869\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9ff92cebcaa6ba4e7463b6fd037a8510ba9b81ec\"\u003e\u003ccode\u003e9ff92ce\u003c/code\u003e\u003c/a\u003e v15.5.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/00ebe23562bd7eb32dd78730984bfadb47138bcf\"\u003e\u003ccode\u003e00ebe23\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/62c97ab0b5825e2cbc15f6b682d8286a8dd6a038\"\u003e\u003ccode\u003e62c97ab\u003c/code\u003e\u003c/a\u003e v15.5.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/423623ae38c106273085b66946ee5bf9aab77f2c\"\u003e\u003ccode\u003e423623a\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/fa787399b38d9aa702118f9bd23a8315b9f0ecc6\"\u003e\u003ccode\u003efa78739\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36e62c6eb7813e42d409eb487f93b829f4ad77e8\"\u003e\u003ccode\u003e36e62c6\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93588\"\u003e#93588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36589b5db512b7704cdadd873cbe49b6dbcc9261\"\u003e\u003ccode\u003e36589b5\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93596\"\u003e#93596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ad6fd4e50e5aba20b60d283c42b89273a3167ccd\"\u003e\u003ccode\u003ead6fd4e\u003c/code\u003e\u003c/a\u003e v15.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/79d7dff1448483f0c8f187f98887b31019f6e494\"\u003e\u003ccode\u003e79d7dff\u003c/code\u003e\u003c/a\u003e Ignore malformed CSP nonce headers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c4f69086cc8dcbd81b1dbc321c98ea874d90d6f8\"\u003e\u003ccode\u003ec4f6908\u003c/code\u003e\u003c/a\u003e router-server: guard upgrade proxy against absolute-url SSRF (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/77\"\u003e#77\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v12.0.4...v15.5.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `apollo-server` from 3.5.0 to 3.13.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/f93284e853efd6da46d91ae40da47a2dd15b61fe\"\u003e\u003ccode\u003ef93284e\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/ea2e2c3e071afc9144af00cae7b51720b9cc8b32\"\u003e\u003ccode\u003eea2e2c3\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/fac578a32d5b6e21164fb649fc61d641d0401774\"\u003e\u003ccode\u003efac578a\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/6247d96ba90de6fa9b45995dcab72758c99aab78\"\u003e\u003ccode\u003e6247d96\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/538151b9f30dfc91036eef2f8f65fbf7922d861e\"\u003e\u003ccode\u003e538151b\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/f519e1d7de8564259eb1c8c1c7523669bd9ad815\"\u003e\u003ccode\u003ef519e1d\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/985c0795579a1d39e7b78edce1c9e2e7c8facf82\"\u003e\u003ccode\u003e985c079\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/2bf7f66db91aa2919266afc16f18a918501178ee\"\u003e\u003ccode\u003e2bf7f66\u003c/code\u003e\u003c/a\u003e chore(deps): update all non-major dependencies (main) (\u003ca href=\"https://github.com/apollographql/apollo-server/tree/HEAD/packages/apollo-server/issues/6852\"\u003e#6852\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/f6c5c9fec04c222aa15272b90d203ddc3fe64857\"\u003e\u003ccode\u003ef6c5c9f\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/e6097d614c9ac6887b359529cf27c1bd1a5de59c\"\u003e\u003ccode\u003ee6097d6\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apollographql/apollo-server/commits/apollo-server@3.13.0/packages/apollo-server\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.14.5 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@protobufjs/utf8` from 1.1.0 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dcodeIO/protobuf.js/releases\"\u003e@​protobufjs/utf8's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs-cli: v1.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-cli-v1.1.0...protobufjs-cli-v1.1.1\"\u003e1.1.1\u003c/a\u003e (2023-02-02)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecli:\u003c/strong\u003e fix relative path to Google pb files (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/1859\"\u003e#1859\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e42eea4868b11f4a07934804a56683321ed191e2\"\u003ee42eea4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/dcodeIO/protobuf.js/compare/pool-v1.1.0...utf8-v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `apollo-server-core` from 3.5.0 to 3.13.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/f93284e853efd6da46d91ae40da47a2dd15b61fe\"\u003e\u003ccode\u003ef93284e\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/4745ebed69775959212bbca7b02cff65c1f0dc64\"\u003e\u003ccode\u003e4745ebe\u003c/code\u003e\u003c/a\u003e Rename option from disableValidation to dangerouslyDisableValidation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/11f5981067f570c60a0003b51f3d634ebd8fa792\"\u003e\u003ccode\u003e11f5981\u003c/code\u003e\u003c/a\u003e Add disableValidation option to apollo-server-core\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/ea2e2c3e071afc9144af00cae7b51720b9cc8b32\"\u003e\u003ccode\u003eea2e2c3\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/1dd45b8366a6cee75e4ca321eeb5acf107e6c73e\"\u003e\u003ccode\u003e1dd45b8\u003c/code\u003e\u003c/a\u003e get CI passing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/d38b43bac88acdef4295759d7dcc3d4c348d9575\"\u003e\u003ccode\u003ed38b43b\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-j5g3-5c8r-7qfx\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/fac578a32d5b6e21164fb649fc61d641d0401774\"\u003e\u003ccode\u003efac578a\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/85540501642e9d4f9d7adcc1442885a2eddcc885\"\u003e\u003ccode\u003e8554050\u003c/code\u003e\u003c/a\u003e Update protobuf (version-3) (\u003ca href=\"https://github.com/apollographql/apollo-server/tree/HEAD/packages/apollo-server-core/issues/7412\"\u003e#7412\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/6247d96ba90de6fa9b45995dcab72758c99aab78\"\u003e\u003ccode\u003e6247d96\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/538151b9f30dfc91036eef2f8f65fbf7922d861e\"\u003e\u003ccode\u003e538151b\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apollographql/apollo-server/commits/apollo-server-core@3.13.0/packages/apollo-server-core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.0 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c4098bac2470418f8e0f6bf11fe0cb676a2b9047\"\u003e\u003ccode\u003ec4098ba\u003c/code\u003e\u003c/a\u003e 4.12.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6277fd705e51edae1c404c65f03ba2e512706945\"\u003e\u003ccode\u003e6277fd7\u003c/code\u003e\u003c/a\u003e backport(4.x): Fix imuln/muln with zero (backport of \u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ac0d4afaae91701815b9edc19789e44e7690d688\"\u003e\u003ccode\u003eac0d4af\u003c/code\u003e\u003c/a\u003e 4.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/a5f14b43ec61bc7cafc6de2e7444913b9f581b00\"\u003e\u003ccode\u003ea5f14b4\u003c/code\u003e\u003c/a\u003e Fix serious issue in \u003ccode\u003e.toString(16)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/0cd2661b9d08512263c940662586042ef8aaccc6\"\u003e\u003ccode\u003e0cd2661\u003c/code\u003e\u003c/a\u003e Remove package-lock.json added by npm\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.0...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.1 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.1...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.2.0 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.2.0...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.14.1 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.14.1...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 3.0.1 to 3.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.3...v3.0.4\"\u003ev3.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/f5e7eb024bc3fc7e2074ff80f143a4f4cbc1dbda\"\u003e\u003ccode\u003ef5e7eb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/1a78b5dd05e508d67e97764d812ac7c6d92ea88d\"\u003e\u003ccode\u003e1a78b5d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/b22a64ef94ba4f3f6ff7d1ac72a54cca128567df\"\u003e\u003ccode\u003eb22a64e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/11d9f7338f18a59b431832a3562b49baece0a432\"\u003e\u003ccode\u003e11d9f73\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.2...v3.0.3\"\u003ev3.0.3\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eObject.prototype.hasOwnProperty.call\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/7fecefe4ba8f775634aff86a698776ad95ecffb5\"\u003e\u003ccode\u003e7fecefe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e, \u003ccode\u003ecoveralls\u003c/code\u003e, \u003ccode\u003ecross-spawn\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003eformidable\u003c/code\u003e, \u003ccode\u003ein-publish\u003c/code\u003e, \u003ccode\u003epkgfiles\u003c/code\u003e, \u003ccode\u003epre-commit\u003c/code\u003e, \u003ccode\u003epuppeteer\u003c/code\u003e, \u003ccode\u003erequest\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypescript\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/8261fcb8bf5944d30ae3bd04b91b71d6a9932ef4\"\u003e\u003ccode\u003e8261fcb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/form-data/form-data/commit/b82f59093cdbadb4b7ec0922d33ae7ab048b82ff\"\u003e\u003ccode\u003eb82f590\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] pin \u003ccode\u003erequest\u003c/code\u003e which via \u003ccode\u003etough-cookie\u003c/code\u003e ^2.4 depends on \u003ccode\u003epsl\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/e5df7f24383342264bd73dee3274818a40d04065\"\u003e\u003ccode\u003ee5df7f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5a5bafee894fead10da49e1fa2b084e17f2e1034\"\u003e\u003ccode\u003e5a5bafe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.2\"\u003ev3.0.2\u003c/a\u003e - 2024-10-10\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/8fdb3bc6b5d001f8909a9fca391d1d1d97ef1d79\"\u003e\u003ccode\u003e8fdb3bc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] clean up ignores \u003ca href=\"https://github.com/form-data/form-data/commit/3217b3ded8e382e51171d5c74c6038a21cc54440\"\u003e\u003ccode\u003e3217b3d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: move util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e) \u003ca href=\"https://github.com/form-data/form-data/commit/edb555a811f6f7e4668db4831551cf41c1de1cac\"\u003e\u003ccode\u003eedb555a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/9c82fcdf0858b2764060a87803a55375ffbee6ed\"\u003e\u003ccode\u003e9c82fcd\u003c/code\u003e\u003c/a\u003e v3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e [meta] remove local commit hooks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e [Dev Deps] remove unused deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/002b9b0c4862576305292ac44f7be25ec7ccea0e\"\u003e\u003ccode\u003e002b9b0\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e [Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 0.1.7 to 0.1.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.1.13\u003c/h2\u003e\n\u003ch2\u003eImportant\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eFix backtracking (again)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImproved backtracking protection for 0.1.x, will break some previously valid paths (see previous advisory: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j\"\u003ehttps://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.11...v0.1.12\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.11...v0.1.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eError on bad input\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd error on bad input values  8f09549\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.11\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eBacktrack protection\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to parameters  29b96b4\n\u003cul\u003e\n\u003cli\u003eThis will break some edge cases but should improve performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eSupport non-lookahead regex output\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow a non-lookahead regex (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/312\"\u003e#312\u003c/a\u003e)  c4272e4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9\"\u003ehttps://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eSupport named matching groups in \u003ccode\u003eRegExp\u003c/code\u003e\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for named matching groups (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/301\"\u003e#301\u003c/a\u003e)  114f62d\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/blob/v.0.1.13/History.md\"\u003epath-to-regexp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.1.13 / 2026-03-26\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/9fd0c879f232c2464591f56dd7c7edad7f45b4e0\"\u003e\u003ccode\u003e9fd0c87\u003c/code\u003e\u003c/a\u003e 0.1.13 (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/425\"\u003e#425\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/7ccf02cee33402f06ed2125085992ee9cd3a7c45\"\u003e\u003ccode\u003e7ccf02c\u003c/code\u003e\u003c/a\u003e fix: CVE-2026-4867\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/640e694c6fd971f78268439df9cf44040855e669\"\u003e\u003ccode\u003e640e694\u003c/code\u003e\u003c/a\u003e 0.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4\"\u003e\u003ccode\u003ef01c26a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/0c7119248b7cb528a0aea3ba45ed4e2db007cba4\"\u003e\u003ccode\u003e0c71192\u003c/code\u003e\u003c/a\u003e 0.1.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/8f095497d678c2ec3495a99ab3928748731e73ee\"\u003e\u003ccode\u003e8f09549\u003c/code\u003e\u003c/a\u003e Add error on bad input values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c827fcea751b2e9ec6ca68a1b95a82e438728868\"\u003e\u003ccode\u003ec827fce\u003c/code\u003e\u003c/a\u003e 0.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f\"\u003e\u003ccode\u003e29b96b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to parameters\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/ac4c2345622a10a09c7ec229e3c29740935d67d7\"\u003e\u003ccode\u003eac4c234\u003c/code\u003e\u003c/a\u003e Update repo url (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/bdb663527106d51f149b12f74fca1018c20c8a53\"\u003e\u003ccode\u003ebdb6635\u003c/code\u003e\u003c/a\u003e 0.1.9\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v.0.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for path-to-regexp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pbkdf2` from 3.1.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md\"\u003epbkdf2's changelog\u003c/a\u003e.\u003c/...\n\n_Description has been truncated_","html_url":"https://github.com/Eprince-hub/react-graphql-frontend-backend-lessons/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Eprince-hub%2Freact-graphql-frontend-backend-lessons/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4624033564","node_id":"PR_kwDORpA4s87keuYc","number":6,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 14 directories with 17 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-14T02:16:27.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-09T17:11:58.000Z","updated_at":"2026-06-14T02:16:29.000Z","time_to_close":378269,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":17,"packages":[{"name":"@fastify/http-proxy","old_version":"11.3.0","new_version":"11.4.4","repository_url":"https://github.com/fastify/fastify-http-proxy"},{"name":"@opentelemetry/sdk-node","old_version":"0.206.0","new_version":"0.217.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"fastify","old_version":"5.7.3","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"},{"name":"i18next-http-backend","old_version":"2.5.2","new_version":"3.0.5","repository_url":"https://github.com/i18next/i18next-http-backend"},{"name":"nodemailer","old_version":"7.0.11","new_version":"8.0.5","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"rollup","old_version":"4.22.5","new_version":"4.59.0","repository_url":"https://github.com/rollup/rollup"},{"name":"samlify","old_version":"2.10.0","new_version":"2.13.0","repository_url":"https://github.com/tngan/samlify"},{"name":"simple-git","old_version":"3.21.0","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"yaml","old_version":"2.4.1","new_version":"2.8.3","repository_url":"https://github.com/eemeli/yaml"},{"name":"vite","old_version":"6.4.1","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"webpack","old_version":"5.101.3","new_version":"5.104.1","repository_url":"https://github.com/webpack/webpack"},{"name":"@fastify/static","old_version":"8.1.0","new_version":"9.1.1","repository_url":"https://github.com/fastify/fastify-static"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.3.1","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"ajv","old_version":"8.12.0","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"mailparser","old_version":"3.7.5","new_version":"3.9.3","repository_url":"https://github.com/nodemailer/mailparser"},{"name":"lodash","old_version":"4.17.23","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"fast-xml-parser","old_version":"5.3.7","new_version":"5.7.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 17 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/http-proxy](https://github.com/fastify/fastify-http-proxy) | `11.3.0` | `11.4.4` |\n| [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js) | `0.206.0` | `0.217.0` |\n| [fastify](https://github.com/fastify/fastify) | `5.7.3` | `5.8.5` |\n| [i18next-http-backend](https://github.com/i18next/i18next-http-backend) | `2.5.2` | `3.0.5` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `7.0.11` | `8.0.5` |\n| [rollup](https://github.com/rollup/rollup) | `4.22.5` | `4.59.0` |\n| [samlify](https://github.com/tngan/samlify) | `2.10.0` | `2.13.0` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.21.0` | `3.36.0` |\n| [yaml](https://github.com/eemeli/yaml) | `2.4.1` | `2.8.3` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.4.1` | `6.4.2` |\n| [webpack](https://github.com/webpack/webpack) | `5.101.3` | `5.104.1` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.1.0` | `9.1.1` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.3.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.12.0` | `8.18.0` |\n| [mailparser](https://github.com/nodemailer/mailparser) | `3.7.5` | `3.9.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.3.7` | `5.7.0` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/ai directory: [ajv](https://github.com/ajv-validator/ajv).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/claude directory: [ajv](https://github.com/ajv-validator/ajv).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/firecrawl directory: [ajv](https://github.com/ajv-validator/ajv).\nBumps the npm_and_yarn group with 2 updates in the /packages/pieces/community/gmail directory: [nodemailer](https://github.com/nodemailer/nodemailer) and [mailparser](https://github.com/nodemailer/mailparser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/google-sheets directory: [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/imap directory: [mailparser](https://github.com/nodemailer/mailparser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/salesforce directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/zoho-mail directory: [mailparser](https://github.com/nodemailer/mailparser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/sftp directory: [basic-ftp](https://github.com/patrickjuchli/basic-ftp).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/smtp directory: [nodemailer](https://github.com/nodemailer/nodemailer).\nBumps the npm_and_yarn group with 7 updates in the /packages/server/api directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/http-proxy](https://github.com/fastify/fastify-http-proxy) | `11.3.0` | `11.4.4` |\n| [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js) | `0.206.0` | `0.217.0` |\n| [fastify](https://github.com/fastify/fastify) | `5.7.3` | `5.8.5` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `7.0.11` | `8.0.5` |\n| [samlify](https://github.com/tngan/samlify) | `2.10.0` | `2.13.0` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.21.0` | `3.36.0` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.1.0` | `9.1.1` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/server/worker directory: [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js).\nBumps the npm_and_yarn group with 1 update in the /packages/web directory: [i18next-http-backend](https://github.com/i18next/i18next-http-backend).\n\nUpdates `@fastify/http-proxy` from 11.3.0 to 11.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-http-proxy/releases\"\u003e@​fastify/http-proxy's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev11.4.4\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33805 \u003ca href=\"https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37\"\u003ehttps://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: remove fast-proxy dependency by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/453\"\u003efastify/fastify-http-proxy#453\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/454\"\u003efastify/fastify-http-proxy#454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump pino-test from 1.1.0 to 2.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/456\"\u003efastify/fastify-http-proxy#456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 5.9.3 to 6.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/455\"\u003efastify/fastify-http-proxy#455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/457\"\u003efastify/fastify-http-proxy#457\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/459\"\u003efastify/fastify-http-proxy#459\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.3...v11.4.4\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.3...v11.4.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Only replace the prefix at the beginning of the URL. by \u003ca href=\"https://github.com/ShogunPanda\"\u003e\u003ccode\u003e@​ShogunPanda\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/452\"\u003efastify/fastify-http-proxy#452\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.2...v11.4.3\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.2...v11.4.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/443\"\u003efastify/fastify-http-proxy#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade borp to v1.0.0 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/445\"\u003efastify/fastify-http-proxy#445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/446\"\u003efastify/fastify-http-proxy#446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/448\"\u003efastify/fastify-http-proxy#448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: removed stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/449\"\u003efastify/fastify-http-proxy#449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(qs): preserve fromParameters query params by \u003ca href=\"https://github.com/rozzilla\"\u003e\u003ccode\u003e@​rozzilla\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/451\"\u003efastify/fastify-http-proxy#451\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/445\"\u003efastify/fastify-http-proxy#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.1...v11.4.2\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.1...v11.4.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add types and updated docs for 'preRewrite'. by \u003ca href=\"https://github.com/mn4367\"\u003e\u003ccode\u003e@​mn4367\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/442\"\u003efastify/fastify-http-proxy#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mn4367\"\u003e\u003ccode\u003e@​mn4367\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/442\"\u003efastify/fastify-http-proxy#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.0...v11.4.1\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.0...v11.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 22.15.34 to 24.0.8 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/424\"\u003efastify/fastify-http-proxy#424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 5.8.3 to 5.9.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/426\"\u003efastify/fastify-http-proxy#426\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/15df3dc5eca55e2e61dba1745f422690b4a55257\"\u003e\u003ccode\u003e15df3dc\u003c/code\u003e\u003c/a\u003e Bumped v11.4.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/87ded36a2a67b3530a4c04f836ba4f26b26b12ae\"\u003e\u003ccode\u003e87ded36\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/459\"\u003e#459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/4011c5d6a3da2b33e8fea5234f09cbd447dfa8f0\"\u003e\u003ccode\u003e4011c5d\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/457\"\u003e#457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/7d287c244a6ec8b222bad4e8fff289c26d0b1606\"\u003e\u003ccode\u003e7d287c2\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump typescript from 5.9.3 to 6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/455\"\u003e#455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/801beea98c3a61b168c64deef4ce694fdafd8804\"\u003e\u003ccode\u003e801beea\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump pino-test from 1.1.0 to 2.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/456\"\u003e#456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/b05568e6b7db701c95171c3a0194516cbb0fea13\"\u003e\u003ccode\u003eb05568e\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/454\"\u003e#454\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/1d675fd2add0e523ea1a97c6f8506ce769366cdc\"\u003e\u003ccode\u003e1d675fd\u003c/code\u003e\u003c/a\u003e chore: remove fast-proxy dependency (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/453\"\u003e#453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/16e2044b7c4b59e6069712510da3a3f4f6bab636\"\u003e\u003ccode\u003e16e2044\u003c/code\u003e\u003c/a\u003e Bumped v11.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/be4a26865b1a588fb016523b35db4baeb16cfe0a\"\u003e\u003ccode\u003ebe4a268\u003c/code\u003e\u003c/a\u003e fix: Only replace the prefix at the beginning of the URL. (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/452\"\u003e#452\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/f5719401e8693716be0001c9e8f777675b965cc5\"\u003e\u003ccode\u003ef571940\u003c/code\u003e\u003c/a\u003e v11.4.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.3.0...v11.4.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@opentelemetry/sdk-node` from 0.206.0 to 0.217.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/releases\"\u003e@​opentelemetry/sdk-node's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eexperimental/v0.217.0\u003c/h2\u003e\n\u003ch2\u003e0.217.0\u003c/h2\u003e\n\u003ch3\u003e:rocket: Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(otlp-transformer): replace protobufjs trace serialization with custom implementation \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6625\"\u003e#6625\u003c/a\u003e \u003ca href=\"https://github.com/pichlermarc\"\u003e\u003ccode\u003e@​pichlermarc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(configuration): auto-generate TypeScript types from OTel declarative config JSON schema (stable v1.0.0) using \u003ccode\u003ejson-schema-to-typescript\u003c/code\u003e and \u003ccode\u003eajv\u003c/code\u003e \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6533\"\u003e#6533\u003c/a\u003e \u003ca href=\"https://github.com/MikeGoldsmith\"\u003e\u003ccode\u003e@​MikeGoldsmith\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(configuration, sdk-node): \u003ccode\u003estartNodeSDK()\u003c/code\u003e code path now uses \u003ccode\u003elog_level\u003c/code\u003e configuration to setup a DiagConsoleLogger \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6668\"\u003e#6668\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eNote that allowed values for \u003ccode\u003elog_level\u003c/code\u003e in a configuration YAML file are \u003cem\u003enot\u003c/em\u003e the same set as for \u003ccode\u003eOTEL_LOG_LEVEL\u003c/code\u003e. Use \u003ccode\u003elog_level: trace\u003c/code\u003e to see \u003cem\u003eall\u003c/em\u003e logs (equivalent of \u003ccode\u003eOTEL_LOG_LEVEL=ALL\u003c/code\u003e). Use \u003ccode\u003elog_level: fatal\u003c/code\u003e to effectively disable the SDK's internal diagnostic logger (equivalent of \u003ccode\u003eOTEL_LOG_LEVEL=NONE\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eIf \u003ccode\u003elog_level\u003c/code\u003e is not specified, a diagnostic console logger at \u0026quot;info\u0026quot; level will be setup.\u003c/li\u003e\n\u003cli\u003eAn invalid YAML config file will now result in a noop OTel SDK.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e:bug: Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix(configuration): do not validate \u003ccode\u003eOTEL_CONFIG_FILE\u003c/code\u003e value before using it for file config \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6643\"\u003e#6643\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): improve how 'additionalProperties' in JSON schema is translated to TS types \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6650\"\u003e#6650\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): remove stripMinItems and preprocessNullArrays from validation/parsing \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6657\"\u003e#6657\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): improve handling of enums in generated types \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6659\"\u003e#6659\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): improve the technique for removing '| null' on types the JSON Schema \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6662\"\u003e#6662\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(sampler-jaeger-remote): add missing axios dep \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6656\"\u003e#6656\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(exporter-prometheus): handle malformed URLs in Prometheus exporter request handler \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6674\"\u003e#6674\u003c/a\u003e \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eexperimental/v0.216.0\u003c/h2\u003e\n\u003ch2\u003e0.216.0\u003c/h2\u003e\n\u003ch3\u003e:rocket: Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(sdk-node): wire attribute_keys from declarative configuration to ViewOptions.attributesProcessors \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6427\"\u003e#6427\u003c/a\u003e \u003ca href=\"https://github.com/ravitheja4531-cell\"\u003e\u003ccode\u003e@​ravitheja4531-cell\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(sdk-node): set TracerProvider in startNodeSDK() \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6607\"\u003e#6607\u003c/a\u003e \u003ca href=\"https://github.com/maryliag\"\u003e\u003ccode\u003e@​maryliag\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e:bug: Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix(instrumentation-xml-http-request): avoid unwrapping \u003ccode\u003eXMLHttpRequest\u003c/code\u003e API when disabling \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6611\"\u003e#6611\u003c/a\u003e \u003ca href=\"https://github.com/david-luna\"\u003e\u003ccode\u003e@​david-luna\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(instrumentation-fetch): tolerate non-writable \u003ccode\u003eglobalThis.fetch\u003c/code\u003e and fix premature \u003ccode\u003e_isEnabled\u003c/code\u003e / \u003ccode\u003e_isFetchPatched\u003c/code\u003e flips in \u003ccode\u003eenable()\u003c/code\u003e \u003ca href=\"https://github.com/brunorodmoreira\"\u003e\u003ccode\u003e@​brunorodmoreira\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(instrumentation-xhr): resolve relative URLs before matching \u003ccode\u003eignoreUrls\u003c/code\u003e \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6551\"\u003e#6551\u003c/a\u003e \u003ca href=\"https://github.com/Maximiliano-Zeballos\"\u003e\u003ccode\u003e@​Maximiliano-Zeballos\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(sdk-node): fix setting of ViewOption#name from ConfigurationModel \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6620\"\u003e#6620\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(web-common): add limit for timeout \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6601\"\u003e#6601\u003c/a\u003e \u003ca href=\"https://github.com/maryliag\"\u003e\u003ccode\u003e@​maryliag\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(otlp-transformer): pin protobufjs@8.0.1 as protobufjs@8.0.3 is broken for browser use \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6646\"\u003e#6646\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e:house: Internal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etest(otlp-transformer): add metrics transform benchmark \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6628\"\u003e#6628\u003c/a\u003e \u003ca href=\"https://github.com/pichlermarc\"\u003e\u003ccode\u003e@​pichlermarc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(opentelemetry-exporter-prometheus): do not call enforcePrometheusNamingConvention() multiple times per metric \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6636\"\u003e#6636\u003c/a\u003e \u003ca href=\"https://github.com/cjihrig\"\u003e\u003ccode\u003e@​cjihrig\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eexperimental/v0.215.0\u003c/h2\u003e\n\u003ch2\u003e0.215.0\u003c/h2\u003e\n\u003ch3\u003e:boom: Breaking Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/74cde1b674508ccc0ed2601ac43a80ff2d35114c\"\u003e\u003ccode\u003e74cde1b\u003c/code\u003e\u003c/a\u003e chore: prepare next release (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6675\"\u003e#6675\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/e8f439adcbec23261d26fcc205f4d2a6d74f16c7\"\u003e\u003ccode\u003ee8f439a\u003c/code\u003e\u003c/a\u003e fix: handle malformed URLs in Prometheus exporter request handler (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6674\"\u003e#6674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/ab3a2e280e589a43d705278be5e8c8308b1b4081\"\u003e\u003ccode\u003eab3a2e2\u003c/code\u003e\u003c/a\u003e feat(sdk-node, configuration): diag log handling updates for startNodeSDK(), ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/d5b7d1e5c6cd3c9547137d0cc6a5185b7b5a8155\"\u003e\u003ccode\u003ed5b7d1e\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency axios to v1.15.2 [security] (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6670\"\u003e#6670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/c16361877b77828d324733a4c8bed6d2ed10c884\"\u003e\u003ccode\u003ec163618\u003c/code\u003e\u003c/a\u003e chore(deps): update github/codeql-action digest to e46ed2c (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6661\"\u003e#6661\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/ec2bfbe0b2afb9d29725140b2d0350e47e23250d\"\u003e\u003ccode\u003eec2bfbe\u003c/code\u003e\u003c/a\u003e chore(configuration): move config generation scripts into the configuration p...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/acc9ecd99591c054e9f3b9d9e36cbd4333bb1411\"\u003e\u003ccode\u003eacc9ecd\u003c/code\u003e\u003c/a\u003e chore(configuration): cosmetic changes to generated types.ts (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6663\"\u003e#6663\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/8f008ece4ee20ad7ef55f673c208010ddb59f751\"\u003e\u003ccode\u003e8f008ec\u003c/code\u003e\u003c/a\u003e chore: Move inactive members to emeritus (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6649\"\u003e#6649\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/435431e4705fd1fb45eec009a3f831b91e6673cd\"\u003e\u003ccode\u003e435431e\u003c/code\u003e\u003c/a\u003e fix(configuration): improve the technique for removing '| null' on types due ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/42220244e99c5ace5c2ac7365d232d3b9d1038b2\"\u003e\u003ccode\u003e4222024\u003c/code\u003e\u003c/a\u003e fix(configuration): improve handling of enums in generated types (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6659\"\u003e#6659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/compare/experimental/v0.206.0...experimental/v0.217.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.7.3 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.3\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-3635 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(readme): add \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e to plugin team by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6565\"\u003efastify/fastify#6565\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated Plugins-Guide.md; Changed \u0026quot;fastify\u0026quot; to \u0026quot;instance\u0026quot; during plugin registration to showcase that it's added as a child by \u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: use fastify.test in test case by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6568\"\u003efastify/fastify#6568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use fastify.example in documentation by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6567\"\u003efastify/fastify#6567\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add common performance degradation guidance by \u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(server): fix camelCase anchor links in TOC by \u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(link-checker): fix root-relative links resolution by \u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update syntax markdown, absolute paths and links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6569\"\u003efastify/fastify#6569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify content-type parser/schema mismatch is outside threat model by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6537\"\u003efastify/fastify#6537\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix incorrect code examples in Reply and Request reference by \u003ca href=\"https://github.com/mahmoodhamdi\"\u003e\u003ccode\u003e@​mahmoodhamdi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6582\"\u003efastify/fastify#6582\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: replace redirected npm.im http-errors link by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6588\"\u003efastify/fastify#6588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: Allow port to be null in request type definition by \u003ca href=\"https://github.com/TristanBarlow\"\u003e\u003ccode\u003e@​TristanBarlow\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6589\"\u003efastify/fastify#6589\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6593\"\u003efastify/fastify#6593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(lock-threads): use shared lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6592\"\u003efastify/fastify#6592\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3983cce8124714242099e8756a7a9a80a0ba0aea\"\u003e\u003ccode\u003e3983cce\u003c/code\u003e\u003c/a\u003e Bumped v5.8.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3ce3ae6752dbed672759856081af9cb1e2733105\"\u003e\u003ccode\u003e3ce3ae6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/b06a196b694c0c7aed53976cd77456f1ad7d4c9f\"\u003e\u003ccode\u003eb06a196\u003c/code\u003e\u003c/a\u003e docs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6610\"\u003e#6610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/909c5d5329536b0acc004da7649b3da8af9273b2\"\u003e\u003ccode\u003e909c5d5\u003c/code\u003e\u003c/a\u003e chore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6630\"\u003e#6630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/4db21a36ddb588acaebf5a4472ccb3b0d5fc9db0\"\u003e\u003ccode\u003e4db21a3\u003c/code\u003e\u003c/a\u003e chore: Bump borp from 0.21.0 to 1.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6633\"\u003e#6633\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/0f4e544c8acd7c42df347936e613a73cecc4f3fe\"\u003e\u003ccode\u003e0f4e544\u003c/code\u003e\u003c/a\u003e chore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6632\"\u003e#6632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/33a2fcd39de584713495bf4b3bd864137746f224\"\u003e\u003ccode\u003e33a2fcd\u003c/code\u003e\u003c/a\u003e chore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6629\"\u003e#6629\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/fd35d829a8cd496a3c1170c0c1c021130e3ca0e8\"\u003e\u003ccode\u003efd35d82\u003c/code\u003e\u003c/a\u003e ci: reduce cron schedules from daily/weekly to monthly (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6623\"\u003e#6623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/8dee9be05ebf683cd212aeff1d294f6ea1ec405c\"\u003e\u003ccode\u003e8dee9be\u003c/code\u003e\u003c/a\u003e fix: restore trustProxy function for number and string types, add null check ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/d457aeda8611777389c7e4713a288eb7ddb9a389\"\u003e\u003ccode\u003ed457aed\u003c/code\u003e\u003c/a\u003e chore: upgrade to typescript v6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6605\"\u003e#6605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify/compare/v5.7.3...v5.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `i18next-http-backend` from 2.5.2 to 3.0.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/i18next/i18next-http-backend/blob/master/CHANGELOG.md\"\u003ei18next-http-backend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e3.0.5\u003c/h3\u003e\n\u003cp\u003eSecurity release — all issues found via an internal audit. See published advisory \u003ca href=\"https://github.com/i18next/i18next-http-backend/security/advisories/GHSA-q89c-q3h5-w34g\"\u003eGHSA-q89c-q3h5-w34g\u003c/a\u003e.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity: refuse to build request URLs when \u003ccode\u003elng\u003c/code\u003e or \u003ccode\u003ens\u003c/code\u003e values contain path-traversal, URL-structure (\u003ccode\u003e?\u003c/code\u003e, \u003ccode\u003e#\u003c/code\u003e, \u003ccode\u003e%\u003c/code\u003e, \u003ccode\u003e@\u003c/code\u003e, whitespace), path separators, control characters, prototype keys, or exceed 128 chars. Prevents path traversal / SSRF / URL injection via attacker-controlled language-code values. \u003ccode\u003eisSafeUrlSegment\u003c/code\u003e is permissive for legitimate i18next language codes (any BCP-47-like shape, underscores, hyphens, dots, \u003ccode\u003e+\u003c/code\u003e-joined multi-language requests) (\u003ca href=\"https://github.com/i18next/i18next-http-backend/security/advisories/GHSA-q89c-q3h5-w34g\"\u003eGHSA-q89c-q3h5-w34g\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esecurity: per-instance \u003ccode\u003eomitFetchOptions\u003c/code\u003e — the fetch-options-stripping fallback is now scoped to a single backend instance via \u003ccode\u003eoptions._omitFetchOptions\u003c/code\u003e instead of a module-level boolean. One instance hitting a \u0026quot;not implemented\u0026quot; fetch error no longer permanently strips \u003ccode\u003erequestOptions\u003c/code\u003e (including \u003ccode\u003ecredentials\u003c/code\u003e, \u003ccode\u003emode\u003c/code\u003e, \u003ccode\u003ecache\u003c/code\u003e) from every other backend instance in the same process\u003c/li\u003e\n\u003cli\u003esecurity: strip CR/LF/NUL and other C0/C1 control characters from \u003ccode\u003elng\u003c/code\u003e/\u003ccode\u003ens\u003c/code\u003e / URL values before they appear in error-callback strings (CWE-117 log forging)\u003c/li\u003e\n\u003cli\u003esecurity: redact \u003ccode\u003euser:password\u003c/code\u003e credentials from URLs before including them in error-callback strings — prevents leaking basic-auth credentials embedded in \u003ccode\u003eloadPath\u003c/code\u003e / \u003ccode\u003eaddPath\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003esecurity: iterate own enumerable keys only (\u003ccode\u003eObject.keys\u003c/code\u003e + prototype-key guard) in \u003ccode\u003eaddQueryString\u003c/code\u003e and in the \u003ccode\u003ecustomHeaders\u003c/code\u003e loop in XHR mode — prevents prototype-pollution amplification into the URL and request headers\u003c/li\u003e\n\u003cli\u003echore: ignore \u003ccode\u003e.env*\u003c/code\u003e and \u003ccode\u003e*.pem\u003c/code\u003e/\u003ccode\u003e*.key\u003c/code\u003e files in \u003ccode\u003e.gitignore\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse own interpolation function for loadPath and addPath instead of relying on i18next's interpolator \u003ca href=\"https://redirect.github.com/i18next/i18next/issues/2420\"\u003ei18next#2420\u003c/a\u003e — this means only \u003ccode\u003e{{lng}}\u003c/code\u003e and \u003ccode\u003e{{ns}}\u003c/code\u003e placeholders are supported; custom interpolation prefix/suffix from i18next config no longer applies to backend paths\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize fetchApi selector\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etry to get rid of top-level await\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix for Deno 2 and removal of unnecessary .cjs file\u003c/li\u003e\n\u003cli\u003efor esm build environments not supporting top-level await, you should import the \u003ccode\u003ei18next-http-backend/cjs\u003c/code\u003e export or stay at v2.6.2 or v2.7.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize fetchApi selector [backported]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esame as 2.6.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeprecated, same as v3.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove network error detection across browsers \u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/pull/152\"\u003e152\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize \u0026quot;Failed to fetch\u0026quot; retry case \u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/issues/147\"\u003e147\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.0\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/5757fa3283bff31bd75e75598c3bcb44179bd892\"\u003e\u003ccode\u003e5757fa3\u003c/code\u003e\u003c/a\u003e 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4cee84f229c637b9c182366d3156f726d407a621\"\u003e\u003ccode\u003e4cee84f\u003c/code\u003e\u003c/a\u003e security: hardening for 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4cbc48741128d9b1f6cceb43edabfbec84c92615\"\u003e\u003ccode\u003e4cbc487\u003c/code\u003e\u003c/a\u003e Bump next from 16.2.1 to 16.2.3 in /example/next (\u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/issues/180\"\u003e#180\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/0d7dcbb09989d358b3af9a67658469ae8ed361dc\"\u003e\u003ccode\u003e0d7dcbb\u003c/code\u003e\u003c/a\u003e make last change more clear\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/c740e013ab5ff4ea3a71f9e0842a302bdf4147ae\"\u003e\u003ccode\u003ec740e01\u003c/code\u003e\u003c/a\u003e year\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/e1dc72b3fb016932959d2bf796d94985baca7050\"\u003e\u003ccode\u003ee1dc72b\u003c/code\u003e\u003c/a\u003e changelog fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4dbb4851ff53b0058d8f0a254779b45c839e6c24\"\u003e\u003ccode\u003e4dbb485\u003c/code\u003e\u003c/a\u003e 3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/5f33a0c2d72f8f9c1e0add30b9b75a0c2edeb7b6\"\u003e\u003ccode\u003e5f33a0c\u003c/code\u003e\u003c/a\u003e use own interpolation function for loadPath and addPath instead of relying on...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/681c09d12ebfafef09351b784d2e7b250328879f\"\u003e\u003ccode\u003e681c09d\u003c/code\u003e\u003c/a\u003e update ci actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/e63ff163717ba02c589e27fa81cc881add892fbd\"\u003e\u003ccode\u003ee63ff16\u003c/code\u003e\u003c/a\u003e adjust deno test\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/i18next/i18next-http-backend/compare/v2.5.2...v3.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nodemailer` from 7.0.11 to 8.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/releases\"\u003enodemailer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.4...v8.0.5\"\u003e8.0.5\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edecode SMTP server responses as UTF-8 at line boundary (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e95876b1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esanitize CRLF in transport name option to prevent SMTP command injection (GHSA-vvjj-xcjg-gr5g) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e0a43876\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4\"\u003e8.0.4\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esanitize envelope size to prevent SMTP command injection (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e2d7b971\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.2...v8.0.3\"\u003e8.0.3\u003c/a\u003e (2026-03-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up addressparser and fix group name fallback producing undefined (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9d55877f8ed15a6aefd7ba76cbb6b6a6cdbcc4fd\"\u003e9d55877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix cookie bugs, remove dead code, and improve hot-path efficiency (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003ee8c8b92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor smtp-connection for clarity and add Node.js 6 syntax compat test (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c5b48ea61c28eabf347972f4198a12cdab226ff7\"\u003ec5b48ea\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove familySupportCache that broke DNS resolution tests (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003ec803d90\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.2\"\u003e8.0.2\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emerge fragmented display names with unquoted commas in addressparser (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/fe27f7fd57f7587d897274438da2f628ad0ad7d9\"\u003efe27f7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.0...v8.0.1\"\u003e8.0.1\u003c/a\u003e (2026-02-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/7f8dde41438c66b8311e888fa5f8c518fcaba6f1\"\u003e7f8dde4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/381f628d55e62bb3131bd2a452fa1ce00bc48aea\"\u003e381f628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Gmail Workspace service configuration (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1787\"\u003e#1787\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/dc97ede417b3030b311771541b1f17f5ca76bcbf\"\u003edc97ede\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.13...v8.0.0\"\u003e8.0.0\u003c/a\u003e (2026-02-04)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md\"\u003enodemailer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.4...v8.0.5\"\u003e8.0.5\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edecode SMTP server responses as UTF-8 at line boundary (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e95876b1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esanitize CRLF in transport name option to prevent SMTP command injection (GHSA-vvjj-xcjg-gr5g) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e0a43876\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4\"\u003e8.0.4\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esanitize envelope size to prevent SMTP command injection (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e2d7b971\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.2...v8.0.3\"\u003e8.0.3\u003c/a\u003e (2026-03-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up addressparser and fix group name fallback producing undefined (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9d55877f8ed15a6aefd7ba76cbb6b6a6cdbcc4fd\"\u003e9d55877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix cookie bugs, remove dead code, and improve hot-path efficiency (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003ee8c8b92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor smtp-connection for clarity and add Node.js 6 syntax compat test (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c5b48ea61c28eabf347972f4198a12cdab226ff7\"\u003ec5b48ea\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove familySupportCache that broke DNS resolution tests (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003ec803d90\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.2\"\u003e8.0.2\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emerge fragmented display names with unquoted commas in addressparser (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/fe27f7fd57f7587d897274438da2f628ad0ad7d9\"\u003efe27f7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.0...v8.0.1\"\u003e8.0.1\u003c/a\u003e (2026-02-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/7f8dde41438c66b8311e888fa5f8c518fcaba6f1\"\u003e7f8dde4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/381f628d55e62bb3131bd2a452fa1ce00bc48aea\"\u003e381f628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Gmail Workspace service configuration (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1787\"\u003e#1787\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/dc97ede417b3030b311771541b1f17f5ca76bcbf\"\u003edc97ede\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.13...v8.0.0\"\u003e8.0.0\u003c/a\u003e (2026-02-04)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eError code 'NoAuth' renamed to 'ENOAUTH'\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/202cfb3e14010223204e9ba9f7430176be624f0f\"\u003e\u003ccode\u003e202cfb3\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.5 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1809\"\u003e#1809\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/b634abf05959edcc7207cdaba2c6541f92994cbb\"\u003e\u003ccode\u003eb634abf\u003c/code\u003e\u003c/a\u003e docs: add CLAUDE.md with project conventions and release process\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e\u003ccode\u003e95876b1\u003c/code\u003e\u003c/a\u003e fix: decode SMTP server responses as UTF-8 at line boundary\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e\u003ccode\u003e0a43876\u003c/code\u003e\u003c/a\u003e fix: sanitize CRLF in transport name option to prevent SMTP command injection...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/08e59e64d0f8595fa535f07061787e0946372657\"\u003e\u003ccode\u003e08e59e6\u003c/code\u003e\u003c/a\u003e chore: update dev dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d319753c34d2f0ced24d8eb1d7d866d965f59f4\"\u003e\u003ccode\u003e2d31975\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.4 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1806\"\u003e#1806\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e\u003ccode\u003e2d7b971\u003c/code\u003e\u003c/a\u003e fix: sanitize envelope size to prevent SMTP command injection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/4e702e97650aaff442a7bc040957ba9c53c614b8\"\u003e\u003ccode\u003e4e702e9\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.3 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1804\"\u003e#1804\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003e\u003ccode\u003ec803d90\u003c/code\u003e\u003c/a\u003e fix: remove familySupportCache that broke DNS resolution tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003e\u003ccode\u003ee8c8b92\u003c/code\u003e\u003c/a\u003e fix: fix cookie bugs, remove dead code, and improve hot-path efficiency\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.11...v8.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rollup` from 4.22.5 to 4.59.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/releases\"\u003erollup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.59.0\u003c/h2\u003e\n\u003ch2\u003e4.59.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow when the generated bundle contains paths that would leave the output directory (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6276\"\u003e#6276\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6275\"\u003e#6275\u003c/a\u003e: Validate bundle stays within output dir (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.58.0\u003c/h2\u003e\n\u003ch2\u003e4.58.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-20\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAlso support \u003ccode\u003e__NO_SIDE_EFFECTS__\u003c/code\u003e annotation before variable declarations declaring function expressions (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6272\"\u003e#6272\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6256\"\u003e#6256\u003c/a\u003e: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (\u003ca href=\"https://github.com/njg7194\"\u003e\u003ccode\u003e@​njg7194\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6259\"\u003e#6259\u003c/a\u003e: docs: Correct typo and improve sentence structure in docs for \u003ccode\u003eoutput.experimentalMinChunkSize\u003c/code\u003e (\u003ca href=\"https://github.com/millerick\"\u003e\u003ccode\u003e@​millerick\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6260\"\u003e#6260\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v47 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6261\"\u003e#6261\u003c/a\u003e: fix(deps): lock file maintenance minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6262\"\u003e#6262\u003c/a\u003e: Avoid unnecessary cloning of the code string (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6263\"\u003e#6263\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6265\"\u003e#6265\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6267\"\u003e#6267\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6268\"\u003e#6268\u003c/a\u003e: chore(deps): update dependency eslint-plugin-unicorn to v63 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6269\"\u003e#6269\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6270\"\u003e#6270\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6272\"\u003e#6272\u003c/a\u003e: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.57.1\u003c/h2\u003e\n\u003ch2\u003e4.57.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-01-30\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix heap corruption issue in Windows (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6251\"\u003e#6251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure exports of a dynamic import are fully included when called from a try...catch (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6254\"\u003e#6254\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6251\"\u003e#6251\u003c/a\u003e: fix: Isolate and cache \u003ccode\u003eprocess.report.getReport()\u003c/code\u003e calls in a child process for robust environment detection (\u003ca href=\"https://github.com/alan-agius4\"\u003e\u003ccode\u003e@​alan-agius4\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/blob/master/CHANGELOG.md\"\u003erollup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.59.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow when the generated bundle contains paths that would leave the output directory (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6276\"\u003e#6276\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6275\"\u003e#6275\u003c/a\u003e: Validate bundle stays within output dir (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.58.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-20\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAlso support \u003ccode\u003e__NO_SIDE_EFFECTS__\u003c/code\u003e annotation before variable declarations declaring function expressions (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6272\"\u003e#6272\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6256\"\u003e#6256\u003c/a\u003e: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (\u003ca href=\"https://github.com/njg7194\"\u003e\u003ccode\u003e@​njg7194\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6259\"\u003e#6259\u003c/a\u003e: docs: Correct typo and improve sentence structure in docs for \u003ccode\u003eoutput.experimentalMinChunkSize\u003c/code\u003e (\u003ca href=\"https://github.com/millerick\"\u003e\u003ccode\u003e@​millerick\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6260\"\u003e#6260\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v47 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6261\"\u003e#6261\u003c/a\u003e: fix(deps): lock file maintenance minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6262\"\u003e#6262\u003c/a\u003e: Avoid unnecessary cloning of the code string (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6263\"\u003e#6263\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6265\"\u003e#6265\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6267\"\u003e#6267\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6268\"\u003e#6268\u003c/a\u003e: chore(deps): update dependency eslint-plugin-unicorn to v63 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6269\"\u003e#6269\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6270\"\u003e#6270\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6272\"\u003e#6272\u003c/a\u003e: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.57.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-01-30\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix heap corruption issue in Windows (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6251\"\u003e#6251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure exports of a dynamic import are fully included when called from a try...catch (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6254\"\u003e#6254\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6251\"\u003e#6251\u003c/a\u003e: fix: Isolate and cache \u003ccode\u003eprocess.report.getReport()\u003c/code\u003e calls in a child process for robust environment detection (\u003ca href=\"https://github.com/alan-agius4\"\u003e\u003ccode\u003e@​alan-agius4\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6252\"\u003e#6252\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6253\"\u003e#6253\u003c/a\u003e: chore(deps): lock file maintenance minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6254\"\u003e#6254\u003c/a\u003e: Fully include dynamic imports in a try-catch (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/ae846957f109690a866cc3e4c073613c338d3476\"\u003e\u003ccode\u003eae84695\u003c/code\u003e\u003c/a\u003e 4.59.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/b39616e9175b3d9fc3977c99153174c490805a93\"\u003e\u003ccode\u003eb39616e\u003c/code\u003e\u003c/a\u003e Update audit-resolve\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/c60770d7aaf750e512c1b2774989ea4596e660b2\"\u003e\u003ccode\u003ec60770d\u003c/code\u003e\u003c/a\u003e Validate bundle stays within output dir (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6275\"\u003e#6275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/33f39c1f205ea2eadaf4b589e493453e2baa3662\"\u003e\u003ccode\u003e33f39c1\u003c/code\u003e\u003c/a\u003e 4.58.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/b61c40803b717854c1c28937e8098e5ad3c7b8ca\"\u003e\u003ccode\u003eb61c408\u003c/code\u003e\u003c/a\u003e forward NO_SIDE_EFFECTS annotations to function expressions in variable decla...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/7f00689ec90e2cafb11c26eefbcac62343c936f6\"\u003e\u003ccode\u003e7f00689\u003c/code\u003e\u003c/a\u003e Extend agent instructions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/e7b2b85af0901244ecc141b9d792c6db6b527ea4\"\u003e\u003ccode\u003ee7b2b85\u003c/code\u003e\u003c/a\u003e chore(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6270\"\u003e#6270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/2aa5da9baf82211b8207d268c8751630cb766970\"\u003e\u003ccode\u003e2aa5da9\u003c/code\u003e\u003c/a\u003e fix(deps): update minor/patch updates (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6267\"\u003e#6267\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/4319837c5448d0c10d89e9ded118888deec2eeec\"\u003e\u003ccode\u003e4319837\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6269\"\u003e#6269\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/c3b6b4bdc4f2ed978fa233132a526957e6513233\"\u003e\u003ccode\u003ec3b6b4b\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency eslint-plugin-unicorn to v63 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6268\"\u003e#6268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rollup/rollup/compare/v4.22.5...v4.59.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for rollup since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `samlify` from 2.10.0 to 2.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tngan/samlify/releases\"\u003esamlify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e from 0.8.11 to 0.8.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/603\"\u003etngan/samlify#603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e from 0.8.12 to 0.8.13 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/605\"\u003etngan/samlify#605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump postcss from 8.5.6 to 8.5.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/606\"\u003etngan/samlify#606\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: reject promises with Error instances, not raw strings (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/581\"\u003e#581\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/607\"\u003etngan/samlify#607\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support simpleSign binding for logout request/response (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/584\"\u003e#584\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/608\"\u003etngan/samlify#608\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: correct the parseResult example in saml-response (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/518\"\u003e#518\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/609\"\u003etngan/samlify#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify that wantMessageSigned and signatureConfig are SP options (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/516\"\u003e#516\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/610\"\u003etngan/samlify#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRFC-0001: introduce .skills/ and mandatory SAML 2.0 spec citation workflow by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/611\"\u003etngan/samlify#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: per-request relayState for login + logout (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/163\"\u003e#163\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/612\"\u003etngan/samlify#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esec: 2026-04 audit — patch vite, fix XXE bypass, reject unknown sig algs by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/613\"\u003etngan/samlify#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: omit AuthnRequest attributes whose value is null/undefined (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/455\"\u003e#455\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/614\"\u003etngan/samlify#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pass SessionIndex through createLogoutRequest (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/470\"\u003e#470\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/615\"\u003etngan/samlify#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: throw a clear error when redirect binding has no SSO/SLO endpoint (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/308\"\u003e#308\u003c/a\u003e \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/405\"\u003e#405\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/617\"\u003etngan/samlify#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: surface SP/IdP signing flags in ERR_METADATA_CONFLICT_REQUEST_SIGNED_FLAG (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/453\"\u003e#453\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/616\"\u003etngan/samlify#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: default signatureConfig for SP when wantMessageSigned is true (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/454\"\u003e#454\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/619\"\u003etngan/samlify#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: per-request ForceAuthn for createLoginRequest (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/359\"\u003e#359\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/618\"\u003etngan/samlify#618\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support tagPrefix.protocol and tagPrefix.assertion on IdP (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/388\"\u003e#388\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/620\"\u003etngan/samlify#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: invoke customTagReplacement even without explicit template (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/549\"\u003e#549\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/621\"\u003etngan/samlify#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support elementsOrder option on IdP metadata (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/429\"\u003e#429\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/622\"\u003etngan/samlify#622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support RSASSA-PSS signature algorithms (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/624\"\u003e#624\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/625\"\u003etngan/sa...\n\n_Description has been truncated_","html_url":"https://github.com/jeremiah9980/activepieces/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/jeremiah9980%2Factivepieces/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"4617834555","node_id":"PR_kwDOR0-1ec7kKPBF","number":7,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 12 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-09T01:02:33.000Z","updated_at":"2026-06-09T01:03:40.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":12,"packages":[{"name":"drizzle-orm","old_version":"0.45.1","new_version":"0.45.2","repository_url":"https://github.com/drizzle-team/drizzle-orm"},{"name":"fastify","old_version":"5.7.2","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"},{"name":"uuid","old_version":"13.0.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"yaml","old_version":"2.8.2","new_version":"2.9.0","repository_url":"https://github.com/eemeli/yaml"},{"name":"vite","old_version":"7.3.1","new_version":"7.3.2","repository_url":"https://github.com/vitejs/vite"},{"name":"vitest","old_version":"3.2.4","new_version":"3.2.6","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"ajv","old_version":"8.17.1","new_version":"8.20.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"fast-uri","old_version":"3.1.0","new_version":"3.1.2","repository_url":"https://github.com/fastify/fast-uri"},{"name":"picomatch","old_version":"4.0.3","new_version":"4.0.4","repository_url":"https://github.com/micromatch/picomatch"},{"name":"react-router","old_version":"7.13.0","new_version":"7.17.0","repository_url":"https://github.com/remix-run/react-router"},{"name":"rollup","old_version":"4.56.0","new_version":"4.61.1","repository_url":"https://github.com/rollup/rollup"},{"name":"ws","old_version":"8.19.0","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 12 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [drizzle-orm](https://github.com/drizzle-team/drizzle-orm) | `0.45.1` | `0.45.2` |\n| [fastify](https://github.com/fastify/fastify) | `5.7.2` | `5.8.5` |\n| [uuid](https://github.com/uuidjs/uuid) | `13.0.0` | `14.0.0` |\n| [yaml](https://github.com/eemeli/yaml) | `2.8.2` | `2.9.0` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `7.3.1` | `7.3.2` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `3.2.4` | `3.2.6` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.17.1` | `8.20.0` |\n| [fast-uri](https://github.com/fastify/fast-uri) | `3.1.0` | `3.1.2` |\n| [picomatch](https://github.com/micromatch/picomatch) | `4.0.3` | `4.0.4` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `7.13.0` | `7.17.0` |\n| [rollup](https://github.com/rollup/rollup) | `4.56.0` | `4.61.1` |\n| [ws](https://github.com/websockets/ws) | `8.19.0` | `8.21.0` |\n\n\nUpdates `drizzle-orm` from 0.45.1 to 0.45.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/drizzle-team/drizzle-orm/releases\"\u003edrizzle-orm's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.45.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003esql.identifier()\u003c/code\u003e, \u003ccode\u003esql.as()\u003c/code\u003e escaping issues. Previously all the values passed to this functions were not properly escaped\ncausing a possible SQL Injection (CWE-89) vulnerability\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/EthanKim88\"\u003e\u003ccode\u003e@​EthanKim88\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/0x90sh\"\u003e\u003ccode\u003e@​0x90sh\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/wgoodall01\"\u003e\u003ccode\u003e@​wgoodall01\u003c/code\u003e\u003c/a\u003e for reaching out to us with a reproduction and suggested fix\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/273c78071d4841b497f5144734b38294df7ec64b\"\u003e\u003ccode\u003e273c780\u003c/code\u003e\u003c/a\u003e + 0.45.2 (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5534\"\u003e#5534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/4aa6ecfee4b4728dadf6f77f071a149878a3c6c0\"\u003e\u003ccode\u003e4aa6ecf\u003c/code\u003e\u003c/a\u003e Kit updates (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5490\"\u003e#5490\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/e8e6edfef5ca69c6188d320388ad440265911057\"\u003e\u003ccode\u003ee8e6edf\u003c/code\u003e\u003c/a\u003e feat(drizzle-kit): support d1 via binding (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5302\"\u003e#5302\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/drizzle-team/drizzle-orm/compare/0.45.1...0.45.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.7.2 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.3\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-3635 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(readme): add \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e to plugin team by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6565\"\u003efastify/fastify#6565\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated Plugins-Guide.md; Changed \u0026quot;fastify\u0026quot; to \u0026quot;instance\u0026quot; during plugin registration to showcase that it's added as a child by \u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: use fastify.test in test case by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6568\"\u003efastify/fastify#6568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use fastify.example in documentation by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6567\"\u003efastify/fastify#6567\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add common performance degradation guidance by \u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(server): fix camelCase anchor links in TOC by \u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(link-checker): fix root-relative links resolution by \u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update syntax markdown, absolute paths and links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6569\"\u003efastify/fastify#6569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify content-type parser/schema mismatch is outside threat model by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6537\"\u003efastify/fastify#6537\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix incorrect code examples in Reply and Request reference by \u003ca href=\"https://github.com/mahmoodhamdi\"\u003e\u003ccode\u003e@​mahmoodhamdi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6582\"\u003efastify/fastify#6582\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: replace redirected npm.im http-errors link by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6588\"\u003efastify/fastify#6588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: Allow port to be null in request type definition by \u003ca href=\"https://github.com/TristanBarlow\"\u003e\u003ccode\u003e@​TristanBarlow\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6589\"\u003efastify/fastify#6589\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6593\"\u003efastify/fastify#6593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(lock-threads): use shared lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6592\"\u003efastify/fastify#6592\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3983cce8124714242099e8756a7a9a80a0ba0aea\"\u003e\u003ccode\u003e3983cce\u003c/code\u003e\u003c/a\u003e Bumped v5.8.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3ce3ae6752dbed672759856081af9cb1e2733105\"\u003e\u003ccode\u003e3ce3ae6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/b06a196b694c0c7aed53976cd77456f1ad7d4c9f\"\u003e\u003ccode\u003eb06a196\u003c/code\u003e\u003c/a\u003e docs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6610\"\u003e#6610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/909c5d5329536b0acc004da7649b3da8af9273b2\"\u003e\u003ccode\u003e909c5d5\u003c/code\u003e\u003c/a\u003e chore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6630\"\u003e#6630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/4db21a36ddb588acaebf5a4472ccb3b0d5fc9db0\"\u003e\u003ccode\u003e4db21a3\u003c/code\u003e\u003c/a\u003e chore: Bump borp from 0.21.0 to 1.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6633\"\u003e#6633\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/0f4e544c8acd7c42df347936e613a73cecc4f3fe\"\u003e\u003ccode\u003e0f4e544\u003c/code\u003e\u003c/a\u003e chore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6632\"\u003e#6632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/33a2fcd39de584713495bf4b3bd864137746f224\"\u003e\u003ccode\u003e33a2fcd\u003c/code\u003e\u003c/a\u003e chore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6629\"\u003e#6629\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/fd35d829a8cd496a3c1170c0c1c021130e3ca0e8\"\u003e\u003ccode\u003efd35d82\u003c/code\u003e\u003c/a\u003e ci: reduce cron schedules from daily/weekly to monthly (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6623\"\u003e#6623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/8dee9be05ebf683cd212aeff1d294f6ea1ec405c\"\u003e\u003ccode\u003e8dee9be\u003c/code\u003e\u003c/a\u003e fix: restore trustProxy function for number and string types, add null check ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/d457aeda8611777389c7e4713a288eb7ddb9a389\"\u003e\u003ccode\u003ed457aed\u003c/code\u003e\u003c/a\u003e chore: upgrade to typescript v6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6605\"\u003e#6605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify/compare/v5.7.2...v5.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 13.0.0 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `yaml` from 2.8.2 to 2.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eemeli/yaml/releases\"\u003eyaml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.9.0\u003c/h2\u003e\n\u003cp\u003eThe changes here are really only patches, but I'm releasing this as a minor version to note a small change to the documentation of \u003ccode\u003eparseDocument()\u003c/code\u003e and \u003ccode\u003eparseAllDocuments()\u003c/code\u003e: I've removed the claim that they'll \u0026quot;never throw\u0026quot;.\u003c/p\u003e\n\u003cp\u003eIt remains the case that practically all non-malicious inputs will be handled without emitting an error, but there is a decent chance that code paths remain where e.g. a RangeError due to call stack exhaustion can be triggered by malicious inputs. Up to now, I've considered these as security vulnerabilities, and in fact it's the only category of error for which \u003ccode\u003eyaml\u003c/code\u003e CVEs have been issued so far.\u003c/p\u003e\n\u003cp\u003eStarting from this release, I'll be considering such errors as bugs, but not vulnerabilities. I do welcome people and/or LLMs looking for them, but please report them as normal issues rather than suspected security vulnerabilities. This also applies to previously undiscovered bugs in earlier releases.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: Avoid calling \u003ccode\u003eArray.prototype.push.apply()\u003c/code\u003e with large source array\u003c/li\u003e\n\u003cli\u003efix(lexer): Avoid recursive calls that may exhaust the call stack\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.8.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDisable alias resolution with \u003ccode\u003emaxAliasCount:0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle invalid unicode escapes (e1a1a77)\u003c/li\u003e\n\u003cli\u003eApply \u003ccode\u003eminFractionDigits\u003c/code\u003e only to decimal strings (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/676\"\u003e#676\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.8.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003etrailingComma\u003c/code\u003e ToString option for multiline flow formatting (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCatch stack overflow during node composition (1e84ebb)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/ddb21b04cb889722cec8f89dc1b67f19d62d7f7d\"\u003e\u003ccode\u003eddb21b0\u003c/code\u003e\u003c/a\u003e 2.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/167365befdae1f03d53d47a8c6533140a9d48a75\"\u003e\u003ccode\u003e167365b\u003c/code\u003e\u003c/a\u003e docs: Clarify that not all errors can be avoided\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/6eca2a7087548f86c4edb6a7cf2cdfe548759f06\"\u003e\u003ccode\u003e6eca2a7\u003c/code\u003e\u003c/a\u003e fix: Avoid calling Array.prototype.push.apply() with large source array\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/0543cd57fd61ea15a58e9f0ec2064b8b408177d8\"\u003e\u003ccode\u003e0543cd5\u003c/code\u003e\u003c/a\u003e fix(lexer): Avoid recursive calls that may exhaust the call stack\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/ccdf7439587544f64223429498a1d9ec514eaac1\"\u003e\u003ccode\u003eccdf743\u003c/code\u003e\u003c/a\u003e 2.8.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/f625789dbd971c936ff66fe5c49e368062ae7b41\"\u003e\u003ccode\u003ef625789\u003c/code\u003e\u003c/a\u003e fix: Disable alias resolution with maxAliasCount:0 (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/e1a1a7735ff2e9717b87af36795bcd280f85f55d\"\u003e\u003ccode\u003ee1a1a77\u003c/code\u003e\u003c/a\u003e fix: Handle invalid unicode escapes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/a163ea009c57ab9f1054ca39b24b6ef4c1e9fdbe\"\u003e\u003ccode\u003ea163ea0\u003c/code\u003e\u003c/a\u003e style: Satify Prettier\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/b2a5a6c615673056917aaa04d657802945e81425\"\u003e\u003ccode\u003eb2a5a6c\u003c/code\u003e\u003c/a\u003e fix: Apply minFractionDigits only to decimal strings (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/676\"\u003e#676\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/93c951b3478b4bb061d7b5227fd64f46d3f9df7f\"\u003e\u003ccode\u003e93c951b\u003c/code\u003e\u003c/a\u003e chore: Bump JSR version to v2.8.3 (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eemeli/yaml/compare/v2.8.2...v2.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 7.3.1 to 7.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.1...v7.3.2\"\u003e7.3.2\u003c/a\u003e (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e09d8c90\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebackport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22162\"\u003e#22162\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e19db0f2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echeck \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22160\"\u003e#22160\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003ef8103cc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cc383e07b66d4c5a9768fcb570e0af812cb8d999\"\u003e\u003ccode\u003ecc383e0\u003c/code\u003e\u003c/a\u003e release: v7.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e\u003ccode\u003e09d8c90\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003e\u003ccode\u003ef8103cc\u003c/code\u003e\u003c/a\u003e fix: check \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22160\"\u003e#22160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e\u003ccode\u003e19db0f2\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22162\"\u003e#22162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vitejs/vite/commits/v7.3.2/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 3.2.4 to 3.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.6\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePin last supported vite-node version  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/16f120d05\"\u003e\u003c!-- raw HTML omitted --\u003e(16f12)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.5...v3.2.6\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev3.2.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Add \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e [backport to v3]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10445\"\u003evitest-dev/vitest#10445\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/af88b1f5d\"\u003e\u003c!-- raw HTML omitted --\u003e(af88b)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v3]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10456\"\u003evitest-dev/vitest#10456\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/385a1aefd\"\u003e\u003c!-- raw HTML omitted --\u003e(385a1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.4...v3.2.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/b6d56f8171ae814ee7571df63a35a0da5203dbaa\"\u003e\u003ccode\u003eb6d56f8\u003c/code\u003e\u003c/a\u003e chore: release v3.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/16f120d0585677f6a32bcb3dd01fa61c140e2588\"\u003e\u003ccode\u003e16f120d\u003c/code\u003e\u003c/a\u003e fix: pin last supported vite-node version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/2cbad0a923c48c6144266df3cd25f93547cb5221\"\u003e\u003ccode\u003e2cbad0a\u003c/code\u003e\u003c/a\u003e chore: release v3.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/385a1aefd4c2bfa5e7d58bf7c6834c929969f2c7\"\u003e\u003ccode\u003e385a1ae\u003c/code\u003e\u003c/a\u003e fix(browser): disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/af88b1f5d82844a4761ea9a977156c98e2b14ca8\"\u003e\u003ccode\u003eaf88b1f\u003c/code\u003e\u003c/a\u003e feat(api): add \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e [backport to v3]...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v3.2.6/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for vitest since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 8.17.1 to 8.20.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ajv-validator/ajv/releases\"\u003eajv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.20.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add support for node 22/24, drop node 16/21 by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2580\"\u003eajv-validator/ajv#2580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: add ES2022.RegExp for RegExpIndicesArray by \u003ca href=\"https://github.com/SignpostMarv\"\u003e\u003ccode\u003e@​SignpostMarv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2604\"\u003eajv-validator/ajv#2604\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.19.0...v8.20.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.19.0...v8.20.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix prototype pollution via format keyword using $data ref by \u003ca href=\"https://github.com/epoberezkin\"\u003e\u003ccode\u003e@​epoberezkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2607\"\u003eajv-validator/ajv#2607\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.18.0...v8.19.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.18.0...v8.19.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow tree-shaking by adding \u003ccode\u003e\u0026quot;sideEffects\u0026quot;: false\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e by \u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2487\"\u003eajv-validator/ajv#2487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: small grammatical error in managing-schemas.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: typos in schema-language.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2507\"\u003eajv-validator/ajv#2507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(pattern): use configured RegExp engine with $data keyword to mitigate ReDoS attacks (CVE-2025-69873) by \u003ca href=\"https://github.com/epoberezkin\"\u003e\u003ccode\u003e@​epoberezkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2586\"\u003eajv-validator/ajv#2586\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/0fba0b8e649909613cfce0999b149cd08f4a4987\"\u003e\u003ccode\u003e0fba0b8\u003c/code\u003e\u003c/a\u003e 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/9caf8d64409b05e2c670b3ff09cf7ca07937342e\"\u003e\u003ccode\u003e9caf8d6\u003c/code\u003e\u003c/a\u003e fix: add ES2022.RegExp for RegExpIndicesArray; fixes \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2603\"\u003eajv-validator/ajv#2603\u003c/a\u003e (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/206535071f776f57737394c8896d4b2dc2bfb9a3\"\u003e\u003ccode\u003e2065350\u003c/code\u003e\u003c/a\u003e fix: add support for node 22/24, drop node 16/21 (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2580\"\u003e#2580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/154b58d690c6596e09ca676e12720ab8234ee3d2\"\u003e\u003ccode\u003e154b58d\u003c/code\u003e\u003c/a\u003e 8.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e8d2bdc501b3ba6f03922db5e595770d4763d9da\"\u003e\u003ccode\u003ee8d2bdc\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2607\"\u003e#2607\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/142ce84b807c4fe66e619c22480a28d0e4bd50fa\"\u003e\u003ccode\u003e142ce84\u003c/code\u003e\u003c/a\u003e 8.18.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/720a23fa453ffae8340e92c9b0fe886c54cfe0d5\"\u003e\u003ccode\u003e720a23f\u003c/code\u003e\u003c/a\u003e fix(pattern): use configured RegExp engine with $data keyword to mitigate ReD...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/82735a15826a30cc51e97a1bbfb59b3d388e4b98\"\u003e\u003ccode\u003e82735a1\u003c/code\u003e\u003c/a\u003e fix: typos in schema-language.md (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2507\"\u003e#2507\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b17ec32cd97542e90ae27231d8a8bce88b9e53b6\"\u003e\u003ccode\u003eb17ec32\u003c/code\u003e\u003c/a\u003e fix: small grammatical error in managing-schemas.md (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2508\"\u003e#2508\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/69568d08564303e2c32a2de61feb833b41075f96\"\u003e\u003ccode\u003e69568d0\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-uri` from 3.1.0 to 3.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fast-uri/releases\"\u003efast-uri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.2\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc\"\u003ehttps://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHandle malformed fragment decoding as a parse error by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/171\"\u003efastify/fast-uri#171\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2\"\u003ehttps://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6\"\u003ehttps://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump tsd from 0.32.0 to 0.33.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/148\"\u003efastify/fast-uri#148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/149\"\u003efastify/fast-uri#149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(.npmrc): ignore scripts by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/150\"\u003efastify/fast-uri#150\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): remove \u003ccode\u003e@​fastify/pre-commit\u003c/code\u003e by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/151\"\u003efastify/fast-uri#151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/152\"\u003efastify/fast-uri#152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): add concurrency config by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/153\"\u003efastify/fast-uri#153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/154\"\u003efastify/fast-uri#154\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/156\"\u003efastify/fast-uri#156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/159\"\u003efastify/fast-uri#159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/161\"\u003efastify/fast-uri#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: remove unused github files by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/162\"\u003efastify/fast-uri#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update readme by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/164\"\u003efastify/fast-uri#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-manager.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/165\"\u003efastify/fast-uri#165\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/166\"\u003efastify/fast-uri#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/167\"\u003efastify/fast-uri#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/169\"\u003efastify/fast-uri#169\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/162\"\u003efastify/fast-uri#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.1\"\u003ehttps://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/919dd8ea7689fcc220d0d9b71307f5095e723ef9\"\u003e\u003ccode\u003e919dd8e\u003c/code\u003e\u003c/a\u003e Bumped v3.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/c65ba573714af6b8e19e481d9444c27bc4355d07\"\u003e\u003ccode\u003ec65ba57\u003c/code\u003e\u003c/a\u003e fixup: linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/6c86c17c3d76fb93aa3700ec6c0fa00faeb97293\"\u003e\u003ccode\u003e6c86c17\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/a95158ad308df4d92bbde4eba699ce5165e9f796\"\u003e\u003ccode\u003ea95158a\u003c/code\u003e\u003c/a\u003e Handle malformed fragment decoding without throwing (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/171\"\u003e#171\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/cea547c91c6aae610041b17b75792ca4aa035a6d\"\u003e\u003ccode\u003ecea547c\u003c/code\u003e\u003c/a\u003e Bumped v3.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/876ce79b662c3e5015e4e7dffe6f37752ad34f35\"\u003e\u003ccode\u003e876ce79\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/dcdf690b71a7bb3a19887ada65a9ab160d83bcc0\"\u003e\u003ccode\u003edcdf690\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/169\"\u003e#169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/c860e6589b1ac346f66e114b4eadb9613768108c\"\u003e\u003ccode\u003ec860e65\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/167\"\u003e#167\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/9b4c6dc82fde0ca44e674403ece9185d85bb6d5f\"\u003e\u003ccode\u003e9b4c6dc\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/166\"\u003e#166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/85d09a9f7aa76b32c2bb005a90a71e144c361d24\"\u003e\u003ccode\u003e85d09a9\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-mana...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 4.0.3 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.0.4\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\"\u003ehttps://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e5474fc1a4d7991870058170407dda8a42be5334\"\u003e\u003ccode\u003ee5474fc\u003c/code\u003e\u003c/a\u003e Publish 4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903\"\u003e\u003ccode\u003e4516eb5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d\"\u003e\u003ccode\u003e5eceecd\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/0db7dd70651ca7c8265601c0442a996ed32e3238\"\u003e\u003ccode\u003e0db7dd7\u003c/code\u003e\u003c/a\u003e Run benchmark again against latest minimatch version (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/161\"\u003e#161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/95003777eb1c60dec09495a8231fa2ba4054d76a\"\u003e\u003ccode\u003e9500377\u003c/code\u003e\u003c/a\u003e docs: clarify what brace expansion syntax is and isn't supported (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/2661f23eca86c8b4a2b14815b9b2b3b74bd5a171\"\u003e\u003ccode\u003e2661f23\u003c/code\u003e\u003c/a\u003e fix typo in globstars.js test name (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/138\"\u003e#138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/1798b07e9df59500b9cf567294d44d559032f4c7\"\u003e\u003ccode\u003e1798b07\u003c/code\u003e\u003c/a\u003e docs: fix \u003ccode\u003emakeRe\u003c/code\u003e example (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/9d76bc57a03b7f57cc4ca516c8071daf632bafd8\"\u003e\u003ccode\u003e9d76bc5\u003c/code\u003e\u003c/a\u003e chore: undocument removed options (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e4d718bbfb47e4f030ab2612b5b04a9297fe272d\"\u003e\u003ccode\u003ee4d718b\u003c/code\u003e\u003c/a\u003e Remove unused time-require (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/38dffeb16221cc8eb8981524fb6895dd2aaaba76\"\u003e\u003ccode\u003e38dffeb\u003c/code\u003e\u003c/a\u003e chore(deps): pin dependencies (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/158\"\u003e#158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-router` from 7.13.0 to 7.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/releases\"\u003ereact-router's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.17.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7170\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7170\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.16.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7160\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7160\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.15.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7151\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7151\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.15.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7150\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7150\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.14.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7142\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7142\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.14.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7141\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7141\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.14.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7140\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7140\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.13.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7132\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7132\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.13.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7131\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7131\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/blob/main/packages/react-router/CHANGELOG.md\"\u003ereact-router's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.17.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eShip a subset of the official documentation inside the \u003ccode\u003ereact-router\u003c/code\u003e package (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15121\"\u003e#15121\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eMarkdown docs are now available in \u003ccode\u003enode_modules/react-router/docs\u003c/code\u003e, letting AI coding agents and the React Router agent skills read official docs locally\u003c/li\u003e\n\u003cli\u003eExcludes auto-generated API docs (\u003ccode\u003eapi/\u003c/code\u003e), \u003ccode\u003ecommunity/\u003c/code\u003e content, and tutorials (\u003ccode\u003etutorials/\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.16.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStabilize \u003ccode\u003efuture.unstable_trailingSlashAwareDataRequests\u003c/code\u003e as \u003ccode\u003efuture.v8_trailingSlashAwareDataRequests\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15098\"\u003e#15098\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisable manifest path when lazy route dicovery is disabled (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15068\"\u003e#15068\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix browser URL creation to use the configured history window instead of the global window. (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15066\"\u003e#15066\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePass the history/router window through to \u003ccode\u003ecreateBrowserURLImpl\u003c/code\u003e so custom window contexts keep the correct URL origin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003euseNavigation()\u003c/code\u003e return type to preserve discriminated union across navigation states (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15095\"\u003e#15095\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eWiden \u003ccode\u003eMetaDescriptor\u003c/code\u003e \u003ccode\u003escript:ld+json\u003c/code\u003e type from \u003ccode\u003eLdJsonObject\u003c/code\u003e to \u003ccode\u003eLdJsonObject | LdJsonObject[]\u003c/code\u003e to permit multiple JSON-LD schemas in a single \u003ccode\u003e\u0026lt;script type=\u0026quot;application/ld+json\u0026quot;\u0026gt;\u003c/code\u003e tag emitted by \u003ccode\u003e\u0026lt;Meta /\u0026gt;\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15082\"\u003e#15082\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.15.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate router to operate on fetcher Maps in an immutable manner to avoid delayed React renders from potentially reading an updated but not yet committed Map. This could result in brief flickers in some fetcher-driven optimistic UI scenarios. (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15028\"\u003e#15028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eserverLoader()\u003c/code\u003e returning stale SSR data when a client navigation aborts pending hydration before the hydration \u003ccode\u003eclientLoader\u003c/code\u003e resolves (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15022\"\u003e#15022\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eRouterProvider\u003c/code\u003e \u003ccode\u003eonError\u003c/code\u003e callback not being called for synchronous initial loader errors in SPA mode (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15039\"\u003e#15039\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/14942\"\u003e#14942\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMemoize \u003ccode\u003euseFetchers\u003c/code\u003e to return a stable identity and only change if fetchers changed (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15028\"\u003e#15028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInternal refactor to consolidate mutation request detection through shared utility (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15033\"\u003e#15033\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eUnstable Changes\u003c/h3\u003e\n\u003cp\u003e⚠️ \u003cem\u003e\u003ca href=\"https://reactrouter.com/community/api-development-strategy#unstable-flags\"\u003eUnstable features\u003c/a\u003e are not recommended for production use\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a new \u003ccode\u003eunstable_useRouterState()\u003c/code\u003e hook that consolidates access to active and pending router states (RFC: \u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/12358\"\u003e#12358\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15017\"\u003e#15017\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eData/Framework/RSC only — throws when used without a data router\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThis should allow you to consolidate usages of the following hooks which will likely be deprecated and removed in a future major version\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003euseLocation\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseSearchParams\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseParams\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseMatches\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseNavigationType\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseNavigation\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/195a0d03c1417127ccee73853058c8521beb4fce\"\u003e\u003ccode\u003e195a0d0\u003c/code\u003e\u003c/a\u003e Release v7.17.0 (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15145\"\u003e#15145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/963affeb924f2256bd20c0c5c87e4c4b4fcbd188\"\u003e\u003ccode\u003e963affe\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/97ef91d6f97e883d2d830fd1aef35ed3ae55e3a1\"\u003e\u003ccode\u003e97ef91d\u003c/code\u003e\u003c/a\u003e chore: format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/c509c160d4258961ca0156ec083e35f3cf2bf97e\"\u003e\u003ccode\u003ec509c16\u003c/code\u003e\u003c/a\u003e Publish React Router docs in package (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15121\"\u003e#15121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/508d667460a3efd4b937cb67ca79494ea78960c4\"\u003e\u003ccode\u003e508d667\u003c/code\u003e\u003c/a\u003e docs: fix documentation accuracy issues (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15128\"\u003e#15128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/4099277ed68056bf480a4e0988b5a3bc685538cd\"\u003e\u003ccode\u003e4099277\u003c/code\u003e\u003c/a\u003e chore: format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/582035467f34645521a2b272c3ec52906a495da4\"\u003e\u003ccode\u003e5820354\u003c/code\u003e\u003c/a\u003e chore: format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/8984d23f86ca7ae5655711744b77816090bda4e6\"\u003e\u003ccode\u003e8984d23\u003c/code\u003e\u003c/a\u003e Release v7.16.0 (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15105\"\u003e#15105\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/d71025d9b86854180c995cb36fd3d28f58c459bf\"\u003e\u003ccode\u003ed71025d\u003c/code\u003e\u003c/a\u003e Stabilize trailing slash aware data requests (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15098\"\u003e#15098\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/6e21b638e1e692eaf19a8ff98ec05d28d5b23c70\"\u003e\u003ccode\u003e6e21b63\u003c/code\u003e\u003c/a\u003e fix: keep useNavigation() return type a discriminated union (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15095\"\u003e#15095\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/remix-run/react-router/commits/react-router@7.17.0/packages/react-router\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rollup` from 4.56.0 to 4.61.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/releases\"\u003erollup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.61.1\u003c/h2\u003e\n\u003ch2\u003e4.61.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-06-04\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid extraneous newlines when adding headers via plugins (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6403\"\u003e#6403\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a rare issue where starting Rollup would hang on Windows (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6404\"\u003e#6404\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6402\"\u003e#6402\u003c/a\u003e: Improve documentation for manualPureFunctions (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6403\"\u003e#6403\u003c/a\u003e: Does not add an extra leading line feed for addons (\u003ca href=\"https://github.com/TrickyPi\"\u003e\u003ccode\u003e@​TrickyPi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6404\"\u003e#6404\u003c/a\u003e: fix: set report.excludeNetwork=true before getReport() to avoid blocking PTR lookups (\u003ca href=\"https://github.com/jdz321\"\u003e\u003ccode\u003e@​jdz321\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.61.0\u003c/h2\u003e\n\u003ch2\u003e4.61.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-06-01\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSort entry modules to make chunk hashes deterministic (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6391\"\u003e#6391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6376\"\u003e#6376\u003c/a\u003e: Eliminate AWS credential exposure on fork PRs in REPL artefact workflow (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6378\"\u003e#6378\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6379\"\u003e#6379\u003c/a\u003e: chore(deps): update dependency lint-staged to v17 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6380\"\u003e#6380\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6381\"\u003e#6381\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6382\"\u003e#6382\u003c/a\u003e: chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to ^20.19.41 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6386\"\u003e#6386\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6387\"\u003e#6387\u003c/a\u003e: chore(deps): update aws-actions/configure-aws-credentials action to v6 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6388\"\u003e#6388\u003c/a\u003e: fix(deps): update swc monorepo (major) (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6389\"\u003e#6389\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6391\"\u003e#6391\u003c/a\u003e: Sort entry modules to make chunk hash names deterministic (\u003ca href=\"https://github.com/TrickyPi\"\u003e\u003ccode\u003e@​TrickyPi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6394\"\u003e#6394\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6395\"\u003e#6395\u003c/a\u003e: chore(deps): update react monorepo to v19 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6396\"\u003e#6396\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v57 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6397\"\u003e#6397\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6400\"\u003e#6400\u003c/a\u003e: docs: fix broken links (\u003ca href=\"https://github.com/jiyujie2006\"\u003e\u003ccode\u003e@​jiyujie2006\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.60.4\u003c/h2\u003e\n\u003ch2\u003e4.60.4\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-05-14\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/blob/master/CHANGELOG.md\"\u003erollup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.61.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-06-04\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid extraneous newlines when adding headers via plugins (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6403\"\u003e#6403\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a rare issue where starting Rollup would hang on Windows (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6404\"\u003e#6404\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6402\"\u003e#6402\u003c/a\u003e: Improve documentation for manualPureFunctions (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6403\"\u003e#6403\u003c/a\u003e: Does not add an extra leading line feed for addons (\u003ca href=\"https://github.com/TrickyPi\"\u003e\u003ccode\u003e@​TrickyPi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6404\"\u003e#6404\u003c/a\u003e: fix: set report.excludeNetwork=true before getReport() to avoid blocking PTR lookups (\u003ca href=\"https://github.com/jdz321\"\u003e\u003ccode\u003e@​jdz321\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.61.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-06-01\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSort entry modules to make chunk hashes deterministic (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6391\"\u003e#6391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6376\"\u003e#6376\u003c/a\u003e: Eliminate AWS credential exposure on fork PRs in REPL artefact workflow (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6378\"\u003e#6378\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6379\"\u003e#6379\u003c/a\u003e: chore(deps): update dependency lint-staged to v17 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6380\"\u003e#6380\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6381\"\u003e#6381\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6382\"\u003e#6382\u003c/a\u003e: chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to ^20.19.41 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6386\"\u003e#6386\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6387\"\u003e#6387\u003c/a\u003e: chore(deps): update aws-actions/configure-aws-credentials action to v6 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6388\"\u003e#6388\u003c/a\u003e: fix(deps): update swc monorepo (major) (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6389\"\u003e#6389\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6391\"\u003e#6391\u003c/a\u003e: Sort entry modules to make chunk hash names deterministic (\u003ca href=\"https://github.com/TrickyPi\"\u003e\u003ccode\u003e@​TrickyPi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6394\"\u003e#6394\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6395\"\u003e#6395\u003c/a\u003e: chore(deps): update react monorepo to v19 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6396\"\u003e#6396\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v57 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6397\"\u003e#6397\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6400\"\u003e#6400\u003c/a\u003e: docs: fix broken links (\u003ca href=\"https://github.com/jiyujie2006\"\u003e\u003ccode\u003e@​jiyujie2006\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.60.4\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-05-14\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImprove stability of chunk hashes (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6362\"\u003e#6362\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/...\n\n_Description has been truncated_\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nBump backend and frontend dependencies to address recent security advisories and keep tooling current. Notable updates include `fastify` security fixes, safer SQL identifier escaping in `drizzle-orm`, and `uuid` v14 (Node 20+).\n\n- **Dependencies**\n  - Security: `fastify@5.8.5`, `fast-uri@3.1.2`, `picomatch@4.0.4`, `vite@7.3.2`.\n  - Backend: `drizzle-orm@0.45.2` (fixes identifier escaping), `uuid@14.0.0`, `yaml@2.9.0`, `ws@8.21.0`.\n  - Frontend: `react-router-dom@7.17.0` (and `react-router@7.17.0`).\n  - Tooling: `vitest@3.2.6`, `rollup@4.61.1`.\n\n- **Migration**\n  - Ensure Node 20+ in all environments due to `uuid@14` expecting global `crypto`.\n\n\u003csup\u003eWritten for commit fe1ed5f601f56ae36b7a11043f7af703d8e76d6c. Summary will update on new commits.\u003c/sup\u003e\n\n\u003ca href=\"https://cubic.dev/pr/Prekzursil/ralph-orchestrator/pull/7?utm_source=github\" target=\"_blank\" rel=\"noopener noreferrer\" data-no-image-dialog=\"true\"\u003e\u003cpicture\u003e\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-light.svg\"\u003e\u003cimg alt=\"Review in cubic\" src=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003c/picture\u003e\u003c/a\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n","html_url":"https://github.com/Prekzursil/ralph-orchestrator/pull/7","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Prekzursil%2Fralph-orchestrator/issues/7","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7/packages"},{"uuid":"4617440918","node_id":"PR_kwDOP1uBys7kI8Na","number":10,"state":"open","title":"Bump the npm_and_yarn group across 2 directories with 13 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-08T23:42:18.000Z","updated_at":"2026-06-08T23:43:08.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":13,"packages":[{"name":"@react-router/node","old_version":"7.9.1","new_version":"7.9.4","repository_url":"https://github.com/remix-run/react-router"},{"name":"ajv","old_version":"8.17.1","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"react-router","old_version":"7.9.1","new_version":"7.15.0","repository_url":"https://github.com/remix-run/react-router"},{"name":"smol-toml","old_version":"1.4.1","new_version":"1.6.1","repository_url":"https://github.com/squirrelchat/smol-toml"},{"name":"uuid","old_version":"11.1.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"playwright","old_version":"1.53.2","new_version":"1.55.1","repository_url":"https://github.com/microsoft/playwright"},{"name":"storybook","old_version":"9.1.1","new_version":"9.1.19","repository_url":"https://github.com/storybookjs/storybook"},{"name":"vite","old_version":"6.3.6","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"vitest","old_version":"3.2.4","new_version":"3.2.6","repository_url":"https://github.com/vitest-dev/vitest"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 9 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@react-router/node](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node) | `7.9.1` | `7.9.4` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.17.1` | `8.18.0` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `7.9.1` | `7.15.0` |\n| [smol-toml](https://github.com/squirrelchat/smol-toml) | `1.4.1` | `1.6.1` |\n| [uuid](https://github.com/uuidjs/uuid) | `11.1.0` | `14.0.0` |\n| [playwright](https://github.com/microsoft/playwright) | `1.53.2` | `1.55.1` |\n| [storybook](https://github.com/storybookjs/storybook/tree/HEAD/code/core) | `9.1.1` | `9.1.19` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.3.6` | `6.4.2` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `3.2.4` | `3.2.6` |\n\nBumps the npm_and_yarn group with 8 updates in the /ui directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@react-router/node](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node) | `7.5.0` | `7.9.4` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.17.1` | `8.18.0` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `7.5.2` | `7.15.0` |\n| [smol-toml](https://github.com/squirrelchat/smol-toml) | `1.3.1` | `1.6.1` |\n| [uuid](https://github.com/uuidjs/uuid) | `11.1.0` | `14.0.0` |\n| [playwright](https://github.com/microsoft/playwright) | `1.51.1` | `1.55.1` |\n| [storybook](https://github.com/storybookjs/storybook/tree/HEAD/code/core) | `8.6.12` | `8.6.17` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.2.7` | `6.4.2` |\n\n\nUpdates `@react-router/node` from 7.9.1 to 7.9.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/releases\"\u003e@​react-router/node's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.9.4\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v794\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v794\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.9.3\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v793\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v793\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.9.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v792\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v792\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/blob/main/packages/react-router-node/CHANGELOG.md\"\u003e@​react-router/node's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.9.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eValidate format of incoming session ids in \u003ccode\u003ecreateFileSessionStorage\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/14426\"\u003e#14426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ereact-router@7.9.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.9.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ereact-router@7.9.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.9.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ereact-router@7.9.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/e650acfa72280373471b329931f024d9445f2925\"\u003e\u003ccode\u003ee650acf\u003c/code\u003e\u003c/a\u003e chore: Update version for release (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node/issues/14431\"\u003e#14431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/7a2271e916e50427d726ac976b188c9e1aebc48c\"\u003e\u003ccode\u003e7a2271e\u003c/code\u003e\u003c/a\u003e chore: Update version for release (pre) (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node/issues/14427\"\u003e#14427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/6ff0bb35db54535b3436375784fd40225a3664c2\"\u003e\u003ccode\u003e6ff0bb3\u003c/code\u003e\u003c/a\u003e Add some validation for session IDs (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node/issues/14426\"\u003e#14426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/4ec4999206e18244e44d7f9fab65a0a2f56c969f\"\u003e\u003ccode\u003e4ec4999\u003c/code\u003e\u003c/a\u003e chore: format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/12a6719354315b0e6847475bd802098ccfe7d56a\"\u003e\u003ccode\u003e12a6719\u003c/code\u003e\u003c/a\u003e chore: Update version for release (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node/issues/14395\"\u003e#14395\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/b6c49ecb0a6a057fbdba0ecdf7e6e6fbc56911e4\"\u003e\u003ccode\u003eb6c49ec\u003c/code\u003e\u003c/a\u003e chore: Update version for release (pre) (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node/issues/14394\"\u003e#14394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/eebd2e8e133c2ff3ada78706ffd2f2a9e6bae9dc\"\u003e\u003ccode\u003eeebd2e8\u003c/code\u003e\u003c/a\u003e chore: format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/8d7ed4dd8a06384f560bcf57a0fa0b1dc4736916\"\u003e\u003ccode\u003e8d7ed4d\u003c/code\u003e\u003c/a\u003e chore: Update version for release (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node/issues/14386\"\u003e#14386\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/a3696320b6e6cd82aef43665b40113b3edc9cfe7\"\u003e\u003ccode\u003ea369632\u003c/code\u003e\u003c/a\u003e chore: Update version for release (pre) (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node/issues/14384\"\u003e#14384\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/f2298c3b4fb22f8b22e23ec73b2285ca3a27e5dd\"\u003e\u003ccode\u003ef2298c3\u003c/code\u003e\u003c/a\u003e chore: Update version for release (pre) (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node/issues/14375\"\u003e#14375\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/remix-run/react-router/commits/@react-router/node@7.9.4/packages/react-router-node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 8.17.1 to 8.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ajv-validator/ajv/releases\"\u003eajv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow tree-shaking by adding \u003ccode\u003e\u0026quot;sideEffects\u0026quot;: false\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e by \u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2487\"\u003eajv-validator/ajv#2487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: small grammatical error in managing-schemas.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: typos in schema-language.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2507\"\u003eajv-validator/ajv#2507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(pattern): use configured RegExp engine with $data keyword to mitigate ReDoS attacks (CVE-2025-69873) by \u003ca href=\"https://github.com/epoberezkin\"\u003e\u003ccode\u003e@​epoberezkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2586\"\u003eajv-validator/ajv#2586\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/142ce84b807c4fe66e619c22480a28d0e4bd50fa\"\u003e\u003ccode\u003e142ce84\u003c/code\u003e\u003c/a\u003e 8.18.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/720a23fa453ffae8340e92c9b0fe886c54cfe0d5\"\u003e\u003ccode\u003e720a23f\u003c/code\u003e\u003c/a\u003e fix(pattern): use configured RegExp engine with $data keyword to mitigate ReD...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/82735a15826a30cc51e97a1bbfb59b3d388e4b98\"\u003e\u003ccode\u003e82735a1\u003c/code\u003e\u003c/a\u003e fix: typos in schema-language.md (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2507\"\u003e#2507\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b17ec32cd97542e90ae27231d8a8bce88b9e53b6\"\u003e\u003ccode\u003eb17ec32\u003c/code\u003e\u003c/a\u003e fix: small grammatical error in managing-schemas.md (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2508\"\u003e#2508\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/69568d08564303e2c32a2de61feb833b41075f96\"\u003e\u003ccode\u003e69568d0\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/f06766f33ed7291f84c19f22a1286a34475fbdaf\"\u003e\u003ccode\u003ef06766f\u003c/code\u003e\u003c/a\u003e feat: allow tree-shaking by adding ``\u0026quot;sideEffects\u0026quot;: false\u003ccode\u003eto\u003c/code\u003epackage.json` ...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-router` from 7.9.1 to 7.15.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/releases\"\u003ereact-router's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.15.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7150\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7150\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.14.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7142\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7142\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.14.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7141\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7141\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.14.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7140\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7140\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.13.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7132\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7132\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.13.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7131\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7131\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.13.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7130\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7130\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.12.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7120\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7120\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.11.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7110\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7110\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.10.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7101\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7101\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.10.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7100\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7100\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.9.6\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v796\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v796\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.9.5\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v795\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v795\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.9.4\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v794\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v794\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.9.3\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v793\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v793\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.9.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v792\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v792\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/blob/main/packages/react-router/CHANGELOG.md\"\u003ereact-router's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.15.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eStabilize \u003ccode\u003eunstable_defaultShouldRevalidate\u003c/code\u003e as \u003ccode\u003edefaultShouldRevalidate\u003c/code\u003e on \u003ccode\u003e\u0026lt;Link\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;Form\u0026gt;\u003c/code\u003e, \u003ccode\u003euseLinkClickHandler\u003c/code\u003e, \u003ccode\u003euseSubmit\u003c/code\u003e, \u003ccode\u003efetcher.submit\u003c/code\u003e, and \u003ccode\u003esetSearchParams\u003c/code\u003e (\u003ca href=\"https://github.com/remix-run/react-router/commit/a993f09\"\u003ea993f09\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eStabilize the instrumentation APIs. \u003ccode\u003eunstable_instrumentations\u003c/code\u003e is now \u003ccode\u003einstrumentations\u003c/code\u003e and \u003ccode\u003eunstable_pattern\u003c/code\u003e is now \u003ccode\u003epattern\u003c/code\u003e (\u003ca href=\"https://github.com/remix-run/react-router/commit/a993f09\"\u003ea993f09\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eunstable_ServerInstrumentation\u003c/code\u003e, \u003ccode\u003eunstable_ClientInstrumentation\u003c/code\u003e, \u003ccode\u003eunstable_InstrumentRequestHandlerFunction\u003c/code\u003e, \u003ccode\u003eunstable_InstrumentRouterFunction\u003c/code\u003e, \u003ccode\u003eunstable_InstrumentRouteFunction\u003c/code\u003e, and \u003ccode\u003eunstable_InstrumentationHandlerResult\u003c/code\u003e types have had their \u003ccode\u003eunstable_\u003c/code\u003e prefixes removed\u003c/li\u003e\n\u003cli\u003e⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eStabilize \u003ccode\u003eunstable_mask\u003c/code\u003e as \u003ccode\u003emask\u003c/code\u003e on \u003ccode\u003e\u0026lt;Link\u0026gt;\u003c/code\u003e, \u003ccode\u003euseLinkClickHandler\u003c/code\u003e, and \u003ccode\u003euseNavigate\u003c/code\u003e, and rename the corresponding \u003ccode\u003eLocation.unstable_mask\u003c/code\u003e field to \u003ccode\u003eLocation.mask\u003c/code\u003e (\u003ca href=\"https://github.com/remix-run/react-router/commit/a993f09\"\u003ea993f09\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eStabilize the \u003ccode\u003eunstable_normalizePath\u003c/code\u003e option on \u003ccode\u003estaticHandler.query\u003c/code\u003e and \u003ccode\u003estaticHandler.queryRoute\u003c/code\u003e as \u003ccode\u003enormalizePath\u003c/code\u003e (\u003ca href=\"https://github.com/remix-run/react-router/commit/a993f09\"\u003ea993f09\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eStabilize \u003ccode\u003efuture.unstable_passThroughRequests\u003c/code\u003e as \u003ccode\u003efuture.v8_passThroughRequests\u003c/code\u003e (\u003ca href=\"https://github.com/remix-run/react-router/commit/a993f09\"\u003ea993f09\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove \u003ccode\u003eunstable_subResourceIntegrity\u003c/code\u003e from the runtime \u003ccode\u003eFutureConfig\u003c/code\u003e type; the flag is now controlled by the top-level \u003ccode\u003esubResourceIntegrity\u003c/code\u003e option in \u003ccode\u003ereact-router.config.ts\u003c/code\u003e (\u003ca href=\"https://github.com/remix-run/react-router/commit/a993f09\"\u003ea993f09\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eStabilize \u003ccode\u003eunstable_url\u003c/code\u003e as \u003ccode\u003eurl\u003c/code\u003e on \u003ccode\u003eloader\u003c/code\u003e, \u003ccode\u003eaction\u003c/code\u003e, and \u003ccode\u003emiddleware\u003c/code\u003e function args (\u003ca href=\"https://github.com/remix-run/react-router/commit/a993f09\"\u003ea993f09\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eStabilize \u003ccode\u003eunstable_useTransitions\u003c/code\u003e as \u003ccode\u003euseTransitions\u003c/code\u003e on \u003ccode\u003e\u0026lt;BrowserRouter\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;HashRouter\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;HistoryRouter\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;MemoryRouter\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;Router\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;RouterProvider\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;HydratedRouter\u0026gt;\u003c/code\u003e, and \u003ccode\u003euseLinkClickHandler\u003c/code\u003e (\u003ca href=\"https://github.com/remix-run/react-router/commit/a993f09\"\u003ea993f09\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003enonce\u003c/code\u003e to \u003ccode\u003e\u0026lt;Scripts\u0026gt;\u003c/code\u003e \u003ccode\u003e\u0026lt;link rel=\u0026quot;modulepreload\u0026quot;\u0026gt;\u003c/code\u003e elements (if provided) (\u003ca href=\"https://github.com/remix-run/react-router/commit/af5d49b\"\u003eaf5d49b\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix a bug with \u003ccode\u003eunstable_defaultShouldRevalidate={false}\u003c/code\u003e where parent routes that did not export a \u003ccode\u003eshouldRevalidate\u003c/code\u003e function could be incorrectly included in the single fetch call for new child route data (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15012\"\u003e#15012\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove server-side route matching performance by pre-computing flattened/cached route branches (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/14967\"\u003e#14967\u003c/a\u003e) (\u003ca href=\"https://github.com/remix-run/react-router/commit/af5d49b\"\u003eaf5d49b\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePerformance benchmarks showed roughly a 10-15% improvement in server-side request handling performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eMark \u003ccode\u003emask\u003c/code\u003e as an optional field in \u003ccode\u003eLocation\u003c/code\u003e for easier mocking in unit tests (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/14999\"\u003e#14999\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache flattened/ranked route branches to optimize server-side route matching (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/14967\"\u003e#14967\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove route matching performance in Framework/Data Mode (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/14971\"\u003e#14971\u003c/a\u003e) (\u003ca href=\"https://github.com/remix-run/react-router/commit/af5d49b\"\u003eaf5d49b\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAvoiding unnecessary calls to \u003ccode\u003ematchRoutes\u003c/code\u003e in data router scenarios\n\u003cul\u003e\n\u003cli\u003eThis includes adding back the optimization that was removed in \u003ccode\u003e7.6.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/13562\"\u003e#13562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eThe issues that prompted the revert have been addressed by using the available router \u003ccode\u003ematches\u003c/code\u003e but always updating \u003ccode\u003ematch.route\u003c/code\u003e to the latest route in the \u003ccode\u003emanifest\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eLeverage pre-computed pre-computing flattened/cached route branches during client side route matching\u003c/li\u003e\n\u003cli\u003ePerformance benchmarks showed roughly a 15-30% improvement in server-side request handling performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.14.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/97c8de79c38f107acd15f74d8295c7bf75894a5d\"\u003e\u003ccode\u003e97c8de7\u003c/code\u003e\u003c/a\u003e Release v7.15.0 (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15018\"\u003e#15018\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/af5d49b71c15fa502cb0918482597284e8cb39c4\"\u003e\u003ccode\u003eaf5d49b\u003c/code\u003e\u003c/a\u003e Update change files again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/a993f09533fa15bbf01ce734c8c7c116564cf4b7\"\u003e\u003ccode\u003ea993f09\u003c/code\u003e\u003c/a\u003e Update change files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/362635b8fdf020afdf697823ca71ba4c01b40e0d\"\u003e\u003ccode\u003e362635b\u003c/code\u003e\u003c/a\u003e Move chnageset to change file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/e756132b5bcae52b65c504bdac8cec406c746e62\"\u003e\u003ccode\u003ee756132\u003c/code\u003e\u003c/a\u003e chore: format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/49295b5c220b567cff9934ddf0199877663b552c\"\u003e\u003ccode\u003e49295b5\u003c/code\u003e\u003c/a\u003e Stabilize APIs (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14999\"\u003e#14999\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/5f61543c31c442271162b31ee9fe1499e170c68c\"\u003e\u003ccode\u003e5f61543\u003c/code\u003e\u003c/a\u003e Client-side route matching optimizations (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14971\"\u003e#14971\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/67518cb61054f1b3eede95dde95480aca962626d\"\u003e\u003ccode\u003e67518cb\u003c/code\u003e\u003c/a\u003e Remove unnecessary hasShouldRevalidate condition for opting out (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15012\"\u003e#15012\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/6f18edde6b5eac5f7028bfde885bbb8031025480\"\u003e\u003ccode\u003e6f18edd\u003c/code\u003e\u003c/a\u003e Add nonce to scripts \u003ccode\u003emodulepreload\u003c/code\u003e (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15002\"\u003e#15002\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/10a968671d94a1147d78e766cffae33c6d151162\"\u003e\u003ccode\u003e10a9686\u003c/code\u003e\u003c/a\u003e Migrate changeset to change file\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/remix-run/react-router/commits/react-router@7.15.0/packages/react-router\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for react-router since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `smol-toml` from 1.4.1 to 1.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/squirrelchat/smol-toml/releases\"\u003esmol-toml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.6.1\u003c/h2\u003e\n\u003cp\u003eThis release addresses a minor security vulnerability where an attacker-controlled TOML document can exploit an unrestricted recustion and cause a stack overflow error with a document that contains thousands of sucessive commented lines. Security advisory: \u003ca href=\"https://github.com/advisories/GHSA-v3rj-xjv7-4jmq\"\u003eGHSA-v3rj-xjv7-4jmq\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.6.0\u003c/h2\u003e\n\u003cp\u003eAs of this version, smol-toml now supports the newly released TOML 1.1.0 specification!\u003c/p\u003e\n\u003ch2\u003eHighlights\u003c/h2\u003e\n\u003ch3\u003eMultiline inline tables\u003c/h3\u003e\n\u003cp\u003eTOML 1.1.0 now allows inline tables to have newlines, as well as trailing commas.\u003c/p\u003e\n\u003cpre lang=\"toml\"\u003e\u003ccode\u003edatabase = {\r\n  driver = \u0026quot;postgresql\u0026quot;,\r\n  server = {\r\n    host = \u0026quot;127.0.0.1\u0026quot;,\r\n    port = 3307,\r\n  },\r\n}\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eOmitting seconds in datetime and time\u003c/h3\u003e\n\u003cp\u003eTOML 1.1.0 renders the seconds component of time elements optional.\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003edatetime-tz = 1979-05-27 07:32Z\r\ndatetime = 2001-09-21 10:17\r\ntime = 13:37\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eNew string escapes\u003c/h3\u003e\n\u003cp\u003eStrings now support 2 additional escape sequences:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e\\xHH\u003c/code\u003e for code points between 0 and 255\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e\\e\u003c/code\u003e for the escape character (\u003ccode\u003eU+001B\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: toml 1.1 support by \u003ca href=\"https://github.com/cyyynthia\"\u003e\u003ccode\u003e@​cyyynthia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/squirrelchat/smol-toml/pull/49\"\u003esquirrelchat/smol-toml#49\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/squirrelchat/smol-toml/compare/v1.5.2...v1.6.0\"\u003ehttps://github.com/squirrelchat/smol-toml/compare/v1.5.2...v1.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.2\u003c/h2\u003e\n\u003cp\u003eHot fix for v1.5.1... 🙃\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: properly stringify arrays of tables by \u003ca href=\"https://github.com/cyyynthia\"\u003e\u003ccode\u003e@​cyyynthia\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/squirrelchat/smol-toml/compare/v1.5.1...v1.5.2\"\u003ehttps://github.com/squirrelchat/smol-toml/compare/v1.5.1...v1.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.1\u003c/h2\u003e\n\u003cp\u003eSmol fix that makes newlines actually consistent when stringifying objects to TOML.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/072b64fd0094b1d7d3bb1a124d282828069a7aa0\"\u003e\u003ccode\u003e072b64f\u003c/code\u003e\u003c/a\u003e chore: version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/19a5dc74cb49f9fe809dd73c2b8934b4192b8393\"\u003e\u003ccode\u003e19a5dc7\u003c/code\u003e\u003c/a\u003e chore: upgrade dependencies and actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/f286f87778200504061a428b24d5e27ef5e1f360\"\u003e\u003ccode\u003ef286f87\u003c/code\u003e\u003c/a\u003e fix: don't use recursion in skipVoid\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/399c54527643c97bbd58931f452325ab32456180\"\u003e\u003ccode\u003e399c545\u003c/code\u003e\u003c/a\u003e chore: version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/06521caba8be8a7d67a7a9ed7f105134c2dce8b1\"\u003e\u003ccode\u003e06521ca\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/squirrelchat/smol-toml/issues/49\"\u003e#49\u003c/a\u003e from squirrelchat/toml-110\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/f3a68a76a4be2e4a0e9ed9add167b15591262ade\"\u003e\u003ccode\u003ef3a68a7\u003c/code\u003e\u003c/a\u003e fix: properly test \\e escape\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/9743a8645acef45711f87c0996a20051f262dbbd\"\u003e\u003ccode\u003e9743a86\u003c/code\u003e\u003c/a\u003e fix: properly run toml-test v2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/1ec5303d56b8735a2ddf15a07f2cba1c1b4aa2e2\"\u003e\u003ccode\u003e1ec5303\u003c/code\u003e\u003c/a\u003e docs: toml 1.1.0 in the readme\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/8bc0e2bc709e4c54b87db2ce534b4411e2217b63\"\u003e\u003ccode\u003e8bc0e2b\u003c/code\u003e\u003c/a\u003e chore: upgrade dependencies, actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/24618dbac52bd2ff7145b2206f24a1ef14791885\"\u003e\u003ccode\u003e24618db\u003c/code\u003e\u003c/a\u003e feat: allow omitting seconds in datetime and time values\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/squirrelchat/smol-toml/compare/v1.4.1...v1.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for smol-toml since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 11.1.0 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `playwright` from 1.53.2 to 1.55.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/microsoft/playwright/releases\"\u003eplaywright's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.55.1\u003c/h2\u003e\n\u003ch3\u003eHighlights\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37479\"\u003emicrosoft/playwright#37479\u003c/a\u003e - [Bug]: Upgrade Chromium to 140.0.7339.186.\n\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37147\"\u003emicrosoft/playwright#37147\u003c/a\u003e - [Regression]: Internal error: step id not found.\n\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37146\"\u003emicrosoft/playwright#37146\u003c/a\u003e - [Regression]: HTML reporter displays a broken chip link when there are no projects.\n\u003ca href=\"https://redirect.github.com/microsoft/playwright/pull/37137\"\u003emicrosoft/playwright#37137\u003c/a\u003e - Revert \u0026quot;fix(a11y): track inert elements as hidden\u0026quot;.\n\u003ca href=\"https://redirect.github.com/microsoft/playwright/pull/37532\"\u003emicrosoft/playwright#37532\u003c/a\u003e - chore: do not use -k option\u003c/p\u003e\n\u003ch2\u003eBrowser Versions\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChromium 140.0.7339.186\u003c/li\u003e\n\u003cli\u003eMozilla Firefox 141.0\u003c/li\u003e\n\u003cli\u003eWebKit 26.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis version was also tested against the following stable channels:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eGoogle Chrome 139\u003c/li\u003e\n\u003cli\u003eMicrosoft Edge 139\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.55.0\u003c/h2\u003e\n\u003ch2\u003eNew APIs\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew Property \u003ca href=\"https://playwright.dev/docs/api/class-teststepinfo#test-step-info-title-path\"\u003etestStepInfo.titlePath\u003c/a\u003e Returns the full title path starting from the test file, including test and step titles.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eCodegen\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAutomatic \u003ccode\u003etoBeVisible()\u003c/code\u003e assertions: Codegen can now generate automatic \u003ccode\u003etoBeVisible()\u003c/code\u003e assertions for common UI interactions. This feature can be enabled in the Codegen settings UI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e⚠️ Dropped support for Chromium extension manifest v2.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMiscellaneous\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Debian 13 \u0026quot;Trixie\u0026quot;.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBrowser Versions\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChromium 140.0.7339.16\u003c/li\u003e\n\u003cli\u003eMozilla Firefox 141.0\u003c/li\u003e\n\u003cli\u003eWebKit 26.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis version was also tested against the following stable channels:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eGoogle Chrome 139\u003c/li\u003e\n\u003cli\u003eMicrosoft Edge 139\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.54.2\u003c/h2\u003e\n\u003ch3\u003eHighlights\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/36714\"\u003emicrosoft/playwright#36714\u003c/a\u003e - [Regression]: Codegen is not able to launch in Administrator Terminal on Windows (ProtocolError: Protocol error)\n\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/36828\"\u003emicrosoft/playwright#36828\u003c/a\u003e - [Regression]: Playwright Codegen keeps spamming with selected option\n\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/36810\"\u003emicrosoft/playwright#36810\u003c/a\u003e - [Regression]: Starting Codegen with target language doesn't work anymore\u003c/p\u003e\n\u003ch2\u003eBrowser Versions\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/ae51df7a35888f663553ab4e9c45d6cb6335397f\"\u003e\u003ccode\u003eae51df7\u003c/code\u003e\u003c/a\u003e chore: mark v1.55.1 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37530\"\u003e#37530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/86dde294ce7fc9dd62d2f7ce5afd0c79cff50140\"\u003e\u003ccode\u003e86dde29\u003c/code\u003e\u003c/a\u003e feat(chromium): roll to r1193 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37529\"\u003e#37529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/86328bc9f43da2fe2b9aba2822c79f8b4c0c7f72\"\u003e\u003ccode\u003e86328bc\u003c/code\u003e\u003c/a\u003e chore: do not use -k option (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37532\"\u003e#37532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/63799ba68340fde11445d4f48c12515c28dcc92a\"\u003e\u003ccode\u003e63799ba\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37214\"\u003e#37214\u003c/a\u003e): docs: fix method names in release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/21e29a42ab090d7848a3c3255f05335ba0db424d\"\u003e\u003ccode\u003e21e29a4\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37153\"\u003e#37153\u003c/a\u003e): fix(html): don't display a chip with empty content with ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/ba62e6ab0d25f7415ffdf121e4e186aadb213be5\"\u003e\u003ccode\u003eba62e6a\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37149\"\u003e#37149\u003c/a\u003e): fix(test): attaching in boxed fixture\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/25bb073f2697c98995871d40828604b0836c29b7\"\u003e\u003ccode\u003e25bb073\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37137\"\u003e#37137\u003c/a\u003e): Revert \u0026quot;fix(a11y): track inert elements as hidden (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/36947\"\u003e#36947\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/f992162f04ae0b0b5a0f4b6114b894215be98995\"\u003e\u003ccode\u003ef992162\u003c/code\u003e\u003c/a\u003e chore: mark v1.55.0 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37121\"\u003e#37121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/4a92ea00253106c8bd4234b8d5be2e205d049012\"\u003e\u003ccode\u003e4a92ea0\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37113\"\u003e#37113\u003c/a\u003e): docs: add release-notes for v1.55\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/aa05507bbabc170abf7775bf0d3ddd2438dc384a\"\u003e\u003ccode\u003eaa05507\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37114\"\u003e#37114\u003c/a\u003e): test: move browser._launchServer in child process\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/playwright/compare/v1.53.2...v1.55.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `storybook` from 9.1.1 to 9.1.19\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/releases\"\u003estorybook's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.19\u003c/h2\u003e\n\u003ch2\u003e9.1.19\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHarden websocket connection\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.1.18\u003c/h2\u003e\n\u003ch2\u003e9.1.18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo-op release. No changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/blob/v9.1.19/CHANGELOG.md\"\u003estorybook's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e9.1.19\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHarden websocket connection\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.1.18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo-op release. No changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCLI: Fix Nextjs project creation in empty directories - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32828\"\u003e#32828\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yannbf\"\u003e\u003ccode\u003e@​yannbf\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Add \u003ccode\u003eexperimental_devServer\u003c/code\u003e preset - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32862\"\u003e#32862\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yannbf\"\u003e\u003ccode\u003e@​yannbf\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Fix preview-first-load event - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32859\"\u003e#32859\u003c/a\u003e, thanks \u003ca href=\"https://github.com/shilman\"\u003e\u003ccode\u003e@​shilman\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCore: Add \u003ccode\u003epreview-first-load\u003c/code\u003e telemetry - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32770\"\u003e#32770\u003c/a\u003e, thanks \u003ca href=\"https://github.com/shilman\"\u003e\u003ccode\u003e@​shilman\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eDependencies: Update \u003ccode\u003evite-plugin-storybook-nextjs\u003c/code\u003e - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32821\"\u003e#32821\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ndelangen\"\u003e\u003ccode\u003e@​ndelangen\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.1.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNextJS: Add NextJS 16 support - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32791\"\u003e#32791\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yannbf\"\u003e\u003ccode\u003e@​yannbf\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/ndelangen\"\u003e\u003ccode\u003e@​ndelangen\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eAddon-Vitest: Support Vitest 4 - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32819\"\u003e#32819\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yannbf\"\u003e\u003ccode\u003e@​yannbf\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/ndelangen\"\u003e\u003ccode\u003e@​ndelangen\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCSF: Fix \u003ccode\u003eplay-fn\u003c/code\u003e tag for methods - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32695\"\u003e#32695\u003c/a\u003e, thanks \u003ca href=\"https://github.com/shilman\"\u003e\u003ccode\u003e@​shilman\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.1.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNextjs: Fix config access for Vite - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32759\"\u003e#32759\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMaintenance: Hotfix for missing nextjs dts files, thanks \u003ca href=\"https://github.com/ndelangen\"\u003e\u003ccode\u003e@​ndelangen\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.1.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAutomigration: Improve the viewport/backgrounds automigration - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32619\"\u003e#32619\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eMocking: Fix \u003ccode\u003esb.mock\u003c/code\u003e usage in Storybook's deployed in subpaths - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32678\"\u003e#32678\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eNextJS-Vite: Automatically fix bad PostCSS configuration - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32691\"\u003e#32691\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ndelangen\"\u003e\u003ccode\u003e@​ndelangen\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact Native Web: Fix REACT_NATIVE_AND_RNW should detect vite builder - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32718\"\u003e#32718\u003c/a\u003e, thanks \u003ca href=\"https://github.com/dannyhw\"\u003e\u003ccode\u003e@​dannyhw\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add metadata for react routers - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32615\"\u003e#32615\u003c/a\u003e, thanks \u003ca href=\"https://github.com/shilman\"\u003e\u003ccode\u003e@​shilman\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.1.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAutomigrations: Add automigration for viewport and backgrounds - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/31614\"\u003e#31614\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Log userAgent in onboarding - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32566\"\u003e#32566\u003c/a\u003e, thanks \u003ca href=\"https://github.com/shilman\"\u003e\u003ccode\u003e@​shilman\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAngular: Enable experimental zoneless detection on Angular v21 - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32580\"\u003e#32580\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yannbf\"\u003e\u003ccode\u003e@​yannbf\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eSvelte: Ignore inherited \u003ccode\u003eHTMLAttributes\u003c/code\u003e docgen when using utility types - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32173\"\u003e#32173\u003c/a\u003e, thanks \u003ca href=\"https://github.com/steciuk\"\u003e\u003ccode\u003e@​steciuk\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/20887f19d26d1f6e74712eeec4812f325031420b\"\u003e\u003ccode\u003e20887f1\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;9.1.18\u0026quot; to \u0026quot;9.1.19\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/66b2d8e30b1c235c198b8de0696755a13a72ceae\"\u003e\u003ccode\u003e66b2d8e\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/31f16c4cd46f9435e1558204cdccb6bf6b880c7f\"\u003e\u003ccode\u003e31f16c4\u003c/code\u003e\u003c/a\u003e fix linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/62dd25b508d3b8cd771cfadcac9a9f41881c0e11\"\u003e\u003ccode\u003e62dd25b\u003c/code\u003e\u003c/a\u003e Core: Require token for websocket connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/bbe61e351b4b45cd17c7d8005e48e4cab60a0315\"\u003e\u003ccode\u003ebbe61e3\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;9.1.17\u0026quot; to \u0026quot;9.1.18\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/d0d5a3d645df3493ad935e321d1ef101679cfc2e\"\u003e\u003ccode\u003ed0d5a3d\u003c/code\u003e\u003c/a\u003e Bump version from 9.1.16 to 9.1.17 MANUALLY\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/a06c25727a7f7433a8c4bc05a422d47703bf6d6b\"\u003e\u003ccode\u003ea06c257\u003c/code\u003e\u003c/a\u003e filter env vars from .env files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/a54a04cef3ea631f2dacf3631f7f78e4453cd096\"\u003e\u003ccode\u003ea54a04c\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;9.1.15\u0026quot; to \u0026quot;9.1.16\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/ebd7ff59675c519bd50d81d005a69c921d943dbe\"\u003e\u003ccode\u003eebd7ff5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/storybookjs/storybook/tree/HEAD/code/core/issues/32859\"\u003e#32859\u003c/a\u003e from storybookjs/shilman/first-load-new-user\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/da2da6e60cc28e89189268be88d3d39bc763050b\"\u003e\u003ccode\u003eda2da6e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/storybookjs/storybook/tree/HEAD/code/core/issues/32862\"\u003e#32862\u003c/a\u003e from storybookjs/yann/patch-dev-server-preset\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/storybookjs/storybook/commits/v9.1.19/code/core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for storybook since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 6.3.6 to 6.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.4.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.4.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.1/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.4.0\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.0/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.3.7\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.3.7/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.2 (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003efe28e47\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22163\"\u003e#22163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b\"\u003eca4da5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.1 (2025-10-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969\"\u003e#20969\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8\"\u003e1114b5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20968\"\u003e#20968\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20969\"\u003e#20969\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.4.0 (2025-10-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow passing down resolved config to vite's createServer (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932\"\u003e#20932\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a\"\u003eca6455e\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20932\"\u003e#20932\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.7 (2025-10-14)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940\"\u003e#20940\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff\"\u003ec59a222\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20940\"\u003e#20940\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/6b3fad02abd550bd7b79934ff92c58dbd7f33045\"\u003e\u003ccode\u003e6b3fad0\u003c/code\u003e\u003c/a\u003e release: v6.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b\"\u003e\u003ccode\u003eca4da5d\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003e\u003ccode\u003efe28e47\u003c/code\u003e\u003c/a\u003e fix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/5487f4f641f70c47ea05fd101a4319897df048b3\"\u003e\u003ccode\u003e5487f4f\u003c/code\u003e\u003c/a\u003e release: v6.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8\"\u003e\u003ccode\u003e1114b5d\u003c/code\u003e\u003c/a\u003e fix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969\"\u003e#20969\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f12697c0f64b9a37196b9ab218a0911829d5b103\"\u003e\u003ccode\u003ef12697c\u003c/code\u003e\u003c/a\u003e release: v6.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a\"\u003e\u003ccode\u003eca6455e\u003c/code\u003e\u003c/a\u003e feat: allow passing down resolved config to vite's createServer (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932\"\u003e#20932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/0e173d83681daa31be10fa8a62d56b1ec84690af\"\u003e\u003ccode\u003e0e173d8\u003c/code\u003e\u003c/a\u003e release: v6.3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff\"\u003e\u003ccode\u003ec59a222\u003c/code\u003e\u003c/a\u003e fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940\"\u003e#20940\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vitejs/vite/commits/v6.4.2/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 3.2.4 to 3.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.6\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePin last supported vite-node version  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/16f120d05\"\u003e\u003c!-- raw HTML omitted --\u003e(16f12)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.5...v3.2.6\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev3.2.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Add \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e [backport to v3]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10445\"\u003evitest-dev/vitest#10445\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/af88b1f5d\"\u003e\u003c!-- raw HTML omitted --\u003e(af88b)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v3]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10456\"\u003evitest-dev/vitest#10456\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/385a1aefd\"\u003e\u003c!-- raw HTML omitted --\u003e(385a1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.4...v3.2.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/b6d56f8171ae814ee7571df63a35a0da5203dbaa\"\u003e\u003ccode\u003eb6d56f8\u003c/code\u003e\u003c/a\u003e chore: release v3.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/16f120d0585677f6a32bcb3dd01fa61c140e2588\"\u003e\u003ccode\u003e16f120d\u003c/code\u003e\u003c/a\u003e fix: pin last supported vite-node version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/2cbad0a923c48c6144266df3cd25f93547cb5221\"\u003e\u003ccode\u003e2cbad0a\u003c/code\u003e\u003c/a\u003e chore: release v3.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/385a1aefd4c2bfa5e7d58bf7c6834c929969f2c7\"\u003e\u003ccode\u003e385a1ae\u003c/code\u003e\u003c/a\u003e fix(browser): disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/af88b1f5d82844a4761ea9a977156c98e2b14ca8\"\u003e\u003ccode\u003eaf88b1f\u003c/code\u003e\u003c/a\u003e feat(api): add \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e [backport to v3]...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v3.2.6/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for vitest since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-uri` from 3.0.6 to 3.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fast-uri/releases\"\u003efast-uri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.2\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc\"\u003ehttps://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHandle malformed fragment decoding as a parse error by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/171\"\u003efastify/fast-uri#171\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2\"\u003ehttps://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6\"\u003ehttps://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump tsd from 0.32.0 to 0.33.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/148\"\u003efastify/fast-uri#148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/149\"\u003efastify/fast-uri#149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(.npmrc): ignore scripts by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/150\"\u003efastify/fast-uri#150\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): remove \u003ccode\u003e@​fastify/pre-commit\u003c/code\u003e by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/151\"\u003efastify/fast-uri#151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/152\"\u003efastify/fast-uri#152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): add concurrency config by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/153\"\u003efastify/fast-uri#153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/154\"\u003efastify/fast-uri#154\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/156\"\u003efastify/fast-uri#156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/159\"\u003efastify/fast-uri#159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/161\"\u003efastify/fast-uri#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: remove unused github files by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/162\"\u003efastify/fast-uri#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update readme by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/164\"\u003efastify/fast-uri#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-manager.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/165\"\u003efastify/fast-uri#165\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/166\"\u003efastify/fast-uri#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/167\"\u003efastify/fast-uri#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/169\"\u003efastify/fast-uri#169\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/162\"\u003efastify/fast-uri#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.1\"\u003ehttps://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: remove master branch support by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/126\"\u003efastify/fast-uri#126\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(test) remove .gitkeep by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/128\"\u003efastify/fast-uri#128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): set job permissions by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/129\"\u003efastify/fast-uri#129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: set permissions at workflow level by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/131\"\u003efastify/fast-uri#131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: set workflow permissions to read-only by default by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/132\"\u003efastify/fast-uri#132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): restore job level permissions by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/133...\n\n_Description has been truncated_\n\n\u003c!-- Macroscope's pull request summary starts here --\u003e\n\u003c!-- Macroscope will only edit the content between these invisible markers, and the markers themselves will not be visible in the GitHub rendered markdown. --\u003e\n\u003c!-- If you delete either of the start / end markers from your PR's description, Macroscope will append its summary at the bottom of the description. --\u003e\n\u003e [!NOTE]\n\u003e ### Bump npm dependencies across UI and client packages\n\u003e - Updates `uuid` from v11 to v14, `react-router` from 7.9.1 to 7.15.0, `vite` from 6.3.6 to 6.4.2, and `storybook` from 9.1.1 to 8.6.17 in [ui/package.json](https://github.com/EmilynnJ/tensorzero/pull/10/files#diff-193b27d62e4fbda3d563009fed5ec6761a05f73558d94b39fab63ae948c679ea)\n\u003e - Updates `uuid` from v11 to v14 and `vitest` from 3.2.4 to 3.2.6 in [clients/openai-node/package.json](https://github.com/EmilynnJ/tensorzero/pull/10/files#diff-e7668efae45019cc9e9fc89c0126620404a287cd258a83b16b7c69262aa432f8)\n\u003e - Updates `vitest` to 3.2.6 in [internal/tensorzero-node/package.json](https://github.com/EmilynnJ/tensorzero/pull/10/files#diff-cea63d658e41abc37377244b4916418378269f3e1dd4e9117e5e77f4e01de914)\n\u003e - Risk: `uuid` v14 and `storybook` v8 are major version bumps that may include breaking API changes\n\u003e\n\u003e \u003c!-- Macroscope's review summary starts here --\u003e\n\u003e\n\u003e \u003csup\u003e\u003ca href=\"https://app.macroscope.com\"\u003eMacroscope\u003c/a\u003e summarized f2f0fd0.\u003c/sup\u003e\n\u003e \u003c!-- Macroscope's review summary ends here --\u003e\n\u003e\n\u003c!-- macroscope-ui-refresh --\u003e\n\u003c!-- Macroscope's pull request summary ends here --\u003e\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpgrade dependencies across the repo (root, `ui`, and node clients) to pull in security fixes and performance improvements, notably `react-router@7.15.0`, `vite@6.4.2`, `playwright@1.55.1`, and `uuid@14.0.0`.\n\n- **Dependencies**\n  - `react-router` → `7.15.0` and `@react-router/node` → `7.9.4` (route matching perf improvements; stabilizes previously `unstable_*` APIs)\n  - `vite` → `6.4.2` (security fixes in dev server and sourcemap handler)\n  - `playwright` → `1.55.1` (browser updates and bug fixes)\n  - `vitest` → `3.2.6` (pins supported `vite-node`)\n  - `ajv` → `8.18.0` (ReDoS mitigation)\n  - `smol-toml` → `1.6.1` (security fix; TOML 1.1 support)\n  - `uuid` → `14.0.0` (Node 20+ required; `crypto` expected to be global)\n  - Storybook bumped to latest patches (root: `9.1.19`; `ui`: `8.6.17`)\n  - Updated `clients/openai-node` and `internal/tensorzero-node` to `vitest@3.2.6` and `uuid@14.0.0`\n\n- **Migration**\n  - Ensure Node 20+ in local and CI due to `uuid@14`.\n  - If you’ve used React Router `unstable_*` APIs, rename to their stable equivalents (e.g., `unstable_mask` → `mask`, `unstable_defaultShouldRevalidate` → `defaultShouldRevalidate`).\n  - Reinstall and verify: `pnpm i` then run builds/tests; for UI E2E, run `pnpm playwright install`.\n\n\u003csup\u003eWritten for commit f2f0fd0bbe17096f4f5fed95f78c13fd873b25a2. Summary will update on new commits.\u003c/sup\u003e\n\n\u003ca href=\"https://cubic.dev/pr/EmilynnJ/tensorzero/pull/10?utm_source=github\" target=\"_blank\" rel=\"noopener noreferrer\" data-no-image-dialog=\"true\"\u003e\u003cpicture\u003e\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-light.svg\"\u003e\u003cimg alt=\"Review in cubic\" src=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003c/picture\u003e\u003c/a\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n","html_url":"https://github.com/EmilynnJ/tensorzero/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/EmilynnJ%2Ftensorzero/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"},{"uuid":"4615597992","node_id":"PR_kwDONtRNPM7kCwMY","number":59,"state":"closed","title":"ci(deps): bump ajv from 6.12.6 to 6.15.0 in /examples/mcp/mcp-servers/web-search","user":"dependabot[bot]","labels":["released","dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-08T18:40:16.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-08T18:34:58.000Z","updated_at":"2026-06-11T14:20:07.000Z","time_to_close":318,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"ci(deps)","packages":[{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"}],"path":"/examples/mcp/mcp-servers/web-search","ecosystem":"npm"},"body":"Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.12.6 to 6.15.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ajv\u0026package-manager=npm_and_yarn\u0026previous-version=6.12.6\u0026new-version=6.15.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/inference-gateway/typescript-sdk/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/inference-gateway/typescript-sdk/pull/59","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/inference-gateway%2Ftypescript-sdk/issues/59","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/59/packages"}],"issue_packages":[{"old_version":"8.18.0","new_version":"8.20.0","update_type":"minor","path":"/apps/web/site","pr_created_at":"2026-06-15T01:28:01.000Z","version_change":"8.18.0 → 8.20.0","issue":{"uuid":"4661365883","node_id":"PR_kwDONJpy787mWEqE","number":639,"state":"open","title":"fix(deps): bump ajv from 8.18.0 to 8.20.0 in /apps/web/site","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T01:28:01.000Z","updated_at":"2026-06-15T01:28:08.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"fix(deps)","packages":[{"name":"ajv","old_version":"8.18.0","new_version":"8.20.0","repository_url":"https://github.com/ajv-validator/ajv"}],"path":"/apps/web/site","ecosystem":"npm"},"body":"Bumps [ajv](https://github.com/ajv-validator/ajv) from 8.18.0 to 8.20.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ajv-validator/ajv/releases\"\u003eajv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.20.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add support for node 22/24, drop node 16/21 by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2580\"\u003eajv-validator/ajv#2580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: add ES2022.RegExp for RegExpIndicesArray by \u003ca href=\"https://github.com/SignpostMarv\"\u003e\u003ccode\u003e@​SignpostMarv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2604\"\u003eajv-validator/ajv#2604\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.19.0...v8.20.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.19.0...v8.20.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix prototype pollution via format keyword using $data ref by \u003ca href=\"https://github.com/epoberezkin\"\u003e\u003ccode\u003e@​epoberezkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2607\"\u003eajv-validator/ajv#2607\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.18.0...v8.19.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.18.0...v8.19.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/0fba0b8e649909613cfce0999b149cd08f4a4987\"\u003e\u003ccode\u003e0fba0b8\u003c/code\u003e\u003c/a\u003e 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/9caf8d64409b05e2c670b3ff09cf7ca07937342e\"\u003e\u003ccode\u003e9caf8d6\u003c/code\u003e\u003c/a\u003e fix: add ES2022.RegExp for RegExpIndicesArray; fixes \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2603\"\u003eajv-validator/ajv#2603\u003c/a\u003e (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/206535071f776f57737394c8896d4b2dc2bfb9a3\"\u003e\u003ccode\u003e2065350\u003c/code\u003e\u003c/a\u003e fix: add support for node 22/24, drop node 16/21 (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2580\"\u003e#2580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/154b58d690c6596e09ca676e12720ab8234ee3d2\"\u003e\u003ccode\u003e154b58d\u003c/code\u003e\u003c/a\u003e 8.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e8d2bdc501b3ba6f03922db5e595770d4763d9da\"\u003e\u003ccode\u003ee8d2bdc\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2607\"\u003e#2607\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.18.0...v8.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ajv\u0026package-manager=npm_and_yarn\u0026previous-version=8.18.0\u0026new-version=8.20.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/mlorentedev/kubelab/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/mlorentedev/kubelab/pull/639","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mlorentedev%2Fkubelab/issues/639","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/639/packages"}},{"old_version":"8.18.0","new_version":"8.20.0","update_type":"minor","path":null,"pr_created_at":"2026-06-15T00:58:56.000Z","version_change":"8.18.0 → 8.20.0","issue":{"uuid":"4661268248","node_id":"PR_kwDOR9eYC87mVx3U","number":38,"state":"open","title":"chore(deps): bump the minor-and-patch group across 1 directory with 26 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-15T00:58:56.000Z","updated_at":"2026-06-15T00:59:39.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"minor-and-patch","update_count":26,"packages":[{"name":"@ai-sdk/react","old_version":"3.0.170","new_version":"3.0.207","repository_url":"https://github.com/vercel/ai"},{"name":"border-beam","old_version":"1.0.1","new_version":"1.2.0","repository_url":"https://github.com/Jakubantalik/border-beam"},{"name":"lucide-react","old_version":"1.8.0","new_version":"1.18.0","repository_url":"https://github.com/lucide-icons/lucide"},{"name":"maplibre-gl","old_version":"5.23.0","new_version":"5.24.0","repository_url":"https://github.com/maplibre/maplibre-gl-js"},{"name":"motion","old_version":"12.38.0","new_version":"12.40.0","repository_url":"https://github.com/motiondivision/motion"},{"name":"react","old_version":"19.2.5","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"@types/react","old_version":"19.2.14","new_version":"19.2.17","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"react-dom","old_version":"19.2.5","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"react-router-dom","old_version":"7.14.2","new_version":"7.17.0","repository_url":"https://github.com/remix-run/react-router"},{"name":"@playwright/test","old_version":"1.59.1","new_version":"1.60.0","repository_url":"https://github.com/microsoft/playwright"},{"name":"@tailwindcss/postcss","old_version":"4.2.4","new_version":"4.3.1","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@vitejs/plugin-react","old_version":"6.0.1","new_version":"6.0.2","repository_url":"https://github.com/vitejs/vite-plugin-react"},{"name":"@vitest/coverage-v8","old_version":"4.1.5","new_version":"4.1.8","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"ajv","old_version":"8.18.0","new_version":"8.20.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"eslint-plugin-react-hooks","old_version":"7.0.1","new_version":"7.1.1","repository_url":"https://github.com/facebook/react"},{"name":"eslint-plugin-react-refresh","old_version":"0.5.2","new_version":"0.5.3","repository_url":"https://github.com/ArnaudBarre/eslint-plugin-react-refresh"},{"name":"globals","old_version":"17.5.0","new_version":"17.6.0","repository_url":"https://github.com/sindresorhus/globals"},{"name":"happy-dom","old_version":"20.9.0","new_version":"20.10.3","repository_url":"https://github.com/capricorn86/happy-dom"},{"name":"proj4","old_version":"2.20.8","new_version":"2.20.9","repository_url":"https://github.com/proj4js/proj4js"},{"name":"@types/proj4","old_version":"2.5.6","new_version":"2.19.0","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"tsx","old_version":"4.21.0","new_version":"4.22.4","repository_url":"https://github.com/privatenumber/tsx"},{"name":"typescript-eslint","old_version":"8.59.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"vite","old_version":"8.0.9","new_version":"8.0.16","repository_url":"https://github.com/vitejs/vite"}],"path":null,"ecosystem":"npm"},"body":"Bumps the minor-and-patch group with 23 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@ai-sdk/react](https://github.com/vercel/ai/tree/HEAD/packages/react) | `3.0.170` | `3.0.207` |\n| [border-beam](https://github.com/Jakubantalik/border-beam) | `1.0.1` | `1.2.0` |\n| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.8.0` | `1.18.0` |\n| [maplibre-gl](https://github.com/maplibre/maplibre-gl-js) | `5.23.0` | `5.24.0` |\n| [motion](https://github.com/motiondivision/motion) | `12.38.0` | `12.40.0` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.5` | `19.2.7` |\n| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.17` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.5` | `19.2.7` |\n| [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `7.14.2` | `7.17.0` |\n| [@playwright/test](https://github.com/microsoft/playwright) | `1.59.1` | `1.60.0` |\n| [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss) | `4.2.4` | `4.3.1` |\n| [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) | `6.0.1` | `6.0.2` |\n| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.1.5` | `4.1.8` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.18.0` | `8.20.0` |\n| [eslint-plugin-react-hooks](https://github.com/facebook/react/tree/HEAD/packages/eslint-plugin-react-hooks) | `7.0.1` | `7.1.1` |\n| [eslint-plugin-react-refresh](https://github.com/ArnaudBarre/eslint-plugin-react-refresh) | `0.5.2` | `0.5.3` |\n| [globals](https://github.com/sindresorhus/globals) | `17.5.0` | `17.6.0` |\n| [happy-dom](https://github.com/capricorn86/happy-dom) | `20.9.0` | `20.10.3` |\n| [proj4](https://github.com/proj4js/proj4js) | `2.20.8` | `2.20.9` |\n| [@types/proj4](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/proj4) | `2.5.6` | `2.19.0` |\n| [tsx](https://github.com/privatenumber/tsx) | `4.21.0` | `4.22.4` |\n| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.59.0` | `8.61.0` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.0.9` | `8.0.16` |\n\n\nUpdates `@ai-sdk/react` from 3.0.170 to 3.0.207\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.207\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.205\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.205\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [bfa5864]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [f42aa79]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [5291f7e]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [b4b575a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/provider-utils\u003c/code\u003e\u003ca href=\"https://github.com/4\"\u003e\u003ccode\u003e@​4\u003c/code\u003e\u003c/a\u003e.0.29\u003c/li\u003e\n\u003cli\u003eai@6.0.203\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/react@3.0.207/packages/react/CHANGELOG.md\"\u003e@​ai-sdk/react's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.207\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.205\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.206\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.204\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.205\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [bfa5864]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [f42aa79]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [5291f7e]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [b4b575a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/provider-utils\u003c/code\u003e\u003ca href=\"https://github.com/4\"\u003e\u003ccode\u003e@​4\u003c/code\u003e\u003c/a\u003e.0.29\u003c/li\u003e\n\u003cli\u003eai@6.0.203\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.204\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [942f2f8]\n\u003cul\u003e\n\u003cli\u003eai@6.0.202\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​ai-sdk/provider-utils\u003c/code\u003e\u003ca href=\"https://github.com/4\"\u003e\u003ccode\u003e@​4\u003c/code\u003e\u003c/a\u003e.0.28\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.203\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [0c8c0ed]\n\u003cul\u003e\n\u003cli\u003eai@6.0.201\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.202\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [14098e7]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [2cabe9c]\n\u003cul\u003e\n\u003cli\u003eai@6.0.200\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.201\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/55486720c5be0238b9d477a778b0428e5e48d9d4\"\u003e\u003ccode\u003e5548672\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/16097\"\u003e#16097\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/63b3f6081df232ff3b2a84b27cc3eda33f215586\"\u003e\u003ccode\u003e63b3f60\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/16086\"\u003e#16086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/bae9babb22e195e74a9a0c0e26a5e52c8ba8e7f2\"\u003e\u003ccode\u003ebae9bab\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/16026\"\u003e#16026\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/9ef2c3cfadfc4a469e9eec6a6e8a0ac0fc80a1e5\"\u003e\u003ccode\u003e9ef2c3c\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15998\"\u003e#15998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/dca8c38b09acba1a5eebf354b532833ab055413a\"\u003e\u003ccode\u003edca8c38\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15992\"\u003e#15992\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a340536d4cd232c42757bf04c3ec35f589f6fe35\"\u003e\u003ccode\u003ea340536\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15965\"\u003e#15965\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/f6e588173713842794c619f9554a4b341c6e97f5\"\u003e\u003ccode\u003ef6e5881\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15902\"\u003e#15902\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/8ad68fe1569329bc4fcb578d57fb7a7a0509af26\"\u003e\u003ccode\u003e8ad68fe\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15898\"\u003e#15898\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/de852ab79aac88345c8a9ae54003fb206e1a64b4\"\u003e\u003ccode\u003ede852ab\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15821\"\u003e#15821\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/7aca1fc2004800171233ae16c2456ef297552441\"\u003e\u003ccode\u003e7aca1fc\u003c/code\u003e\u003c/a\u003e backport: chore: update TypeScript references and fix `pnpm update-references...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/react@3.0.207/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​ai-sdk/react\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `border-beam` from 1.0.1 to 1.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Jakubantalik/border-beam/releases\"\u003eborder-beam's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.2.0\u003c/h2\u003e\n\u003ch2\u003ePulse: dynamic colors + synced glow\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePulse \u003ccode\u003einner\u003c/code\u003e/\u003ccode\u003eoutside\u003c/code\u003e hue now rotates a full 360° continuously, so colors are no longer pinned to fixed edges (previously a ±30° ping-pong left red/orange in the top-right and green/blue on the left).\u003c/li\u003e\n\u003cli\u003eThe wide bloom halo now shares the same hue rotation as the core/stroke, keeping the large and small glows color-matched (most visible on blue/green transitions).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Jakubantalik/border-beam/blob/main/CHANGELOG.md\"\u003eborder-beam's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e1.1.0\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRetuned the \u003ccode\u003epulse-outside\u003c/code\u003e and \u003ccode\u003epulse-inner\u003c/code\u003e presets to match the latest prototype values (opacities, brightness/saturation, glow/bloom blur, drift, and glow sizing).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epulse-outside\u003c/code\u003e no longer paints its own idle hairline (\u003ccode\u003ehairlineOpacity\u003c/code\u003e defaults to \u003ccode\u003e0\u003c/code\u003e). The colored stroke now rides directly on the wrapped element's own 1px border instead of doubling it, matching the prototype's single-hairline look.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epulse-inner\u003c/code\u003e bloom alignment: the bloom ring used a 2px padding while the stroke used 1px, so the bloom sat 1px further inward than the stroke. Both now share the same 1px edge ring.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe pulse breathing motion is driven from a single shared, ~30fps \u003ccode\u003erequestAnimationFrame\u003c/code\u003e loop (\u003ccode\u003epulseDriver.ts\u003c/code\u003e) instead of per-instance CSS \u003ccode\u003e@property\u003c/code\u003e keyframes. This reduces repaint frequency, works without \u003ccode\u003e@property\u003c/code\u003e support, and pauses automatically when the instance is inactive, offscreen, or the user prefers reduced motion.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/Jakubantalik/border-beam/commits/v1.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lucide-react` from 1.8.0 to 1.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lucide-icons/lucide/releases\"\u003elucide-react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 1.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(site): Remove survey from site by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4417\"\u003elucide-icons/lucide#4417\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003eplay-off\u003c/code\u003e icon by \u003ca href=\"https://github.com/Ahmed-Dghaies\"\u003e\u003ccode\u003e@​Ahmed-Dghaies\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4412\"\u003elucide-icons/lucide#4412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(metadata): add missing use-cases prop on play-off.json by \u003ca href=\"https://github.com/karsa-mistmere\"\u003e\u003ccode\u003e@​karsa-mistmere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4423\"\u003elucide-icons/lucide#4423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(docs): force hide #bb-banner, if html.has-bb-banner is missing by \u003ca href=\"https://github.com/karsa-mistmere\"\u003e\u003ccode\u003e@​karsa-mistmere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4422\"\u003elucide-icons/lucide#4422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(docs): Remove \u003ccode\u003e@next\u003c/code\u003e from installation instructions for\u003ccode\u003e@lucide/svelte\u003c/code\u003e by \u003ca href=\"https://github.com/alecglassford\"\u003e\u003ccode\u003e@​alecglassford\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4432\"\u003elucide-icons/lucide#4432\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(packages/angular): add support for Angular v22 and onwards by \u003ca href=\"https://github.com/karsa-mistmere\"\u003e\u003ccode\u003e@​karsa-mistmere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4450\"\u003elucide-icons/lucide#4450\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(ci): add check to skip release if latest tag was created today by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4085\"\u003elucide-icons/lucide#4085\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003ewebcam-off\u003c/code\u003e icon by \u003ca href=\"https://github.com/jordan-burnett\"\u003e\u003ccode\u003e@​jordan-burnett\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4242\"\u003elucide-icons/lucide#4242\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/alecglassford\"\u003e\u003ccode\u003e@​alecglassford\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4432\"\u003elucide-icons/lucide#4432\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jordan-burnett\"\u003e\u003ccode\u003e@​jordan-burnett\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4242\"\u003elucide-icons/lucide#4242\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lucide-icons/lucide/compare/1.17.0...1.18.0\"\u003ehttps://github.com/lucide-icons/lucide/compare/1.17.0...1.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(lucide-vue-next|lucide-svelte|lucide-angular): Remove deprecated packages by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4376\"\u003elucide-icons/lucide#4376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(repo): Update issue templates and documentation for package ren… by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4379\"\u003elucide-icons/lucide#4379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(site): Adds survey overlay to website by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4380\"\u003elucide-icons/lucide#4380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(site): Certificate dev links by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4390\"\u003elucide-icons/lucide#4390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(icons): changed \u003ccode\u003emartini\u003c/code\u003e icon by \u003ca href=\"https://github.com/jamiemlaw\"\u003e\u003ccode\u003e@​jamiemlaw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4335\"\u003elucide-icons/lucide#4335\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump brace-expansion from 1.1.11 to 5.0.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4386\"\u003elucide-icons/lucide#4386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump \u003ccode\u003e@​tootallnate/once\u003c/code\u003e from 2.0.0 to 2.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4404\"\u003elucide-icons/lucide#4404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump devalue from 5.8.0 to 5.8.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4391\"\u003elucide-icons/lucide#4391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump ws from 8.18.0 to 8.20.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4392\"\u003elucide-icons/lucide#4392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(gh-icon): limit icon size to a maximum of 256 pixels by \u003ca href=\"https://github.com/jguddas\"\u003e\u003ccode\u003e@​jguddas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4398\"\u003elucide-icons/lucide#4398\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(dependencies): Update dependencies by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4377\"\u003elucide-icons/lucide#4377\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(copilot): Adding copilot instructions by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4407\"\u003elucide-icons/lucide#4407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): add \u003ccode\u003eglobe-check\u003c/code\u003e by \u003ca href=\"https://github.com/Barakudum\"\u003e\u003ccode\u003e@​Barakudum\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4342\"\u003elucide-icons/lucide#4342\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(metadata): Require use-cases in meta json by \u003ca href=\"https://github.com/ericfennis\"\u003e\u003ccode\u003e@​ericfennis\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4321\"\u003elucide-icons/lucide#4321\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003eparasol\u003c/code\u003e icon by \u003ca href=\"https://github.com/karsa-mistmere\"\u003e\u003ccode\u003e@​karsa-mistmere\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4347\"\u003elucide-icons/lucide#4347\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lucide-icons/lucide/compare/1.16.0...1.17.0\"\u003ehttps://github.com/lucide-icons/lucide/compare/1.16.0...1.17.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(icons): added \u003ccode\u003eblender\u003c/code\u003e icon by \u003ca href=\"https://github.com/rrod497\"\u003e\u003ccode\u003e@​rrod497\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/3884\"\u003elucide-icons/lucide#3884\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lucide-icons/lucide/compare/1.15.0...1.16.0\"\u003ehttps://github.com/lucide-icons/lucide/compare/1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 1.15.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: remove 'less' from brand stopwords by \u003ca href=\"https://github.com/jguddas\"\u003e\u003ccode\u003e@​jguddas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4331\"\u003elucide-icons/lucide#4331\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(\u003ccode\u003e@​lucide/vue\u003c/code\u003e): Clone slots before passing to icon by \u003ca href=\"https://github.com/axtho\"\u003e\u003ccode\u003e@​axtho\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4339\"\u003elucide-icons/lucide#4339\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(icons): changed \u003ccode\u003etext-cursor\u003c/code\u003e icon by \u003ca href=\"https://github.com/jamiemlaw\"\u003e\u003ccode\u003e@​jamiemlaw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/lucide-icons/lucide/pull/4340\"\u003elucide-icons/lucide#4340\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lucide-icons/lucide/commit/07c885e6c1f9952965ba388b7fd2bb7c4d416a67\"\u003e\u003ccode\u003e07c885e\u003c/code\u003e\u003c/a\u003e fix(docs): fix zephyr-cloud URL in readmes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lucide-icons/lucide/commit/50d8af5a1012e188f3d71ac8f1fc0fba1aab5357\"\u003e\u003ccode\u003e50d8af5\u003c/code\u003e\u003c/a\u003e docs(readme): Update readme files (\u003ca href=\"https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react/issues/4320\"\u003e#4320\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lucide-icons/lucide/commit/653e44b83293567ff24dcb90ca1094a9cf0a042a\"\u003e\u003ccode\u003e653e44b\u003c/code\u003e\u003c/a\u003e feat(packages): use .mjs for ESM bundles (\u003ca href=\"https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react/issues/4285\"\u003e#4285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/lucide-icons/lucide/commits/1.18.0/packages/lucide-react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `maplibre-gl` from 5.23.0 to 5.24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/maplibre/maplibre-gl-js/releases\"\u003emaplibre-gl's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.24.0\u003c/h2\u003e\n\u003ch3\u003e✨ Features and improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGPU performance optimization: Render halo and glyph in a single pass (-40% Time Reduction) (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/pull/7436\"\u003e#7436\u003c/a\u003e) (by \u003ca href=\"https://github.com/xavierjs\"\u003e\u003ccode\u003e@​xavierjs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize matrix inversions and reduce GPU stalls (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/pull/7367\"\u003e#7367\u003c/a\u003e) (by \u003ca href=\"https://github.com/xavierjs\"\u003e\u003ccode\u003e@​xavierjs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd example showing how to measure map performance using built-in events (\u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eidle\u003c/code\u003e, \u003ccode\u003erender\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/pull/7077\"\u003e#7077\u003c/a\u003e) (by \u003ca href=\"https://github.com/CommanderStorm\"\u003e\u003ccode\u003e@​CommanderStorm\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🐞 Bug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003ePopup\u003c/code\u003e not updating its position when switching between terrain/globe projections (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/pull/7468\"\u003e#7468\u003c/a\u003e) (by \u003ca href=\"https://github.com/CommanderStorm\"\u003e\u003ccode\u003e@​CommanderStorm\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip fog computation when fog opacity is zero (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/pull/7476\"\u003e#7476\u003c/a\u003e) (by \u003ca href=\"https://github.com/CommanderStorm\"\u003e\u003ccode\u003e@​CommanderStorm\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/maplibre/maplibre-gl-js/blob/main/CHANGELOG.md\"\u003emaplibre-gl's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.24.0\u003c/h2\u003e\n\u003ch3\u003e✨ Features and improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGPU performance optimization: Render halo and glyph in a single pass (-40% Time Reduction) (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/pull/7436\"\u003e#7436\u003c/a\u003e) (by \u003ca href=\"https://github.com/xavierjs\"\u003e\u003ccode\u003e@​xavierjs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize matrix inversions and reduce GPU stalls (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/pull/7367\"\u003e#7367\u003c/a\u003e) (by \u003ca href=\"https://github.com/xavierjs\"\u003e\u003ccode\u003e@​xavierjs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd example showing how to measure map performance using built-in events (\u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eidle\u003c/code\u003e, \u003ccode\u003erender\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/pull/7077\"\u003e#7077\u003c/a\u003e) (by \u003ca href=\"https://github.com/CommanderStorm\"\u003e\u003ccode\u003e@​CommanderStorm\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🐞 Bug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003ePopup\u003c/code\u003e not updating its position when switching between terrain/globe projections (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/pull/7468\"\u003e#7468\u003c/a\u003e) (by \u003ca href=\"https://github.com/CommanderStorm\"\u003e\u003ccode\u003e@​CommanderStorm\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip fog computation when fog opacity is zero (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/pull/7476\"\u003e#7476\u003c/a\u003e) (by \u003ca href=\"https://github.com/CommanderStorm\"\u003e\u003ccode\u003e@​CommanderStorm\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maplibre/maplibre-gl-js/commit/fd31bd85967c19446d836236e93021fb10ffe30d\"\u003e\u003ccode\u003efd31bd8\u003c/code\u003e\u003c/a\u003e Bump js version to 5.24.0 (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/issues/7509\"\u003e#7509\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maplibre/maplibre-gl-js/commit/859e6fa2c6905146205d418dfbe6dba4274c4182\"\u003e\u003ccode\u003e859e6fa\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump rollup from 4.60.1 to 4.60.2 (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/issues/7508\"\u003e#7508\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maplibre/maplibre-gl-js/commit/1401f2db49354715376a65b633b24c1b2ebc1c45\"\u003e\u003ccode\u003e1401f2d\u003c/code\u003e\u003c/a\u003e chore(deps): bump actions/setup-node from 6.3.0 to 6.4.0 (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/issues/7507\"\u003e#7507\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maplibre/maplibre-gl-js/commit/57f77d34be01c2029adf3c462d59ec763f13d4ca\"\u003e\u003ccode\u003e57f77d3\u003c/code\u003e\u003c/a\u003e chore(deps): bump dependabot/fetch-metadata from 3.0.0 to 3.1.0 (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/issues/7506\"\u003e#7506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maplibre/maplibre-gl-js/commit/1d3c3f45649ed4fc0e48a6a08c5d4b97a7f05822\"\u003e\u003ccode\u003e1d3c3f4\u003c/code\u003e\u003c/a\u003e Update PR template to include AI policy confirmation (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/issues/7505\"\u003e#7505\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maplibre/maplibre-gl-js/commit/b30f01171cb01966eeb0b46cb918e9aadbbef160\"\u003e\u003ccode\u003eb30f011\u003c/code\u003e\u003c/a\u003e docs: Improve documentation for MapOptions hash parameter (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/issues/7503\"\u003e#7503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maplibre/maplibre-gl-js/commit/d1614ef5da6ed43ecd3a2a51fb275912269df640\"\u003e\u003ccode\u003ed1614ef\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump devtools-protocol from 0.0.1616338 to 0.0.1617013 (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/issues/7504\"\u003e#7504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maplibre/maplibre-gl-js/commit/d44f14b4c382ecb827967281a4d6342dfc30bb35\"\u003e\u003ccode\u003ed44f14b\u003c/code\u003e\u003c/a\u003e Fix author attribution for touchZoomRotate features (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/issues/7502\"\u003e#7502\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maplibre/maplibre-gl-js/commit/018c3a089e8e4dad35eaab10ddd9b3137ed6c364\"\u003e\u003ccode\u003e018c3a0\u003c/code\u003e\u003c/a\u003e Symbol SDF Performance Optimization: Render Halo and Glyph in a Single Pass (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maplibre/maplibre-gl-js/commit/38f6798244fa7d05f9eea8daf758addc3f38dd89\"\u003e\u003ccode\u003e38f6798\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump diff from 8.0.4 to 9.0.0 (\u003ca href=\"https://redirect.github.com/maplibre/maplibre-gl-js/issues/7497\"\u003e#7497\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/maplibre/maplibre-gl-js/compare/v5.23.0...v5.24.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `motion` from 12.38.0 to 12.40.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/motiondivision/motion/blob/main/CHANGELOG.md\"\u003emotion's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[12.40.0] 2026-05-21\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epath\u003c/code\u003e option to \u003ccode\u003etransition\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003earc()\u003c/code\u003e for motion along an arc.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[12.39.0] 2026-05-18\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for \u003ccode\u003erepeatType\u003c/code\u003e and \u003ccode\u003erepeatDelay\u003c/code\u003e in animation sequences.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eVariants: Re-run keyframe animations when switching between variant labels even when they share identical keyframe arrays.\u003c/li\u003e\n\u003cli\u003eDrag: Preserve in-flight motion value animations across React 19 reorder unmount/remount so \u003ccode\u003edragSnapToOrigin\u003c/code\u003e no longer leaves the drag transform stranded after a layout swap.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eLazyMotion\u003c/code\u003e: Share React contexts between the \u003ccode\u003eframer-motion\u003c/code\u003e and \u003ccode\u003eframer-motion/m\u003c/code\u003e (and therefore \u003ccode\u003emotion/react\u003c/code\u003e and \u003ccode\u003emotion/react-m\u003c/code\u003e) CJS bundles so that \u003ccode\u003e\u0026lt;m.div\u0026gt;\u003c/code\u003e from the \u003ccode\u003e/m\u003c/code\u003e subpath picks up features loaded by \u003ccode\u003e\u0026lt;LazyMotion\u0026gt;\u003c/code\u003e from the main entry point.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseScroll\u003c/code\u003e: Support hydrating \u003ccode\u003etarget\u003c/code\u003e and \u003ccode\u003econtainer\u003c/code\u003e refs from anywhere in the tree.\u003c/li\u003e\n\u003cli\u003eDrag: Gesture no longer starts from incorrect start point when rendered inside \u003ccode\u003e\u0026lt;AnimatePresence initial={false} /\u0026gt;\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eDrag: \u003ccode\u003edragConstraints\u003c/code\u003e, when set as viewport-relative ref, no longer break on scroll.§\u003c/li\u003e\n\u003cli\u003eUpdated \u003ccode\u003evisualElement\u003c/code\u003e hydration order.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseAnimate\u003c/code\u003e: Now respects \u003ccode\u003eskipAnimations\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAnimatePresence\u003c/code\u003e: Fix object-form \u003ccode\u003einitial\u003c/code\u003e values not applied on re-entry after exit completes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003escroll\u003c/code\u003e: Fixed callback progress when tracking an element.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseScroll\u003c/code\u003e: Fix hardware acceleration when tracking an element.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motiondivision/motion/commit/38ebb9480e5b25a51e09e2ec866c101d01d82c60\"\u003e\u003ccode\u003e38ebb94\u003c/code\u003e\u003c/a\u003e v12.40.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motiondivision/motion/commit/b1f766c7221cfdbf868e2f66675d6d2e2ff8f50e\"\u003e\u003ccode\u003eb1f766c\u003c/code\u003e\u003c/a\u003e Latest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motiondivision/motion/commit/bca554401519e8ef45db1dcc8c52580998251c73\"\u003e\u003ccode\u003ebca5544\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/motiondivision/motion/issues/3699\"\u003e#3699\u003c/a\u003e from motiondivision/lochie/arcs-injectable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motiondivision/motion/commit/f1a96cfaff8de87712539bf250205134c8e121d9\"\u003e\u003ccode\u003ef1a96cf\u003c/code\u003e\u003c/a\u003e arc(): rename amp/rotate, expose MotionPath, fix explicit cw/ccw\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motiondivision/motion/commit/b4aaba0d161cce6db7b2070ec3fd141e1dbcda95\"\u003e\u003ccode\u003eb4aaba0\u003c/code\u003e\u003c/a\u003e pathRotation: non-destructive orientToPath rotation channel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motiondivision/motion/commit/8604ef3d9048127d61a8bbd94698e56368e70926\"\u003e\u003ccode\u003e8604ef3\u003c/code\u003e\u003c/a\u003e Make arcs injectable via \u003ccode\u003etransition.path = arc()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motiondivision/motion/commit/f90fe294c559c3bd7b13e762b0b2aefe837dc000\"\u003e\u003ccode\u003ef90fe29\u003c/code\u003e\u003c/a\u003e add \u003ccode\u003eorientToPath\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motiondivision/motion/commit/9ebe999fe93e6431ce026a998cb2aeabe690d03b\"\u003e\u003ccode\u003e9ebe999\u003c/code\u003e\u003c/a\u003e fix: test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motiondivision/motion/commit/bc2107e8963b35c0f264810d8dcb8b7b96ac7cb5\"\u003e\u003ccode\u003ebc2107e\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;no should\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/motiondivision/motion/commit/6eeb92dc2228419a1d2ba33bec5df36c3357683a\"\u003e\u003ccode\u003e6eeb92d\u003c/code\u003e\u003c/a\u003e no should\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/motiondivision/motion/compare/v12.38.0...v12.40.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react` from 19.2.5 to 19.2.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/releases\"\u003ereact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.7 (June 1st, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed missing \u003ccode\u003eFormData\u003c/code\u003e entries in Server Actions which regressed in 19.2.6\n(\u003ca href=\"https://redirect.github.com/facebook/react/pull/36566\"\u003e#36566\u003c/a\u003e by \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.6 (May 6th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eType hardening and performance improvements\n(\u003ca href=\"https://redirect.github.com/facebook/react/pull/36425\"\u003e#36425\u003c/a\u003e by \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react/react/commit/6117d7cca4906492c51fe6a03381e35adfd86e7d\"\u003e\u003ccode\u003e6117d7c\u003c/code\u003e\u003c/a\u003e Version 19.2.7 (\u003ca href=\"https://github.com/facebook/react/tree/HEAD/packages/react/issues/36591\"\u003e#36591\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react/react/commit/eaf3e95ca92be7a23d3c9cc8ffd6f199a40be401\"\u003e\u003ccode\u003eeaf3e95\u003c/code\u003e\u003c/a\u003e Version 19.2.6\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/facebook/react/commits/v19.2.7/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for react since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/react` from 19.2.14 to 19.2.17\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-dom` from 19.2.5 to 19.2.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/facebook/react/releases\"\u003ereact-dom's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.7 (June 1st, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed missing \u003ccode\u003eFormData\u003c/code\u003e entries in Server Actions which regressed in 19.2.6\n(\u003ca href=\"https://redirect.github.com/facebook/react/pull/36566\"\u003e#36566\u003c/a\u003e by \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.6 (May 6th, 2026)\u003c/h2\u003e\n\u003ch2\u003eReact Server Components\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eType hardening and performance improvements\n(\u003ca href=\"https://redirect.github.com/facebook/react/pull/36425\"\u003e#36425\u003c/a\u003e by \u003ca href=\"https://github.com/eps1lon\"\u003e\u003ccode\u003e@​eps1lon\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/unstubbable\"\u003e\u003ccode\u003e@​unstubbable\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react/react/commit/6117d7cca4906492c51fe6a03381e35adfd86e7d\"\u003e\u003ccode\u003e6117d7c\u003c/code\u003e\u003c/a\u003e Version 19.2.7 (\u003ca href=\"https://github.com/facebook/react/tree/HEAD/packages/react-dom/issues/36591\"\u003e#36591\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react/react/commit/eaf3e95ca92be7a23d3c9cc8ffd6f199a40be401\"\u003e\u003ccode\u003eeaf3e95\u003c/code\u003e\u003c/a\u003e Version 19.2.6\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/facebook/react/commits/v19.2.7/packages/react-dom\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for react-dom since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-router-dom` from 7.14.2 to 7.17.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md\"\u003ereact-router-dom's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.17.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/releases/tag/react-router@7.17.0\"\u003e\u003ccode\u003ereact-router@7.17.0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.16.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove stale/invalid \u003ccode\u003eunpkg\u003c/code\u003e field from \u003ccode\u003epackage.json\u003c/code\u003e. This was removed from other packages with the release of v7 but missed in the \u003ccode\u003ereact-router-dom\u003c/code\u003e re-export package (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15075\"\u003e#15075\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/releases/tag/react-router@7.16.0\"\u003e\u003ccode\u003ereact-router@7.16.0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.15.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/releases/tag/react-router@7.15.1\"\u003e\u003ccode\u003ereact-router@7.15.1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.15.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/releases/tag/react-router@7.15.0\"\u003e\u003ccode\u003ereact-router@7.15.0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/195a0d03c1417127ccee73853058c8521beb4fce\"\u003e\u003ccode\u003e195a0d0\u003c/code\u003e\u003c/a\u003e Release v7.17.0 (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/15145\"\u003e#15145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/8984d23f86ca7ae5655711744b77816090bda4e6\"\u003e\u003ccode\u003e8984d23\u003c/code\u003e\u003c/a\u003e Release v7.16.0 (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/15105\"\u003e#15105\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/3ed77afcde0ad9aea79f1afe5f05a700b201f289\"\u003e\u003ccode\u003e3ed77af\u003c/code\u003e\u003c/a\u003e chore: format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/e96962bc6159a2290632849b55872a3878753342\"\u003e\u003ccode\u003ee96962b\u003c/code\u003e\u003c/a\u003e fix: remove stale unpkg field from react-router-dom (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/15075\"\u003e#15075\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/587d08fca6ca61e00f44c1eda95bf6e6a9ab76ef\"\u003e\u003ccode\u003e587d08f\u003c/code\u003e\u003c/a\u003e Release v7.15.1 (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/15038\"\u003e#15038\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/97c8de79c38f107acd15f74d8295c7bf75894a5d\"\u003e\u003ccode\u003e97c8de7\u003c/code\u003e\u003c/a\u003e Release v7.15.0 (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/15018\"\u003e#15018\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/remix-run/react-router/commits/react-router-dom@7.17.0/packages/react-router-dom\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@playwright/test` from 1.59.1 to 1.60.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/microsoft/playwright/releases\"\u003e@​playwright/test's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.60.0\u003c/h2\u003e\n\u003ch2\u003e🌐 HAR recording on Tracing\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://playwright.dev/docs/api/class-tracing#tracing-start-har\"\u003etracing.startHar()\u003c/a\u003e / \u003ca href=\"https://playwright.dev/docs/api/class-tracing#tracing-stop-har\"\u003etracing.stopHar()\u003c/a\u003e expose HAR recording as a first-class tracing API, with the same \u003ccode\u003econtent\u003c/code\u003e, \u003ccode\u003emode\u003c/code\u003e and \u003ccode\u003eurlFilter\u003c/code\u003e options as \u003ccode\u003erecordHar\u003c/code\u003e. The returned \u003ca href=\"https://playwright.dev/docs/api/class-disposable\"\u003eDisposable\u003c/a\u003e makes it easy to scope a recording with \u003ccode\u003eawait using\u003c/code\u003e:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait using har = await context.tracing.startHar('trace.har');\r\nconst page = await context.newPage();\r\nawait page.goto('https://playwright.dev');\r\n// HAR is finalized when `har` goes out of scope.\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003e🪝 Drop API\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-locator#locator-drop\"\u003elocator.drop()\u003c/a\u003e simulates an external drag-and-drop of files or clipboard-like data onto an element. Playwright dispatches \u003ccode\u003edragenter\u003c/code\u003e, \u003ccode\u003edragover\u003c/code\u003e, and \u003ccode\u003edrop\u003c/code\u003e with a synthetic [DataTransfer] in the page context — works cross-browser and is great for testing upload zones:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait page.locator('#dropzone').drop({\r\n  files: { name: 'note.txt', mimeType: 'text/plain', buffer: Buffer.from('hello') },\r\n});\r\n\u003cp\u003eawait page.locator('#dropzone').drop({\ndata: {\n'text/plain': 'hello world',\n'text/uri-list': '\u003ca href=\"https://example.com\"\u003ehttps://example.com\u003c/a\u003e',\n},\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003ch2\u003e🎯 Aria snapshots\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://playwright.dev/docs/api/class-pageassertions#page-assertions-to-match-aria-snapshot\"\u003eexpect(page).toMatchAriaSnapshot()\u003c/a\u003e now works on a \u003ca href=\"https://playwright.dev/docs/api/class-page\"\u003ePage\u003c/a\u003e, in addition to a \u003ca href=\"https://playwright.dev/docs/api/class-locator\"\u003eLocator\u003c/a\u003e — equivalent to asserting against \u003ccode\u003epage.locator('body')\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eNew \u003ccode\u003eboxes\u003c/code\u003e option on \u003ca href=\"https://playwright.dev/docs/api/class-locator#locator-aria-snapshot\"\u003elocator.ariaSnapshot()\u003c/a\u003e / \u003ca href=\"https://playwright.dev/docs/api/class-page#page-aria-snapshot\"\u003epage.ariaSnapshot()\u003c/a\u003e appends each element's bounding box as \u003ccode\u003e[box=x,y,width,height]\u003c/code\u003e, useful for AI consumption.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🛑 test.abort()\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-test#test-abort\"\u003etest.abort()\u003c/a\u003e aborts the currently running test from a fixture, hook, or route handler with an optional message. Use it when you have detected an unrecoverable misuse and want to fail the test right away:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003etest('does not publish to the shared page', async ({ page }) =\u0026gt; {\r\n  await page.route('**/publish', route =\u0026gt; {\r\n    test.abort('Tests must not publish to the shared page. Use the `clone` option.');\r\n    return route.abort();\r\n  });\r\n  // ...\r\n});\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eNew APIs\u003c/h2\u003e\n\u003ch3\u003eBrowser, Context and Page\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/87bb9ddbd78f329df18c2b24847bc9409240cd07\"\u003e\u003ccode\u003e87bb9dd\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40747\"\u003e#40747\u003c/a\u003e): fix(yauzl): vendor yauzl with destroy-lifecycle fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9a9c51cb7d1b39fab51ca288e59f8ca38fd19910\"\u003e\u003ccode\u003e9a9c51c\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40733\"\u003e#40733\u003c/a\u003e): chore(electron): revert \u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40184\"\u003e#40184\u003c/a\u003e (move Electron API to a s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/4b3b628663031bcaaeca907e337892263524634d\"\u003e\u003ccode\u003e4b3b628\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40736\"\u003e#40736\u003c/a\u003e): Revert \u0026quot;feat(electron): add timeout option to electronAp...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/f869f96bbe6607cc3b88b4ca96fd82f17b301b50\"\u003e\u003ccode\u003ef869f96\u003c/code\u003e\u003c/a\u003e chore: bump version to v1.60.0 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40714\"\u003e#40714\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/7eb6918afadfb0dd5c7e94ca9ffbddd84d8fbb39\"\u003e\u003ccode\u003e7eb6918\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40710\"\u003e#40710\u003c/a\u003e): docs: release notes v1.60\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/118d2aa6076d82840decca15d96b48611b08e392\"\u003e\u003ccode\u003e118d2aa\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40693\"\u003e#40693\u003c/a\u003e): chore(python): formdata path type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/54012f5dcc586da2e5d6cccd75f13ca367b94579\"\u003e\u003ccode\u003e54012f5\u003c/code\u003e\u003c/a\u003e chore(deps): bump ip-address and express-rate-limit (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40680\"\u003e#40680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9fa531da5677a3807d6e1dccd22c5137339a44f7\"\u003e\u003ccode\u003e9fa531d\u003c/code\u003e\u003c/a\u003e fix(screencast): unblock frame ack when an async client disconnects (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40674\"\u003e#40674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/3649db560ff943e724185784d34f7db131a11961\"\u003e\u003ccode\u003e3649db5\u003c/code\u003e\u003c/a\u003e chore(mcp): bump default extension protocol to v2 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40678\"\u003e#40678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/bb6c00957f47ba04caad7fca75d426309a2d32d4\"\u003e\u003ccode\u003ebb6c009\u003c/code\u003e\u003c/a\u003e chore(extension): mark 0.2.1 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40679\"\u003e#40679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/playwright/compare/v1.59.1...v1.60.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tailwindcss/postcss` from 4.2.4 to 4.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tailwindlabs/tailwindcss/releases\"\u003e@​tailwindcss/postcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--silent\u003c/code\u003e option to suppress output in \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20100\"\u003e#20100\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove deprecation warnings by using \u003ccode\u003eModule#registerHooks\u003c/code\u003e instead of \u003ccode\u003eModule#register\u003c/code\u003e on Node 26+ (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20028\"\u003e#20028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't crash when plugin utilities throw for unsupported values (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20052\"\u003e#20052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@apply\u003c/code\u003e to be used with CSS mixins (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19427\"\u003e#19427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003enot-*\u003c/code\u003e correctly negates \u003ccode\u003e@container\u003c/code\u003e queries, including \u003ccode\u003estyle(…)\u003c/code\u003e queries (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20059\"\u003e#20059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003edrop-shadow-*\u003c/code\u003e color utilities work with custom shadow values containing \u003ccode\u003ecalc(…)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20080\"\u003e#20080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix 'Sourcemap is likely to be incorrect' warnings when using \u003ccode\u003e@tailwindcss/vite\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20103\"\u003e#20103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/webpack\u003c/code\u003e can be installed in Rspack projects without requiring \u003ccode\u003ewebpack\u003c/code\u003e as a peer dependency (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20027\"\u003e#20027\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't suggest invalid \u003ccode\u003ecalc(…)\u003c/code\u003e expressions (e.g. \u003ccode\u003epx-[calc(1rem+0px)]\u003c/code\u003e → \u003ccode\u003epx-[calc(1rem+0)]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20127\"\u003e#20127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. \u003ccode\u003eleft-[99999px]\u003c/code\u003e → \u003ccode\u003eleft-[99999px]\u003c/code\u003e, not \u003ccode\u003eleft-24999.75\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20130\"\u003e#20130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e in \u003ccode\u003e--watch\u003c/code\u003e mode recovers when a tracked dependency is deleted and restored (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20137\"\u003e#20137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure standalone \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e binaries are ignored when scanning for class candidates (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20139\"\u003e#20139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure class candidates are extracted from Twig \u003ccode\u003eaddClass(…)\u003c/code\u003e and \u003ccode\u003eremoveClass(…)\u003c/code\u003e calls (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20198\"\u003e#20198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19588\"\u003e#19588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@variant\u003c/code\u003e to be used inside \u003ccode\u003eaddBase\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19480\"\u003e#19480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs with symlinks are preserved (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure later \u003ccode\u003e@source\u003c/code\u003e rules can re-include files excluded by earlier \u003ccode\u003e@source not\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpgrade: don't migrate empty class rules to invalid \u003ccode\u003e@utility\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20205\"\u003e#20205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure transitions between \u003ccode\u003einset-shadow-none\u003c/code\u003e and other inset shadows work correctly (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20208\"\u003e#20208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure explicitly referenced \u003ccode\u003e@source\u003c/code\u003e directories are scanned even when ignored by git (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20214\"\u003e#20214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs ending in \u003ccode\u003e**/*\u003c/code\u003e preserve dynamic path segments to avoid scanning too many files (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20217\"\u003e#20217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't fold \u003ccode\u003ecalc(…)\u003c/code\u003e divisions when the result would require high precision (e.g. \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e → \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e, not \u003ccode\u003ew-[28.571428571428573%]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20221\"\u003e#20221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eServe ESM type declarations to ESM importers of \u003ccode\u003e@tailwindcss/postcss\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20228\"\u003e#20228\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGenerate \u003ccode\u003e0\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 0)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-0\u003c/code\u003e and \u003ccode\u003eleft-0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGenerate \u003ccode\u003evar(--spacing)\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 1)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-1\u003c/code\u003e and \u003ccode\u003eleft-1\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e@container-size\u003c/code\u003e utility (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/18901\"\u003e#18901\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003escrollbar-{auto,thin,none}\u003c/code\u003e utilities for \u003ccode\u003escrollbar-width\u003c/code\u003e, and \u003ccode\u003escrollbar-thumb-*\u003c/code\u003e / \u003ccode\u003escrollbar-track-*\u003c/code\u003e color utilities for \u003ccode\u003escrollbar-color\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19981\"\u003e#19981\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20019\"\u003e#20019\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003escrollbar-gutter-*\u003c/code\u003e utilities (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20018\"\u003e#20018\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ezoom-*\u003c/code\u003e utilities (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20020\"\u003e#20020\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003etab-*\u003c/code\u003e utilities (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20022\"\u003e#20022\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow using \u003ccode\u003e@variant\u003c/code\u003e with stacked variants (e.g. \u003ccode\u003e@variant hover:focus { … }\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19996\"\u003e#19996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow using \u003ccode\u003e@variant\u003c/code\u003e with compound variants (e.g. \u003ccode\u003e@variant hover, focus { … }\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19996\"\u003e#19996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e--default(…)\u003c/code\u003e in \u003ccode\u003e--value(…)\u003c/code\u003e and \u003ccode\u003e--modifier(…)\u003c/code\u003e for functional \u003ccode\u003e@utility\u003c/code\u003e definitions (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19989\"\u003e#19989\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@plugin\u003c/code\u003e resolves package JavaScript entries instead of browser CSS entries when using \u003ccode\u003e@tailwindcss/vite\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19949\"\u003e#19949\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md\"\u003e@​tailwindcss/postcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.3.1] - 2026-06-12\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--silent\u003c/code\u003e option to suppress output in \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20100\"\u003e#20100\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove deprecation warnings by using \u003ccode\u003eModule#registerHooks\u003c/code\u003e instead of \u003ccode\u003eModule#register\u003c/code\u003e on Node 26+ (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20028\"\u003e#20028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't crash when plugin utilities throw for unsupported values (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20052\"\u003e#20052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@apply\u003c/code\u003e to be used with CSS mixins (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19427\"\u003e#19427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003enot-*\u003c/code\u003e correctly negates \u003ccode\u003e@container\u003c/code\u003e queries, including \u003ccode\u003estyle(…)\u003c/code\u003e queries (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20059\"\u003e#20059\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003edrop-shadow-*\u003c/code\u003e color utilities work with custom shadow values containing \u003ccode\u003ecalc(…)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20080\"\u003e#20080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix 'Sourcemap is likely to be incorrect' warnings when using \u003ccode\u003e@tailwindcss/vite\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20103\"\u003e#20103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/webpack\u003c/code\u003e can be installed in Rspack projects without requiring \u003ccode\u003ewebpack\u003c/code\u003e as a peer dependency (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20027\"\u003e#20027\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't suggest invalid \u003ccode\u003ecalc(…)\u003c/code\u003e expressions (e.g. \u003ccode\u003epx-[calc(1rem+0px)]\u003c/code\u003e → \u003ccode\u003epx-[calc(1rem+0)]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20127\"\u003e#20127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. \u003ccode\u003eleft-[99999px]\u003c/code\u003e → \u003ccode\u003eleft-[99999px]\u003c/code\u003e, not \u003ccode\u003eleft-24999.75\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20130\"\u003e#20130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e in \u003ccode\u003e--watch\u003c/code\u003e mode recovers when a tracked dependency is deleted and restored (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20137\"\u003e#20137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure standalone \u003ccode\u003e@tailwindcss/cli\u003c/code\u003e binaries are ignored when scanning for class candidates (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20139\"\u003e#20139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure class candidates are extracted from Twig \u003ccode\u003eaddClass(…)\u003c/code\u003e and \u003ccode\u003eremoveClass(…)\u003c/code\u003e calls (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20198\"\u003e#20198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19588\"\u003e#19588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003e@variant\u003c/code\u003e to be used inside \u003ccode\u003eaddBase\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19480\"\u003e#19480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs with symlinks are preserved (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure later \u003ccode\u003e@source\u003c/code\u003e rules can re-include files excluded by earlier \u003ccode\u003e@source not\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20203\"\u003e#20203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpgrade: don't migrate empty class rules to invalid \u003ccode\u003e@utility\u003c/code\u003e rules (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20205\"\u003e#20205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure transitions between \u003ccode\u003einset-shadow-none\u003c/code\u003e and other inset shadows work correctly (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20208\"\u003e#20208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure explicitly referenced \u003ccode\u003e@source\u003c/code\u003e directories are scanned even when ignored by git (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20214\"\u003e#20214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003e@source\u003c/code\u003e globs ending in \u003ccode\u003e**/*\u003c/code\u003e preserve dynamic path segments to avoid scanning too many files (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20217\"\u003e#20217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalization: don't fold \u003ccode\u003ecalc(…)\u003c/code\u003e divisions when the result would require high precision (e.g. \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e → \u003ccode\u003ew-[calc(100%/3.5)]\u003c/code\u003e, not \u003ccode\u003ew-[28.571428571428573%]\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20221\"\u003e#20221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eServe ESM type declarations to ESM importers of \u003ccode\u003e@tailwindcss/postcss\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20228\"\u003e#20228\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGenerate \u003ccode\u003e0\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 0)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-0\u003c/code\u003e and \u003ccode\u003eleft-0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGenerate \u003ccode\u003evar(--spacing)\u003c/code\u003e instead of \u003ccode\u003ecalc(var(--spacing) * 1)\u003c/code\u003e for spacing utilities like \u003ccode\u003em-1\u003c/code\u003e and \u003ccode\u003eleft-1\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20196\"\u003e#20196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.3.0] - 2026-05-08\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e@container-size\u003c/code\u003e utility (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/18901\"\u003e#18901\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003escrollbar-{auto,thin,none}\u003c/code\u003e utilities for \u003ccode\u003escrollbar-width\u003c/code\u003e, and \u003ccode\u003escrollbar-thumb-*\u003c/code\u003e / \u003ccode\u003escrollbar-track-*\u003c/code\u003e color utilities for \u003ccode\u003escrollbar-color\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19981\"\u003e#19981\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20019\"\u003e#20019\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003escrollbar-gutter-*\u003c/code\u003e utilities (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20018\"\u003e#20018\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ezoom-*\u003c/code\u003e utilities (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20020\"\u003e#20020\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003etab-*\u003c/code\u003e utilities (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/20022\"\u003e#20022\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow using \u003ccode\u003e@variant\u003c/code\u003e with stacked variants (e.g. \u003ccode\u003e@variant hover:focus { … }\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19996\"\u003e#19996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow using \u003ccode\u003e@variant\u003c/code\u003e with compound variants (e.g. \u003ccode\u003e@variant hover, focus { … }\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19996\"\u003e#19996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e--default(…)\u003c/code\u003e in \u003ccode\u003e--value(…)\u003c/code\u003e and \u003ccode\u003e--modifier(…)\u003c/code\u003e for functional \u003ccode\u003e@utility\u003c/code\u003e definitions (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss/pull/19989\"\u003e#19989\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/8a14a710102cae195f6811e8578bef9477bc6be9\"\u003e\u003ccode\u003e8a14a71\u003c/code\u003e\u003c/a\u003e 4.3.1 (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20226\"\u003e#20226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/522288ca08c7ed0e7e9d3256f40fd36981d451a3\"\u003e\u003ccode\u003e522288c\u003c/code\u003e\u003c/a\u003e Serve ESM type declarations to ESM importers of \u003ccode\u003e@tailwindcss/postcss\u003c/code\u003e (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20228\"\u003e#20228\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/8dcdb66e8a58b9df621ed1a9cb59396e0ddb6dd7\"\u003e\u003ccode\u003e8dcdb66\u003c/code\u003e\u003c/a\u003e Bump dependencies (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20095\"\u003e#20095\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/588bd7371f4cae96426e1387819b7fd1d99765f9\"\u003e\u003ccode\u003e588bd73\u003c/code\u003e\u003c/a\u003e 4.3.0 (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20023\"\u003e#20023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/12eb5ae7b6026ff64c04f889b2221418d772da72\"\u003e\u003ccode\u003e12eb5ae\u003c/code\u003e\u003c/a\u003e Cleanup noisy test output (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20015\"\u003e#20015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/4255671c5f792c42808ecd6b2dec27c16e3c559e\"\u003e\u003ccode\u003e4255671\u003c/code\u003e\u003c/a\u003e Improve snapshot tests (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/20013\"\u003e#20013\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/52f94c74bb491e9c3641ce322a0ef90fb3c45de6\"\u003e\u003ccode\u003e52f94c7\u003c/code\u003e\u003c/a\u003e Improve codebase quality (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/19999\"\u003e#19999\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/d194d4c3e656313421f1cfa1954db8f58eec0fcd\"\u003e\u003ccode\u003ed194d4c\u003c/code\u003e\u003c/a\u003e docs: fix various typos in comments and documentation (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/19878\"\u003e#19878\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/bfb5732b0b948d89c6803cb537bca168ec8e0a46\"\u003e\u003ccode\u003ebfb5732\u003c/code\u003e\u003c/a\u003e Fall back to the plugin \u003ccode\u003ebase\u003c/code\u003e when PostCSS has no \u003ccode\u003efrom\u003c/code\u003e option (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/19980\"\u003e#19980\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commit/3a890c35727fe0630c59b72dbec799d02e3c4800\"\u003e\u003ccode\u003e3a890c3\u003c/code\u003e\u003c/a\u003e Bump dependencies (\u003ca href=\"https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss/issues/19957\"\u003e#19957\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/tailwindlabs/tailwindcss/commits/v4.3.1/packages/@tailwindcss-postcss\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/react` from 19.2.14 to 19.2.17\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@vitejs/plugin-react` from 6.0.1 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite-plugin-react/releases\"\u003e@​vitejs/plugin-react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eplugin-react@6.0.2\u003c/h2\u003e\n\u003ch3\u003eAllow all options in reactCompilerPreset (\u003ca href=\"https://redirect.github.com/vitejs/vite-plugin-react/pull/1189\"\u003e#1189\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003eThis is a type only change. Only \u003ccode\u003ecompilationMode\u003c/code\u003e and \u003ccode\u003etarget\u003c/code\u003e options were available for \u003ccode\u003ereactCompilerPreset\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md\"\u003e@​vitejs/plugin-react's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.0.2 (2026-05-14)\u003c/h2\u003e\n\u003ch3\u003eAllow all options in reactCompilerPreset (\u003ca href=\"https://redirect.github.com/vitejs/vite-plugin-react/pull/1189\"\u003e#1189\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003eThis is a type only change. Only \u003ccode\u003ecompilationMode\u003c/code\u003e and \u003ccode\u003etarget\u003c/code\u003e options were available for \u003ccode\u003ereactCompilerPreset\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/6535b55e956b425e6650ffc2cc98fd23cca1d231\"\u003e\u003ccode\u003e6535b55\u003c/code\u003e\u003c/a\u003e release: plugin-react@6.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/bf0e43b756e3be81f8572d59727c218311f431ef\"\u003e\u003ccode\u003ebf0e43b\u003c/code\u003e\u003c/a\u003e feat(react): whitelist debugging-options (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1189\"\u003e#1189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/3bd1f08ae0b82ee0e96feb2ff265e61c6fe74b54\"\u003e\u003ccode\u003e3bd1f08\u003c/code\u003e\u003c/a\u003e feat: use carets for rolldown versions (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1216\"\u003e#1216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/2b8df67323265d1ff5ddf47b2db9ab0b9de5c688\"\u003e\u003ccode\u003e2b8df67\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1218\"\u003e#1218\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/8fa9619e1b1f51b079f4c1df6bcf076dcafc5aed\"\u003e\u003ccode\u003e8fa9619\u003c/code\u003e\u003c/a\u003e fix(deps): update react 19.2.6 (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1211\"\u003e#1211\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/a4296ad2995a8d493528b8d5450a1209de2943cb\"\u003e\u003ccode\u003ea4296ad\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1209\"\u003e#1209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/323ccd72576be636b50baa7d9ce816cc94d5991e\"\u003e\u003ccode\u003e323ccd7\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1196\"\u003e#1196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/a7506e105df00cdadc58c0aecc4512d8cfdd9765\"\u003e\u003ccode\u003ea7506e1\u003c/code\u003e\u003c/a\u003e chore(deps): update vite 8.0.10 (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1198\"\u003e#1198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/02cff2a0cf5c7e9792b1612baa380228f5e4d3c1\"\u003e\u003ccode\u003e02cff2a\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1184\"\u003e#1184\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite-plugin-react/commit/4b9c890cdb21078ac45a86873b24f7e8613b8526\"\u003e\u003ccode\u003e4b9c890\u003c/code\u003e\u003c/a\u003e fix(deps): update react 19.2.5 (\u003ca href=\"https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1181\"\u003e#1181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite-plugin-react/commits/plugin-react@6.0.2/packages/plugin-react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@vitest/coverage-v8` from 4.1.5 to 4.1.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003e@​vitest/coverage-v8's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.8\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eDisable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v4]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10450\"\u003evitest-dev/vitest#10450\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b1\"\u003e\u003c!-- raw HTML omitted --\u003e(e4067)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove orphaned Playwright route when same module is mocked via multiple ids [backport to v4]  -  by \u003ca href=\"https://github.com/toxik\"\u003e\u003ccode\u003e@​toxik\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Zelys-DFKH\"\u003e\u003ccode\u003e@​Zelys-DFKH\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10474\"\u003evitest-dev/vitest#10474\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/675b4343f\"\u003e\u003c!-- raw HTML omitted --\u003e(675b4)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.7...v4.1.8\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner\u003c/strong\u003e: Limit concurrency per task branch in addition to per leaf callbacks (backport)  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10384\"\u003evitest-dev/vitest#10384\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/4...\n\n_Description has been truncated_","html_url":"https://github.com/carlostoledo1891/aether-os/pull/38","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/carlostoledo1891%2Faether-os/issues/38","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/38/packages"}},{"old_version":"4.11.8","new_version":"6.15.0","update_type":"major","path":null,"pr_created_at":"2026-06-14T22:14:11.000Z","version_change":"4.11.8 → 6.15.0","issue":{"uuid":"4660814148","node_id":"PR_kwDOFVdqbM7mUZJj","number":1197,"state":"closed","title":"Bump the npm_and_yarn group across 1 directory with 9 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":7,"pull_request":true,"closed_at":"2026-06-14T22:18:44.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-14T22:14:11.000Z","updated_at":"2026-06-14T22:18:52.000Z","time_to_close":273,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":9,"packages":[{"name":"vue","old_version":"2.7.14","new_version":"3.0.0","repository_url":"https://github.com/vuejs/core"},{"name":"minimatch","old_version":"3.0.4","new_version":"3.1.5"},{"name":"ajv","old_version":"4.11.8","new_version":"6.15.0"},{"name":"cross-spawn","old_version":"5.1.0","new_version":"7.0.6"},{"name":"debug","old_version":"2.2.0","new_version":"4.4.3"},{"name":"fsevents","old_version":"1.2.4","new_version":"2.3.3"},{"name":"js-yaml","old_version":"3.12.0","new_version":"4.2.0"},{"name":"ms","old_version":"0.7.1","new_version":"2.1.3"},{"name":"semver","old_version":"4.3.6","new_version":"7.8.4"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /client directory: [vue](https://github.com/vuejs/core).\n\nUpdates `vue` from 2.7.14 to 3.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vuejs/core/blob/v3.0.0/CHANGELOG.md\"\u003evue's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/vuejs/vue-next/compare/v3.0.0-rc.13...v3.0.0\"\u003e3.0.0\u003c/a\u003e (2020-09-18)\u003c/h1\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/vuejs/vue-next/compare/v3.0.0-rc.12...v3.0.0-rc.13\"\u003e3.0.0-rc.13\u003c/a\u003e (2020-09-18)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ehmr:\u003c/strong\u003e make hmr working with class components (\u003ca href=\"https://redirect.github.com/vuejs/vue-next/issues/2144\"\u003e#2144\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue-next/commit/422f05e085036e23ea3632c2ce75d86181a087b8\"\u003e422f05e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ereactivity:\u003c/strong\u003e avoid length mutating array methods causing infinite updates (\u003ca href=\"https://redirect.github.com/vuejs/vue-next/issues/2138\"\u003e#2138\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue-next/commit/f316a332b055d3f448dc735365551d89041f1098\"\u003ef316a33\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue-next/issues/2137\"\u003e#2137\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esuspense:\u003c/strong\u003e should discard unmount effects of invalidated pending branch (\u003ca href=\"https://github.com/vuejs/vue-next/commit/5bfcad155b444b2f7ffaac171c1f61bc23909287\"\u003e5bfcad1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e component instance inference without props (\u003ca href=\"https://redirect.github.com/vuejs/vue-next/issues/2145\"\u003e#2145\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue-next/commit/57bdaa2220afefbde21118659c1ce2377d6b86d6\"\u003e57bdaa2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCode Refactoring\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ewatch APIs default to trigger pre-flush (\u003ca href=\"https://github.com/vuejs/vue-next/commit/49bb44756fda0a7019c69f2fa6b880d9e41125aa\"\u003e49bb447\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com//redirect.github.com/vuejs/vue-next/issues/1706/issues/issuecomment-666258948\"\u003evuejs/vue-next#1706\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eruntime-core:\u003c/strong\u003e support using inject() inside props default functions (\u003ca href=\"https://github.com/vuejs/vue-next/commit/58c31e36992d2647e5247de4904246fb2d6112ed\"\u003e58c31e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewatch:\u003c/strong\u003e support dot-delimited path in watch option (\u003ca href=\"https://github.com/vuejs/vue-next/commit/1c9a0b3e195d144ac90d22d2cc2cef6a3fd8276d\"\u003e1c9a0b3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ewatch APIs now default to use \u003ccode\u003eflush: 'pre'\u003c/code\u003e instead of\n\u003ccode\u003eflush: 'post'\u003c/code\u003e. This change affects \u003ccode\u003ewatch\u003c/code\u003e, \u003ccode\u003ewatchEffect\u003c/code\u003e, the \u003ccode\u003ewatch\u003c/code\u003e component option, and \u003ccode\u003ethis.$watch\u003c/code\u003e. See (\u003ca href=\"https://github.com/vuejs/vue-next/commit/49bb44756fda0a7019c69f2fa6b880d9e41125aa\"\u003e49bb447\u003c/a\u003e) for more details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/vuejs/vue-next/compare/v3.0.0-rc.11...v3.0.0-rc.12\"\u003e3.0.0-rc.12\u003c/a\u003e (2020-09-16)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ereactivity:\u003c/strong\u003e effect should only recursively self trigger with explicit options (\u003ca href=\"https://github.com/vuejs/vue-next/commit/3810de7d6bd0044177f043285228c2e988093883\"\u003e3810de7\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue-next/issues/2125\"\u003e#2125\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eruntime-core:\u003c/strong\u003e ensure root stable fragments inherit elements for moving (\u003ca href=\"https://github.com/vuejs/vue-next/commit/bebd44f793ccd13bfdf90c7e45eac320a340650c\"\u003ebebd44f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue-next/issues/2134\"\u003e#2134\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eruntime-core:\u003c/strong\u003e should still do full traverse of stable fragment children in dev + hmr (\u003ca href=\"https://github.com/vuejs/vue-next/commit/dd40ad8fca47af0e1f0a963be2f48c23f7457952\"\u003edd40ad8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eruntime-core/async-component:\u003c/strong\u003e fix error component when there are no error handlers (\u003ca href=\"https://github.com/vuejs/vue-next/commit/c7b4a379cf8627c79a01d61039d3e3b283477dc1\"\u003ec7b4a37\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue-next/issues/2129\"\u003e#2129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes/tsx:\u003c/strong\u003e optional props from Mixin/Extends are treated as required (\u003ca href=\"https://redirect.github.com/vuejs/vue-next/issues/2048\"\u003e#2048\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue-next/commit/89e9ab8a2a387f26a370848db0b1ffb1d0ab9549\"\u003e89e9ab8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecompiler-sfc:\u003c/strong\u003e \u003ccode\u003eadditionalData\u003c/code\u003e support for css preprocessors (\u003ca href=\"https://redirect.github.com/vuejs/vue-next/issues/2126\"\u003e#2126\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue-next/commit/066d514d757fb7e8844104210d7d04cc11598fef\"\u003e066d514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/vuejs/vue-next/compare/v3.0.0-rc.10...v3.0.0-rc.11\"\u003e3.0.0-rc.11\u003c/a\u003e (2020-09-15)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vuejs/core/commits/v3.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.0.4 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 4.11.8 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ajv-validator/ajv/releases\"\u003eajv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.12.6\u003c/h2\u003e\n\u003cp\u003eFix performance issue of \u0026quot;url\u0026quot; format.\u003c/p\u003e\n\u003ch2\u003ev6.12.5\u003c/h2\u003e\n\u003cp\u003eFix uri scheme validation (\u003ca href=\"https://github.com/ChALkeR\"\u003e\u003ccode\u003e@​ChALkeR\u003c/code\u003e\u003c/a\u003e).\nFix boolean schemas with strictKeywords option (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1270\"\u003e#1270\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003ev6.12.4\u003c/h2\u003e\n\u003cp\u003eFix: coercion of one-item arrays to scalar that should fail validation (\u003ca href=\"https://runkit.com/esp/5f3672ba2f6642001ae27411\"\u003efailing example\u003c/a\u003e).\u003c/p\u003e\n\u003ch2\u003ev6.12.3\u003c/h2\u003e\n\u003cp\u003ePass schema object to processCode function\nOption for strictNumbers (\u003ca href=\"https://github.com/issacgerges\"\u003e\u003ccode\u003e@​issacgerges\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1128\"\u003e#1128\u003c/a\u003e)\nFixed vulnerability related to untrusted schemas (\u003ca href=\"https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2020-15366\"\u003eCVE-2020-15366\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003ev6.12.2\u003c/h2\u003e\n\u003cp\u003eRemoved post-install script\u003c/p\u003e\n\u003ch2\u003ev6.12.1\u003c/h2\u003e\n\u003cp\u003eDocs and dependency updates\u003c/p\u003e\n\u003ch2\u003ev6.12.0\u003c/h2\u003e\n\u003cp\u003eImproved hostname validation (\u003ca href=\"https://github.com/sambauers\"\u003e\u003ccode\u003e@​sambauers\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1143\"\u003e#1143\u003c/a\u003e)\nOption \u003ccode\u003ekeywords\u003c/code\u003e to add custom keywords (\u003ca href=\"https://github.com/franciscomorais\"\u003e\u003ccode\u003e@​franciscomorais\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1137\"\u003e#1137\u003c/a\u003e)\nTypes fixes (\u003ca href=\"https://github.com/boenrobot\"\u003e\u003ccode\u003e@​boenrobot\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/MattiAstedrone\"\u003e\u003ccode\u003e@​MattiAstedrone\u003c/code\u003e\u003c/a\u003e)\nDocs:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/epoberezkin/ajv#error-logging\"\u003eerror logging\u003c/a\u003e example (\u003ca href=\"https://github.com/RadiationSickness\"\u003e\u003ccode\u003e@​RadiationSickness\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTypeScript usage notes (\u003ca href=\"https://github.com/thetric\"\u003e\u003ccode\u003e@​thetric\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.11.0\u003c/h2\u003e\n\u003cp\u003eTime formats support two digit and colon-less variants of timezone offset (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1061\"\u003e#1061\u003c/a\u003e , \u003ca href=\"https://github.com/cjpillsbury\"\u003e\u003ccode\u003e@​cjpillsbury\u003c/code\u003e\u003c/a\u003e)\nDocs: RegExp related security considerations\nTests: Disabled failing typescript test\u003c/p\u003e\n\u003ch2\u003ev6.10.2\u003c/h2\u003e\n\u003cp\u003eFix: the unknown keywords were ignored with the option \u003ccode\u003estrictKeywords: true\u003c/code\u003e (instead of failing compilation) in some sub-schemas (e.g. anyOf), when the sub-schema didn't have known keywords.\u003c/p\u003e\n\u003ch2\u003ev6.10.1\u003c/h2\u003e\n\u003cp\u003eFix types\nFix addSchema (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1001\"\u003e#1001\u003c/a\u003e)\nUpdate dependencies\u003c/p\u003e\n\u003ch2\u003ev6.10.0\u003c/h2\u003e\n\u003cp\u003eOption \u003ccode\u003estrictDefaults\u003c/code\u003e to report ignored defaults (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/957\"\u003e#957\u003c/a\u003e, \u003ca href=\"https://github.com/not-an-aardvark\"\u003e\u003ccode\u003e@​not-an-aardvark\u003c/code\u003e\u003c/a\u003e)\nOption \u003ccode\u003estrictKeywords\u003c/code\u003e to report unknown keywords (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/781\"\u003e#781\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003ev6.9.0\u003c/h2\u003e\n\u003cp\u003eOpenAPI keyword \u003ccode\u003enullable\u003c/code\u003e can be any boolean (and not only \u003ccode\u003etrue\u003c/code\u003e).\nCustom keyword definition changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003edependencies\u003c/code\u003e option in  to require the presence of keywords in the same schema.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fe591439f34e24030f69df9eb8d91e6d037a3af7\"\u003e\u003ccode\u003efe59143\u003c/code\u003e\u003c/a\u003e 6.12.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/4.11.8...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 5.1.0 to 7.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.5...v7.0.6\"\u003e7.0.6\u003c/a\u003e (2024-11-18)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate cross-spawn version to 7.0.5 in package-lock.json (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003ef700743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.4...v7.0.5\"\u003e7.0.5\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix escaping bug introduced by backtracking (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e640d391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.4\"\u003e7.0.4\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e5ff3a07\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.2...v7.0.3\"\u003e7.0.3\u003c/a\u003e (2020-05-25)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edetect path key based on correct environment (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/133\"\u003e#133\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/159e7e9785e57451cba034ae51719f97135074ae\"\u003e159e7e9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.1...v7.0.2\"\u003e7.0.2\u003c/a\u003e (2020-04-04)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix worker threads in Node \u0026gt;=11.10.0 (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/132\"\u003e#132\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/6c5b4f015814a6c4f6b33230dfd1a860aedc0aaf\"\u003e6c5b4f0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.0...v7.0.1\"\u003e7.0.1\u003c/a\u003e (2019-10-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e support worker threads (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/127\"\u003e#127\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/cfd49c9\"\u003ecfd49c9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v6.0.5...v7.0.0\"\u003e7.0.0\u003c/a\u003e (2019-09-03)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003edrop support for Node.js \u0026lt; 8\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003edrop support for versions below Node.js 8 (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/125\"\u003e#125\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/16feb53\"\u003e16feb53\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/77cd97f3ca7b62c904a63a698fc4a79bf41977d0\"\u003e\u003ccode\u003e77cd97f\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/6717de49ff1e5de49622488dcb9c33fb25370c85\"\u003e\u003ccode\u003e6717de4\u003c/code\u003e\u003c/a\u003e chore: upgrade standard-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003e\u003ccode\u003ef700743\u003c/code\u003e\u003c/a\u003e fix: update cross-spawn version to 7.0.5 in package-lock.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9a7e3b2165917367f74b8365faad9873b30d7263\"\u003e\u003ccode\u003e9a7e3b2\u003c/code\u003e\u003c/a\u003e chore: fix build status badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/085268352dcbcad8064c64c5efb25268b4023184\"\u003e\u003ccode\u003e0852683\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e\u003ccode\u003e640d391\u003c/code\u003e\u003c/a\u003e fix: fix escaping bug introduced by backtracking\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/bff0c87c8b627c4e6d04ec2449e733048bebb464\"\u003e\u003ccode\u003ebff0c87\u003c/code\u003e\u003c/a\u003e chore: remove codecov\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/a7c6abc6fee79641d45b452fe6217deaa1bd0973\"\u003e\u003ccode\u003ea7c6abc\u003c/code\u003e\u003c/a\u003e chore: replace travis with github workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9b9246e0969e86656d7ccd527716bc3c18842a19\"\u003e\u003ccode\u003e9b9246e\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e\u003ccode\u003e5ff3a07\u003c/code\u003e\u003c/a\u003e fix: disable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/5.1.0...v7.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `debug` from 2.2.0 to 4.4.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/debug-js/debug/releases\"\u003edebug's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.4.3\u003c/h2\u003e\n\u003cp\u003eFunctionally identical release to \u003ccode\u003e4.4.1\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eVersion \u003ccode\u003e4.4.2\u003c/code\u003e is \u003cstrong\u003ecompromised\u003c/strong\u003e. Please see \u003ca href=\"https://redirect.github.com/debug-js/debug/issues/1005\"\u003edebug-js/debug#1005\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e4.4.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(Issue-996): replace whitespaces in namespaces string with commas globally by \u003ca href=\"https://github.com/pdahal-cx\"\u003e\u003ccode\u003e@​pdahal-cx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/debug-js/debug/pull/997\"\u003edebug-js/debug#997\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efixes \u003ca href=\"https://redirect.github.com/debug-js/debug/issues/987\"\u003e#987\u003c/a\u003e fallback to localStorage.DEBUG if debug is not defined by \u003ca href=\"https://github.com/lzilioli\"\u003e\u003ccode\u003e@​lzilioli\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/debug-js/debug/pull/988\"\u003edebug-js/debug#988\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pdahal-cx\"\u003e\u003ccode\u003e@​pdahal-cx\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/debug-js/debug/pull/997\"\u003edebug-js/debug#997\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lzilioli\"\u003e\u003ccode\u003e@​lzilioli\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/debug-js/debug/pull/988\"\u003edebug-js/debug#988\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/debug-js/debug/compare/4.4.0...4.4.1\"\u003ehttps://github.com/debug-js/debug/compare/4.4.0...4.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.4.0\u003c/h2\u003e\n\u003cp\u003eFixes (hopefully) the inefficient regex warnings in \u003ccode\u003e.enable()\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eMinor version as this is invariably going to break certain users who misuse the \u003ccode\u003e.enable()\u003c/code\u003e API and expected it to work with regexes, which was never supported nor documented. That's on you, sorry - that functionality won't be added back.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/debug-js/debug/compare/4.3.7...4.4.0\"\u003ehttps://github.com/debug-js/debug/compare/4.3.7...4.4.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade ms to version 2.1.3 by \u003ca href=\"https://github.com/realityking\"\u003e\u003ccode\u003e@​realityking\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/debug-js/debug/pull/819\"\u003edebug-js/debug#819\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/debug-js/debug/compare/4.3.6...4.3.7\"\u003ehttps://github.com/debug-js/debug/compare/4.3.6...4.3.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.3.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid using deprecated RegExp.$1 by \u003ca href=\"https://github.com/bluwy\"\u003e\u003ccode\u003e@​bluwy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/debug-js/debug/pull/969\"\u003edebug-js/debug#969\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bluwy\"\u003e\u003ccode\u003e@​bluwy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/debug-js/debug/pull/969\"\u003edebug-js/debug#969\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/debug-js/debug/compare/4.3.5...4.3.6\"\u003ehttps://github.com/debug-js/debug/compare/4.3.5...4.3.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.3.5\u003c/h2\u003e\n\u003ch1\u003ePatch\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003ecac39b1c5b018b0fe93a53a05f084eee543d17f5 Fix/debug depth (\u003ca href=\"https://redirect.github.com/debug-js/debug/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you \u003ca href=\"https://github.com/calvintwr\"\u003e\u003ccode\u003e@​calvintwr\u003c/code\u003e\u003c/a\u003e for the fix.\u003c/p\u003e\n\u003ch2\u003e4.3.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd section about configuring JS console to show debug messages by \u003ca href=\"https://github.com/gitname\"\u003e\u003ccode\u003e@​gitname\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/debug-js/debug/pull/866\"\u003edebug-js/debug#866\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace deprecated String.prototype.substr() by \u003ca href=\"https://github.com/CommanderRoot\"\u003e\u003ccode\u003e@​CommanderRoot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/debug-js/debug/pull/876\"\u003edebug-js/debug#876\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/6b2c5fbdb7d414483d9e306ef234acb4cd7ea67c\"\u003e\u003ccode\u003e6b2c5fb\u003c/code\u003e\u003c/a\u003e 4.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/33330fa8616b9b33f29f7674747be77266878ba6\"\u003e\u003ccode\u003e33330fa\u003c/code\u003e\u003c/a\u003e 4.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/98df33ed9d5215c1d801b74e6ab00969759a6839\"\u003e\u003ccode\u003e98df33e\u003c/code\u003e\u003c/a\u003e remove istanbul\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/bf2f574c3e588ce4b660bf4e392e7a5e788640c0\"\u003e\u003ccode\u003ebf2f574\u003c/code\u003e\u003c/a\u003e fixes \u003ca href=\"https://redirect.github.com/debug-js/debug/issues/987\"\u003e#987\u003c/a\u003e fallback to localStorage.DEBUG if debug is not defined (\u003ca href=\"https://redirect.github.com/debug-js/debug/issues/988\"\u003e#988\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/a0497bd46dacb701437f62cfc065dc72bf0952c7\"\u003e\u003ccode\u003ea0497bd\u003c/code\u003e\u003c/a\u003e Replace whitespaces in namespaces string with commas globally instead of just...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/7e3814cc603bf64fdd69e714e0cf5611ec31f43b\"\u003e\u003ccode\u003e7e3814c\u003c/code\u003e\u003c/a\u003e 4.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/d2d6bf0bab3a0eeeb3a9ce7113cb0a31d8da678f\"\u003e\u003ccode\u003ed2d6bf0\u003c/code\u003e\u003c/a\u003e fix inefficient .enable() regex and .enabled() test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/bc60914816e5e45a5fff1cd638410438fc317521\"\u003e\u003ccode\u003ebc60914\u003c/code\u003e\u003c/a\u003e 4.3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/c63e96e6495cdb8e15d2affa8dad105c48a21c92\"\u003e\u003ccode\u003ec63e96e\u003c/code\u003e\u003c/a\u003e Upgrade ms to version 2.1.3 (\u003ca href=\"https://redirect.github.com/debug-js/debug/issues/819\"\u003e#819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/debug-js/debug/commit/382864a45a782a84b29e457211c27704df77a75f\"\u003e\u003ccode\u003e382864a\u003c/code\u003e\u003c/a\u003e remove archaic badges from readme\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/debug-js/debug/compare/2.2.0...4.4.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~qix\"\u003eqix\u003c/a\u003e, a new releaser for debug since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fsevents` from 1.2.4 to 2.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fsevents/fsevents/releases\"\u003efsevents's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease v2.3.3\u003c/h2\u003e\n\u003cp\u003eReleased to npm as v2.3.3\u003c/p\u003e\n\u003ch2\u003eRelease v2.3.2\u003c/h2\u003e\n\u003cp\u003eReleased to npm as v2.3.2\u003c/p\u003e\n\u003ch2\u003eRelease v2.3.1\u003c/h2\u003e\n\u003cp\u003eReleased to npm as v2.3.1\u003c/p\u003e\n\u003cp\u003eRelease contains universal binary for x86 \u0026amp; amd64 (m1) chips\u003c/p\u003e\n\u003ch2\u003eRelease v2.2.2\u003c/h2\u003e\n\u003cp\u003eReleased to npm as v2.2.2\u003c/p\u003e\n\u003cp\u003eUniversal Binary Support x86-64 \u0026amp; amd64(m1)\u003c/p\u003e\n\u003ch2\u003eRelease v2.2.0\u003c/h2\u003e\n\u003cp\u003eElectron Enabled (no static functions/variables)\u003c/p\u003e\n\u003ch2\u003eRelease v1.2.3\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eRelease v2.1.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003e2.1.0\u003c/h2\u003e\n\u003cp\u003eLatest stable release\u003c/p\u003e\n\u003ch2\u003eRelease NAPI v2.0.6\u003c/h2\u003e\n\u003cp\u003eInclude essential files only.\u003c/p\u003e\n\u003ch2\u003eRelease NAPI v2.0.5\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eRelease NAPI v2.0.4\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eRelease NAPI v2.0.3\u003c/h2\u003e\n\u003cp\u003eMoved NAPI version out of experimental.\u003c/p\u003e\n\u003ch2\u003eNAPI release\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003edeprecated\u003c/h2\u003e\n\u003cp\u003eFixing the API for chokidar since it was calling FSEvents as a constructor\u003c/p\u003e\n\u003ch2\u003edeprecated\u003c/h2\u003e\n\u003cp\u003eWe have upgraded to N-API. For that reason we have also dropped support for node \u0026lt; 6.\u003c/p\u003e\n\u003cp\u003eFor that reason, we have made this a major version bump so dependents have to opt in. The actual API remains entirely the same, so if you are depending on \u003cem\u003efsevents\u003c/em\u003e, it should be as simple as changing the version number in your \u003ccode\u003epackage.json\u003c/code\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fsevents/fsevents/commit/2db891e51aa0f2975c5eaaf6aa30f13d720a830a\"\u003e\u003ccode\u003e2db891e\u003c/code\u003e\u003c/a\u003e Release v2.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fsevents/fsevents/commit/8ec87bf026f476d7f8c1c84ec2400bc4a9834378\"\u003e\u003ccode\u003e8ec87bf\u003c/code\u003e\u003c/a\u003e Update nodejs.yml (\u003ca href=\"https://redirect.github.com/fsevents/fsevents/issues/392\"\u003e#392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fsevents/fsevents/commit/c20c3af6adfa98d8160a569be4b02180ab3af9aa\"\u003e\u003ccode\u003ec20c3af\u003c/code\u003e\u003c/a\u003e readme\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fsevents/fsevents/commit/63709df0fd91549050e2e3f38b1695f49f6387a8\"\u003e\u003ccode\u003e63709df\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/fsevents/fsevents/issues/384\"\u003e#384\u003c/a\u003e from aleksanb/subdirs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fsevents/fsevents/commit/a77340f4f96a6e02cd5bfabaaebd4e10535ee533\"\u003e\u003ccode\u003ea77340f\u003c/code\u003e\u003c/a\u003e Handle MustScanSubDirs for large projects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fsevents/fsevents/commit/66be5194c536a4a394a963ab5034696f9059fbab\"\u003e\u003ccode\u003e66be519\u003c/code\u003e\u003c/a\u003e Update README.md (\u003ca href=\"https://redirect.github.com/fsevents/fsevents/issues/371\"\u003e#371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fsevents/fsevents/commit/2f2a85852feb4dd20c74ba6e36529e712807f543\"\u003e\u003ccode\u003e2f2a858\u003c/code\u003e\u003c/a\u003e Update README.md (\u003ca href=\"https://redirect.github.com/fsevents/fsevents/issues/364\"\u003e#364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fsevents/fsevents/commit/a7f5d00939b74e141a73131468c4ce48ee0f2197\"\u003e\u003ccode\u003ea7f5d00\u003c/code\u003e\u003c/a\u003e Release v2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fsevents/fsevents/commit/fab136ace9f7f7a7a7856c2d684956aeac938856\"\u003e\u003ccode\u003efab136a\u003c/code\u003e\u003c/a\u003e fix: issue \u003ca href=\"https://redirect.github.com/fsevents/fsevents/issues/355\"\u003e#355\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/fsevents/fsevents/issues/356\"\u003e#356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fsevents/fsevents/commit/328ae396700969fd8345f13cc4fb88c495517cd9\"\u003e\u003ccode\u003e328ae39\u003c/code\u003e\u003c/a\u003e Release v2.3.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fsevents/fsevents/compare/v1.2.4...v2.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003einstall\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.12.0 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.2.0] - 2026-06-01\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003edocs/safety.md\u003c/code\u003e with notes about processing untrusted YAML.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003emaxDepth\u003c/code\u003e (100) loader option. Not a problem, but gives a better\nexception instead of RangeError on stack overflow.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003emaxMergeSeqLength\u003c/code\u003e (20) loader option. Not a problem after \u003ccode\u003emerge\u003c/code\u003e fix,\nbut an additional restriction for safety.\u003c/li\u003e\n\u003cli\u003eAdded sourcemaps to \u003ccode\u003edist/\u003c/code\u003e builds.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStop resolving numbers with underscores as numeric scalars, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/627\"\u003e#627\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eSwitched dev toolchains to Vite / neostandard.\u003c/li\u003e\n\u003cli\u003eUpdated demo.\u003c/li\u003e\n\u003cli\u003eReorganized tests.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edist/\u003c/code\u003e files are no longer kept in the repository.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix parsing of properties on the first implicit block mapping key, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/62\"\u003e#62\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix trailing whitespace handling when folding flow scalar lines, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/307\"\u003e#307\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eReject top-level block scalars without content indentation, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/280\"\u003e#280\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eEnsure numbers survive round-trip, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/737\"\u003e#737\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix test coverage for issue \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/221\"\u003e#221\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix flow scalar trailing whitespace folding, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/307\"\u003e#307\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eFix digits in YAML named tag handles.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix potential DoS via quadratic complexity in merge - deduplicate repeated\nelements (makes sense for malformed files \u0026gt; 10K).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ms` from 0.7.1 to 2.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ms/releases\"\u003ems's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.1.3\u003c/h2\u003e\n\u003ch3\u003ePatches\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRename zeit to vercel: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/151\"\u003e#151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump eslint from 4.12.1 to 4.18.2: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/122\"\u003e#122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd prettier as a dev dependency: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/135\"\u003e#135\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vercel/ms/issues/153\"\u003e#153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse GitHub Actions CI: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/154\"\u003e#154\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/getsnoopy\"\u003e\u003ccode\u003e@​getsnoopy\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003e2.1.2\u003c/h2\u003e\n\u003ch3\u003ePatches\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed negative decimals less than -10 don\u0026amp;\u003ca href=\"https://redirect.github.com/vercel/ms/issues/39\"\u003e#39\u003c/a\u003e;t work: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/111\"\u003e#111\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport error in case of Infinity: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/116\"\u003e#116\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate regexp for \u003ccode\u003e10-.5\u003c/code\u003e is invalid input: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/117\"\u003e#117\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate chat badge: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/119\"\u003e#119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/yuler\"\u003e\u003ccode\u003e@​yuler\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/7ma7X\"\u003e\u003ccode\u003e@​7ma7X\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003e2.1.1\u003c/h2\u003e\n\u003ch3\u003ePatches\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd full support for negative numbers: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/104\"\u003e#104\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/thevtm\"\u003e\u003ccode\u003e@​thevtm\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003e2.1.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u0026quot;week\u0026quot; / \u0026quot;w\u0026quot; support: a2caead13ac7f9931338a1a51ab4e36ddb505e00\u003c/li\u003e\n\u003cli\u003eFixed match regex to support negative numbers: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/96\"\u003e#96\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatches\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApplied a few text improvements: 15dc8c5b5a9e8372555400485a749ec04cc02444\u003c/li\u003e\n\u003cli\u003eFixed spelling of “millisecond” in description: \u003ca href=\"https://redirect.github.com/vercel/ms/issues/95\"\u003e#95\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLockfile added: 2425ebdefcdd1c2b726c06f6a65c4f2dea58dee7\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/yoavmmn\"\u003e\u003ccode\u003e@​yoavmmn\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/binki\"\u003e\u003ccode\u003e@​binki\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003e2.0.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ms/commit/1c6264b795492e8fdecbc82cb8802fcfbfc08d26\"\u003e\u003ccode\u003e1c6264b\u003c/code\u003e\u003c/a\u003e 2.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ms/commit/82495ad75797223f11bd0c30427b3b5e94847e64\"\u003e\u003ccode\u003e82495ad\u003c/code\u003e\u003c/a\u003e Use GitHub Actions CI (\u003ca href=\"https://redirect.github.com/vercel/ms/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ms/commit/1a13a88f8c74604a96be3f4930fefe9765ea3613\"\u003e\u003ccode\u003e1a13a88\u003c/code\u003e\u003c/a\u003e Run prettier 2.x (\u003ca href=\"https://redirect.github.com/vercel/ms/issues/153\"\u003e#153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ms/commit/1048042000b85eb406ce0f261a39cadfc8e072a5\"\u003e\u003ccode\u003e1048042\u003c/code\u003e\u003c/a\u003e Add prettier as a dev dependency (\u003ca href=\"https://redirect.github.com/vercel/ms/issues/135\"\u003e#135\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ms/commit/f2bfb40e7a245fcfa14d787c3c9e5cc3e5884332\"\u003e\u003ccode\u003ef2bfb40\u003c/code\u003e\u003c/a\u003e Rename zeit to vercel (\u003ca href=\"https://redirect.github.com/vercel/ms/issues/151\"\u003e#151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ms/commit/adf1eb282d29fe3c405d205a3854177b86a97c1f\"\u003e\u003ccode\u003eadf1eb2\u003c/code\u003e\u003c/a\u003e Bump eslint from 4.12.1 to 4.18.2 (\u003ca href=\"https://redirect.github.com/vercel/ms/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ms/commit/7920885eb232fbe7a5efdab956d3e7c507c92ddf\"\u003e\u003ccode\u003e7920885\u003c/code\u003e\u003c/a\u003e 2.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ms/commit/199ff786421c00d0ffbb2f2ef9da52805d17fa57\"\u003e\u003ccode\u003e199ff78\u003c/code\u003e\u003c/a\u003e Update chat badge (\u003ca href=\"https://redirect.github.com/vercel/ms/issues/119\"\u003e#119\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ms/commit/d1add60365fe2340b750b1f7a254b83bea34e52d\"\u003e\u003ccode\u003ed1add60\u003c/code\u003e\u003c/a\u003e Update regexp for \u003ccode\u003e10-.5\u003c/code\u003e is invalid input (\u003ca href=\"https://redirect.github.com/vercel/ms/issues/117\"\u003e#117\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ms/commit/d95e17fd75a93708c8a3daf5bb07bf649cd5931c\"\u003e\u003ccode\u003ed95e17f\u003c/code\u003e\u003c/a\u003e Support error in case of Infinity (\u003ca href=\"https://redirect.github.com/vercel/ms/issues/116\"\u003e#116\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ms/compare/0.7.1...2.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~styfle\"\u003estyfle\u003c/a\u003e, a new releaser for ms since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `semver` from 4.3.6 to 7.8.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/releases\"\u003esemver's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.8.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.8.3...v7.8.4\"\u003e7.8.4\u003c/a\u003e (2026-06-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e583226b165edd6530502cf731eda334527af6fe\"\u003e\u003ccode\u003ee583226\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/874\"\u003e#874\u003c/a\u003e reject numeric segments after x-ranges (\u003ca href=\"https://github.com/pupuking723\"\u003e\u003ccode\u003e@​pupuking723\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.8.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.8.2...v7.8.3\"\u003e7.8.3\u003c/a\u003e (2026-06-08)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/046da7f527cc72a482b5dea8cb59392be65bf186\"\u003e\u003ccode\u003e046da7f\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/872\"\u003e#872\u003c/a\u003e align caret includePrerelease lower bounds (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/872\"\u003e#872\u003c/a\u003e) (\u003ca href=\"https://github.com/wayyoungboy\"\u003e\u003ccode\u003e@​wayyoungboy\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3485ddadb2ca0d0691392ee5ce620072e1b1e040\"\u003e\u003ccode\u003e3485dda\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/866\"\u003e#866\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 6.0.1 to 7.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/866\"\u003e#866\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.8.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.8.1...v7.8.2\"\u003e7.8.2\u003c/a\u003e (2026-06-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/bea6028694a75e840f48b288ac019e9644cfe6e8\"\u003e\u003ccode\u003ebea6028\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/870\"\u003e#870\u003c/a\u003e increment dotted prerelease identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/870\"\u003e#870\u003c/a\u003e) (\u003ca href=\"https://github.com/liuzemei\"\u003e\u003ccode\u003e@​liuzemei\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/SheldonNeo\"\u003e\u003ccode\u003e@​SheldonNeo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.8.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.8.0...v7.8.1\"\u003e7.8.1\u003c/a\u003e (2026-05-21)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/17aa702d91166472b197a2ea768f085083bee2e4\"\u003e\u003ccode\u003e17aa702\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/869\"\u003e#869\u003c/a\u003e strip build metadata before comparator trimming (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/869\"\u003e#869\u003c/a\u003e) (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5f3ca133e040210b6ea80c350a1d61d9da02e722\"\u003e\u003ccode\u003e5f3ca13\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/867\"\u003e#867\u003c/a\u003e handle prerelease bounds in subset (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/867\"\u003e#867\u003c/a\u003e) (\u003ca href=\"https://github.com/puneetdixit200\"\u003e\u003ccode\u003e@​puneetdixit200\u003c/code\u003e\u003c/a\u003e, Puneet Dixit)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.8.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.4...v7.8.0\"\u003e7.8.0\u003c/a\u003e (2026-05-08)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/855\"\u003e#855\u003c/a\u003e Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e) (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/859\"\u003e#859\u003c/a\u003e Warn when defaulting to --inc=patch in CLI (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/853\"\u003e#853\u003c/a\u003e fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e) (\u003ca href=\"https://github.com/ankitkumar572005\"\u003e\u003ccode\u003e@​ankitkumar572005\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/846\"\u003e#846\u003c/a\u003e fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e) (\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e template-oss-apply (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e \u003ccode\u003etemplate-oss-apply@5.0.0\u003c/code\u003e (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/852\"\u003e#852\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.7.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/npm/node-semver/blob/main/CHANGELOG.md\"\u003esemver's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.8.3...v7.8.4\"\u003e7.8.4\u003c/a\u003e (2026-06-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e583226b165edd6530502cf731eda334527af6fe\"\u003e\u003ccode\u003ee583226\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/874\"\u003e#874\u003c/a\u003e reject numeric segments after x-ranges (\u003ca href=\"https://github.com/pupuking723\"\u003e\u003ccode\u003e@​pupuking723\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.8.2...v7.8.3\"\u003e7.8.3\u003c/a\u003e (2026-06-08)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/046da7f527cc72a482b5dea8cb59392be65bf186\"\u003e\u003ccode\u003e046da7f\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/872\"\u003e#872\u003c/a\u003e align caret includePrerelease lower bounds (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/872\"\u003e#872\u003c/a\u003e) (\u003ca href=\"https://github.com/wayyoungboy\"\u003e\u003ccode\u003e@​wayyoungboy\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3485ddadb2ca0d0691392ee5ce620072e1b1e040\"\u003e\u003ccode\u003e3485dda\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/866\"\u003e#866\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 6.0.1 to 7.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/866\"\u003e#866\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.8.1...v7.8.2\"\u003e7.8.2\u003c/a\u003e (2026-06-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/bea6028694a75e840f48b288ac019e9644cfe6e8\"\u003e\u003ccode\u003ebea6028\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/870\"\u003e#870\u003c/a\u003e increment dotted prerelease identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/870\"\u003e#870\u003c/a\u003e) (\u003ca href=\"https://github.com/liuzemei\"\u003e\u003ccode\u003e@​liuzemei\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/SheldonNeo\"\u003e\u003ccode\u003e@​SheldonNeo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.8.0...v7.8.1\"\u003e7.8.1\u003c/a\u003e (2026-05-21)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/17aa702d91166472b197a2ea768f085083bee2e4\"\u003e\u003ccode\u003e17aa702\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/869\"\u003e#869\u003c/a\u003e strip build metadata before comparator trimming (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/869\"\u003e#869\u003c/a\u003e) (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5f3ca133e040210b6ea80c350a1d61d9da02e722\"\u003e\u003ccode\u003e5f3ca13\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/867\"\u003e#867\u003c/a\u003e handle prerelease bounds in subset (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/867\"\u003e#867\u003c/a\u003e) (\u003ca href=\"https://github.com/puneetdixit200\"\u003e\u003ccode\u003e@​puneetdixit200\u003c/code\u003e\u003c/a\u003e, Puneet Dixit)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.4...v7.8.0\"\u003e7.8.0\u003c/a\u003e (2026-05-08)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/0d0a0a2582fb1486bc6cd255ba18819c441ed149\"\u003e\u003ccode\u003e0d0a0a2\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/855\"\u003e#855\u003c/a\u003e Add \u003ccode\u003etruncate\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/855\"\u003e#855\u003c/a\u003e) (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3905343045dc293c3694d5e46170b1bb1fb5cf58\"\u003e\u003ccode\u003e3905343\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/859\"\u003e#859\u003c/a\u003e Warn when defaulting to --inc=patch in CLI (\u003ca href=\"https://github.com/pjohnmeyer\"\u003e\u003ccode\u003e@​pjohnmeyer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/c368af612e521767e960419e6388c5129c857984\"\u003e\u003ccode\u003ec368af6\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/853\"\u003e#853\u003c/a\u003e fix typos in documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/853\"\u003e#853\u003c/a\u003e) (\u003ca href=\"https://github.com/ankitkumar572005\"\u003e\u003ccode\u003e@​ankitkumar572005\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/37776c31e2f3448fd852c975888e37b03efe9afe\"\u003e\u003ccode\u003e37776c3\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/846\"\u003e#846\u003c/a\u003e fix BNF grammar to distinguish prerelease from build identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/846\"\u003e#846\u003c/a\u003e) (\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/claude\"\u003e\u003ccode\u003e@​claude\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/9542e09ebcd89e916777d35eba868061dad9ed7d\"\u003e\u003ccode\u003e9542e09\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e template-oss-apply (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/937bc2cd8721db14745c9be123078c44e77a86ef\"\u003e\u003ccode\u003e937bc2c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/860\"\u003e#860\u003c/a\u003e \u003ccode\u003etemplate-oss-apply@5.0.0\u003c/code\u003e (\u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6946fefa57bd5e191871a4738b28ca673e003527\"\u003e\u003ccode\u003e6946fef\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/852\"\u003e#852\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.29.0 to 4.30.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/852\"\u003e#852\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4\"\u003e7.7.4\u003c/a\u003e (2026-01-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/a29faa5f3309a01c8e5aeb965fb5c02c4c4e80e2\"\u003e\u003ccode\u003ea29faa5\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/835\"\u003e#835\u003c/a\u003e cli: pass options to semver.valid() for loose version validation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/835\"\u003e#835\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/1d28d5e82de16163daf721a7c76fff93e0d333ab\"\u003e\u003ccode\u003e1d28d5e\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/836\"\u003e#836\u003c/a\u003e fix typos and update -n CLI option documentation (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/mldangelo\"\u003e\u003ccode\u003e@​mldangelo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/120968b76760cb0db85a72bde2adedd0e9628793\"\u003e\u003ccode\u003e120968b\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/840\"\u003e#840\u003c/a\u003e \u003ccode\u003e@npmcli/template-oss@4.29.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/840\"\u003e#840\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/44d7130c60cedd3703048aa671bb1d659b79ab07\"\u003e\u003ccode\u003e44d7130\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/824\"\u003e#824\u003c/a\u003e bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 5.1.0 to 6.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/824\"\u003e#824\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/70735767b68a1775eb67ac816b183b4a422101f4\"\u003e\u003ccode\u003e7073576\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/820\"\u003e#820\u003c/a\u003e reorder parameters in invalid-versions.js test (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/820\"\u003e#820\u003c/a\u003e) (\u003ca href=\"https://github.com/reggi\"\u003e\u003ccode\u003e@​reggi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5816d4cfd6d85169527a2bc22fbd5bf4c64f34e3\"\u003e\u003ccode\u003e5816d4c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/829\"\u003e#829\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.28.0 to 4.28.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/npm-cli-bot\"\u003e\u003ccode\u003e@​npm-cli-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3\"\u003e7.7.3\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e37e0ca0b5fc910d2b1948d25dbc83cc3a0921ea\"\u003e\u003ccode\u003ee37e0ca\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/813\"\u003e#813\u003c/a\u003e faster paths for compare (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/813\"\u003e#813\u003c/a\u003e) (\u003ca href=\"https://github.com/H4ad\"\u003e\u003ccode\u003e@​H4ad\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/2471d7543e2e63d9d95358e2405e7e1cde926c36\"\u003e\u003ccode\u003e2471d75\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/811\"\u003e#811\u003c/a\u003e x-range build metadata support (i529015)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8f05c87f56a4123259b8c6d9324f53eadb02e48f\"\u003e\u003ccode\u003e8f05c87\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-semver/pull/807\"\u003e#807\u003c/a\u003e bump \u003ccode\u003e@​npmcli/template-oss\u003c/code\u003e from 4.25.0 to 4.25.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/807\"\u003e#807\u003c/a\u003e) (\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/owlstronaut\"\u003e\u003ccode\u003e@​owlstronaut\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/8640bd68f1653e504b53e9be4030eccdfe4c307a\"\u003e\u003ccode\u003e8640bd6\u003c/code\u003e\u003c/a\u003e chore: release 7.8.4 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/875\"\u003e#875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/e583226b165edd6530502cf731eda334527af6fe\"\u003e\u003ccode\u003ee583226\u003c/code\u003e\u003c/a\u003e fix: reject numeric segments after x-ranges\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/6b77aa84a648a4b54ea32a21e6db60ebd54d5040\"\u003e\u003ccode\u003e6b77aa8\u003c/code\u003e\u003c/a\u003e chore: release 7.8.3 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/873\"\u003e#873\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/3485ddadb2ca0d0691392ee5ce620072e1b1e040\"\u003e\u003ccode\u003e3485dda\u003c/code\u003e\u003c/a\u003e chore: bump \u003ccode\u003e@​npmcli/eslint-config\u003c/code\u003e from 6.0.1 to 7.0.0 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/866\"\u003e#866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/046da7f527cc72a482b5dea8cb59392be65bf186\"\u003e\u003ccode\u003e046da7f\u003c/code\u003e\u003c/a\u003e fix: align caret includePrerelease lower bounds (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/872\"\u003e#872\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/efafcf8d029faa3d1ab74b5ec98d620112af859d\"\u003e\u003ccode\u003eefafcf8\u003c/code\u003e\u003c/a\u003e chore: release 7.8.2 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/871\"\u003e#871\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/bea6028694a75e840f48b288ac019e9644cfe6e8\"\u003e\u003ccode\u003ebea6028\u003c/code\u003e\u003c/a\u003e fix: increment dotted prerelease identifiers (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/870\"\u003e#870\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/76416081a8413383cf6e24c82cafa438bd076d41\"\u003e\u003ccode\u003e7641608\u003c/code\u003e\u003c/a\u003e chore: release 7.8.1 (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/868\"\u003e#868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/17aa702d91166472b197a2ea768f085083bee2e4\"\u003e\u003ccode\u003e17aa702\u003c/code\u003e\u003c/a\u003e fix: strip build metadata before comparator trimming (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/869\"\u003e#869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-semver/commit/5f3ca133e040210b6ea80c350a1d61d9da02e722\"\u003e\u003ccode\u003e5f3ca13\u003c/code\u003e\u003c/a\u003e fix: handle prerelease bounds in subset (\u003ca href=\"https://redirect.github.com/npm/node-semver/issues/867\"\u003e#867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/npm/node-semver/compare/v4.3.6...v7.8.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for semver since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/dreamteamprod/DigiScript/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/dreamteamprod/DigiScript/pull/1197","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dreamteamprod%2FDigiScript/issues/1197","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1197/packages"}},{"old_version":"6.12.6","new_version":"6.15.0","update_type":"minor","path":null,"pr_created_at":"2026-06-14T08:37:40.000Z","version_change":"6.12.6 → 6.15.0","issue":{"uuid":"4658463387","node_id":"PR_kwDOR6Hr587mNNTI","number":5,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 7 directories with 22 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-14T08:37:40.000Z","updated_at":"2026-06-14T08:38:56.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":22,"packages":[{"name":"@modelcontextprotocol/sdk","old_version":"1.18.0","new_version":"1.26.0","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"vitest","old_version":"3.2.4","new_version":"3.2.6","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"smol-toml","old_version":"1.4.2","new_version":"1.6.1","repository_url":"https://github.com/squirrelchat/smol-toml"},{"name":"uuid","old_version":"13.0.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"ws","old_version":"8.18.3","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"@anthropic-ai/claude-code","old_version":"1.0.128","new_version":"2.1.84","repository_url":"https://github.com/anthropics/claude-code"},{"name":"esbuild","old_version":"0.25.9","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"},{"name":"@hono/node-server","old_version":"1.19.2","new_version":"1.19.13","repository_url":"https://github.com/honojs/node-server"},{"name":"hono","old_version":"4.9.7","new_version":"4.12.21","repository_url":"https://github.com/honojs/hono"},{"name":"@react-router/node","old_version":"7.9.1","new_version":"7.9.4","repository_url":"https://github.com/remix-run/react-router"},{"name":"react-router","old_version":"7.9.1","new_version":"7.15.0","repository_url":"https://github.com/remix-run/react-router"},{"name":"vite","old_version":"6.3.6","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"undici","old_version":"6.21.3","new_version":"6.24.0","repository_url":"https://github.com/nodejs/undici"},{"name":"minimatch","old_version":"10.0.3","new_version":"10.2.3","repository_url":"https://github.com/isaacs/minimatch"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"ip-address","old_version":"10.0.1","new_version":"10.2.0","repository_url":"https://github.com/beaugunderson/ip-address"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"rollup","old_version":"4.50.1","new_version":"4.62.0","repository_url":"https://github.com/rollup/rollup"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.16","repository_url":"https://github.com/isaacs/node-tar"},{"name":"yaml","old_version":"2.8.1","new_version":"2.9.0","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 22 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.18.0` | `1.26.0` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `3.2.4` | `3.2.6` |\n| [smol-toml](https://github.com/squirrelchat/smol-toml) | `1.4.2` | `1.6.1` |\n| [uuid](https://github.com/uuidjs/uuid) | `13.0.0` | `14.0.0` |\n| [ws](https://github.com/websockets/ws) | `8.18.3` | `8.20.1` |\n| [@anthropic-ai/claude-code](https://github.com/anthropics/claude-code) | `1.0.128` | `2.1.84` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.25.9` | `0.28.1` |\n| [@hono/node-server](https://github.com/honojs/node-server) | `1.19.2` | `1.19.13` |\n| [hono](https://github.com/honojs/hono) | `4.9.7` | `4.12.21` |\n| [@react-router/node](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node) | `7.9.1` | `7.9.4` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `7.9.1` | `7.15.0` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.3.6` | `6.4.2` |\n| [undici](https://github.com/nodejs/undici) | `6.21.3` | `6.24.0` |\n| [minimatch](https://github.com/isaacs/minimatch) | `10.0.3` | `10.2.3` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [ip-address](https://github.com/beaugunderson/ip-address) | `10.0.1` | `10.2.0` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [rollup](https://github.com/rollup/rollup) | `4.50.1` | `4.62.0` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.16` |\n| [yaml](https://github.com/eemeli/yaml) | `2.8.1` | `2.9.0` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/commands/js-debugger directory: [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 1 update in the /packages/commands/npm-lookup directory: [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 1 update in the /packages/commands/ts-validate directory: [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 1 update in the /packages/commands/vitest directory: [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 3 updates in the /packages/mcp directory: [uuid](https://github.com/uuidjs/uuid), [@anthropic-ai/claude-code](https://github.com/anthropics/claude-code) and [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 1 update in the /packages/server directory: [esbuild](https://github.com/evanw/esbuild).\n\nUpdates `@modelcontextprotocol/sdk` from 1.18.0 to 1.26.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e@​modelcontextprotocol/sdk's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.26.0\u003c/h2\u003e\n\u003cp\u003eAddresses \u0026quot;Sharing server/transport instances can leak cross-client response data\u0026quot; in this GHSA \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: bump v1.25.3 for backport fixes by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1412\"\u003emodelcontextprotocol/typescript-sdk#1412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by \u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) by \u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.26.0 by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1479\"\u003emodelcontextprotocol/typescript-sdk#1479\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v1.x backport] Use correct schema for client sampling validation when tools are present by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1407\"\u003emodelcontextprotocol/typescript-sdk#1407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent Hono from overriding global Response object (v1.x) by \u003ca href=\"https://github.com/mattzcarey\"\u003e\u003ccode\u003e@​mattzcarey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1411\"\u003emodelcontextprotocol/typescript-sdk#1411\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: trigger workflow on v1.x branch by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1319\"\u003emodelcontextprotocol/typescript-sdk#1319\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: README badges links destinations by \u003ca href=\"https://github.com/antonpk1\"\u003e\u003ccode\u003e@​antonpk1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/907\"\u003emodelcontextprotocol/typescript-sdk#907\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent ReDoS in UriTemplate regex patterns (v1.x backport) by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1365\"\u003emodelcontextprotocol/typescript-sdk#1365\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/antonpk1\"\u003e\u003ccode\u003e@​antonpk1\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/907\"\u003emodelcontextprotocol/typescript-sdk#907\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.1...v1.25.2\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.1...v1.25.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.25.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003espec types - backwards compatibility changes by \u003ca href=\"https://github.com/KKonstantinov\"\u003e\u003ccode\u003e@​KKonstantinov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1306\"\u003emodelcontextprotocol/typescript-sdk#1306\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version for patch fix by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1307\"\u003emodelcontextprotocol/typescript-sdk#1307\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.0...1.25.1\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.0...1.25.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.25.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003elist changed handlers on client constructor by \u003ca href=\"https://github.com/mattzcarey\"\u003e\u003ccode\u003e@​mattzcarey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1206\"\u003emodelcontextprotocol/typescript-sdk#1206\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRole - moved from inline to reusable type by \u003ca href=\"https://github.com/KKonstantinov\"\u003e\u003ccode\u003e@​KKonstantinov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1221\"\u003emodelcontextprotocol/typescript-sdk#1221\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: use versioned npm tag for non-main branch releases by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1236\"\u003emodelcontextprotocol/typescript-sdk#1236\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNo automatic completion support unless needed - Revisited yet again by \u003ca href=\"https://github.com/cliffhall\"\u003e\u003ccode\u003e@​cliffhall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1237\"\u003emodelcontextprotocol/typescript-sdk#1237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Support updating output schema by \u003ca href=\"https://github.com/vincent0426\"\u003e\u003ccode\u003e@​vincent0426\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1048\"\u003emodelcontextprotocol/typescript-sdk#1048\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/fe9c07b465871394c7069207c86513df9c1194a4\"\u003e\u003ccode\u003efe9c07b\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.26.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1479\"\u003e#1479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/4f01e7e0708e1a85ccc7dbf39e850005f2d9ff03\"\u003e\u003ccode\u003e4f01e7e\u003c/code\u003e\u003c/a\u003e fix: add non-null assertions for optional setupServer fields in stateful test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/a05be176cabeae1f933b676e3ce024bf02e2314d\"\u003e\u003ccode\u003ea05be17\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/50d9fa3cd12e807e7963bcb9e1548786d3d5d941\"\u003e\u003ccode\u003e50d9fa3\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1442\"\u003e#1442\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/aa81a66556fb4434d8a6d1b70f7ac9fc40b5d325\"\u003e\u003ccode\u003eaa81a66\u003c/code\u003e\u003c/a\u003e fix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x back...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/6aba0659654e1ff0699844524595922a61e44cb9\"\u003e\u003ccode\u003e6aba065\u003c/code\u003e\u003c/a\u003e chore: bump v1.25.3 for backport fixes (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1412\"\u003e#1412\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/6e8f7e1a43a819ae230373c62b82228dafd892c6\"\u003e\u003ccode\u003e6e8f7e1\u003c/code\u003e\u003c/a\u003e fix: prevent Hono from overriding global Response object (v1.x) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1411\"\u003e#1411\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/12ae856cee6ca58499cce24e80f650e78a0c7610\"\u003e\u003ccode\u003e12ae856\u003c/code\u003e\u003c/a\u003e [v1.x backport] Use correct schema for client sampling validation when tools ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/b392f02ffcf37c088dbd114fedf25026ec3913d3\"\u003e\u003ccode\u003eb392f02\u003c/code\u003e\u003c/a\u003e fix: prevent ReDoS in UriTemplate regex patterns (v1.x backport) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1365\"\u003e#1365\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/a0c9b13484748acab9e5dc8317a7e89c06b52e37\"\u003e\u003ccode\u003ea0c9b13\u003c/code\u003e\u003c/a\u003e fix: README badges links destinations (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/907\"\u003e#907\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.18.0...v1.26.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~pcarleton\"\u003epcarleton\u003c/a\u003e, a new releaser for \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 3.2.4 to 3.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.6\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePin last supported vite-node version  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/16f120d05\"\u003e\u003c!-- raw HTML omitted --\u003e(16f12)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.5...v3.2.6\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev3.2.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Add \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e [backport to v3]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10445\"\u003evitest-dev/vitest#10445\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/af88b1f5d\"\u003e\u003c!-- raw HTML omitted --\u003e(af88b)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v3]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10456\"\u003evitest-dev/vitest#10456\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/385a1aefd\"\u003e\u003c!-- raw HTML omitted --\u003e(385a1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.4...v3.2.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/b6d56f8171ae814ee7571df63a35a0da5203dbaa\"\u003e\u003ccode\u003eb6d56f8\u003c/code\u003e\u003c/a\u003e chore: release v3.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/16f120d0585677f6a32bcb3dd01fa61c140e2588\"\u003e\u003ccode\u003e16f120d\u003c/code\u003e\u003c/a\u003e fix: pin last supported vite-node version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/2cbad0a923c48c6144266df3cd25f93547cb5221\"\u003e\u003ccode\u003e2cbad0a\u003c/code\u003e\u003c/a\u003e chore: release v3.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/385a1aefd4c2bfa5e7d58bf7c6834c929969f2c7\"\u003e\u003ccode\u003e385a1ae\u003c/code\u003e\u003c/a\u003e fix(browser): disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/af88b1f5d82844a4761ea9a977156c98e2b14ca8\"\u003e\u003ccode\u003eaf88b1f\u003c/code\u003e\u003c/a\u003e feat(api): add \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e [backport to v3]...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v3.2.6/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for vitest since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `smol-toml` from 1.4.2 to 1.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/squirrelchat/smol-toml/releases\"\u003esmol-toml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.6.1\u003c/h2\u003e\n\u003cp\u003eThis release addresses a minor security vulnerability where an attacker-controlled TOML document can exploit an unrestricted recustion and cause a stack overflow error with a document that contains thousands of sucessive commented lines. Security advisory: \u003ca href=\"https://github.com/advisories/GHSA-v3rj-xjv7-4jmq\"\u003eGHSA-v3rj-xjv7-4jmq\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.6.0\u003c/h2\u003e\n\u003cp\u003eAs of this version, smol-toml now supports the newly released TOML 1.1.0 specification!\u003c/p\u003e\n\u003ch2\u003eHighlights\u003c/h2\u003e\n\u003ch3\u003eMultiline inline tables\u003c/h3\u003e\n\u003cp\u003eTOML 1.1.0 now allows inline tables to have newlines, as well as trailing commas.\u003c/p\u003e\n\u003cpre lang=\"toml\"\u003e\u003ccode\u003edatabase = {\r\n  driver = \u0026quot;postgresql\u0026quot;,\r\n  server = {\r\n    host = \u0026quot;127.0.0.1\u0026quot;,\r\n    port = 3307,\r\n  },\r\n}\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eOmitting seconds in datetime and time\u003c/h3\u003e\n\u003cp\u003eTOML 1.1.0 renders the seconds component of time elements optional.\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003edatetime-tz = 1979-05-27 07:32Z\r\ndatetime = 2001-09-21 10:17\r\ntime = 13:37\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eNew string escapes\u003c/h3\u003e\n\u003cp\u003eStrings now support 2 additional escape sequences:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e\\xHH\u003c/code\u003e for code points between 0 and 255\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e\\e\u003c/code\u003e for the escape character (\u003ccode\u003eU+001B\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: toml 1.1 support by \u003ca href=\"https://github.com/cyyynthia\"\u003e\u003ccode\u003e@​cyyynthia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/squirrelchat/smol-toml/pull/49\"\u003esquirrelchat/smol-toml#49\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/squirrelchat/smol-toml/compare/v1.5.2...v1.6.0\"\u003ehttps://github.com/squirrelchat/smol-toml/compare/v1.5.2...v1.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.2\u003c/h2\u003e\n\u003cp\u003eHot fix for v1.5.1... 🙃\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: properly stringify arrays of tables by \u003ca href=\"https://github.com/cyyynthia\"\u003e\u003ccode\u003e@​cyyynthia\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/squirrelchat/smol-toml/compare/v1.5.1...v1.5.2\"\u003ehttps://github.com/squirrelchat/smol-toml/compare/v1.5.1...v1.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.1\u003c/h2\u003e\n\u003cp\u003eSmol fix that makes newlines actually consistent when stringifying objects to TOML.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/072b64fd0094b1d7d3bb1a124d282828069a7aa0\"\u003e\u003ccode\u003e072b64f\u003c/code\u003e\u003c/a\u003e chore: version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/19a5dc74cb49f9fe809dd73c2b8934b4192b8393\"\u003e\u003ccode\u003e19a5dc7\u003c/code\u003e\u003c/a\u003e chore: upgrade dependencies and actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/f286f87778200504061a428b24d5e27ef5e1f360\"\u003e\u003ccode\u003ef286f87\u003c/code\u003e\u003c/a\u003e fix: don't use recursion in skipVoid\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/399c54527643c97bbd58931f452325ab32456180\"\u003e\u003ccode\u003e399c545\u003c/code\u003e\u003c/a\u003e chore: version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/06521caba8be8a7d67a7a9ed7f105134c2dce8b1\"\u003e\u003ccode\u003e06521ca\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/squirrelchat/smol-toml/issues/49\"\u003e#49\u003c/a\u003e from squirrelchat/toml-110\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/f3a68a76a4be2e4a0e9ed9add167b15591262ade\"\u003e\u003ccode\u003ef3a68a7\u003c/code\u003e\u003c/a\u003e fix: properly test \\e escape\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/9743a8645acef45711f87c0996a20051f262dbbd\"\u003e\u003ccode\u003e9743a86\u003c/code\u003e\u003c/a\u003e fix: properly run toml-test v2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/1ec5303d56b8735a2ddf15a07f2cba1c1b4aa2e2\"\u003e\u003ccode\u003e1ec5303\u003c/code\u003e\u003c/a\u003e docs: toml 1.1.0 in the readme\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/8bc0e2bc709e4c54b87db2ce534b4411e2217b63\"\u003e\u003ccode\u003e8bc0e2b\u003c/code\u003e\u003c/a\u003e chore: upgrade dependencies, actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/24618dbac52bd2ff7145b2206f24a1ef14791885\"\u003e\u003ccode\u003e24618db\u003c/code\u003e\u003c/a\u003e feat: allow omitting seconds in datetime and time values\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/squirrelchat/smol-toml/compare/v1.4.2...v1.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for smol-toml since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 13.0.0 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.18.3 to 8.20.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an uninitialized memory disclosure issue in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\n(c0327ec1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding a \u003ccode\u003eTypedArray\u003c/code\u003e (e.g. \u003ccode\u003eFloat32Array\u003c/code\u003e) as the \u003ccode\u003ereason\u003c/code\u003e argument for\n\u003ccode\u003ewebsocket.close()\u003c/code\u003e, rather than the supported string or \u003ccode\u003eBuffer\u003c/code\u003e types, caused\nuninitialized memory to be disclosed to the remote peer.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { deepStrictEqual } from 'node:assert';\r\nimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer(\n{ port: 0, skipUTF8Validation: true },\nfunction () {\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e, {\nskipUTF8Validation: true\n});\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ews.on('close', function (code, reason) {\r\n  deepStrictEqual(reason, Buffer.alloc(80));\r\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e}\n);\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.close(1000, new Float32Array(20));\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe issue was privately reported by \u003ca href=\"https://github.com/ChALkeR\"\u003eNikita Skovoroda\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e8.20.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded exports for the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and utilities for the\n\u003ccode\u003eSec-WebSocket-Extensions\u003c/code\u003e and \u003ccode\u003eSec-WebSocket-Protocol\u003c/code\u003e headers (d3503c1f).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.19.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecloseTimeout\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2308\"\u003e#2308\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eHandled a forthcoming breaking change in Node.js core (19984854).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/3ee5349a0b1580f6e1f347b59ec3371011bd8481\"\u003e\u003ccode\u003e3ee5349\u003c/code\u003e\u003c/a\u003e [api] Convert the \u003ccode\u003eisServer\u003c/code\u003e and \u003ccode\u003emaxPayload\u003c/code\u003e parameters to options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/91707b470ebd803aaa3fd1e896217740f39267d4\"\u003e\u003ccode\u003e91707b4\u003c/code\u003e\u003c/a\u003e [doc] Add missing space\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8b553192268810a83253e2a4a39ac16768e75bb3\"\u003e\u003ccode\u003e8b55319\u003c/code\u003e\u003c/a\u003e [pkg] Update eslint to version 10.0.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.18.3...8.20.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@anthropic-ai/claude-code` from 1.0.128 to 2.1.84\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/anthropics/claude-code/releases\"\u003e@​anthropic-ai/claude-code's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.84\u003c/h2\u003e\n\u003ch2\u003eWhat's changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded PowerShell tool for Windows as an opt-in preview. Learn more at \u003ca href=\"https://code.claude.com/docs/en/tools-reference#powershell-tool\"\u003ehttps://code.claude.com/docs/en/tools-reference#powershell-tool\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eANTHROPIC_DEFAULT_{OPUS,SONNET,HAIKU}_MODEL_SUPPORTS\u003c/code\u003e env vars to override effort/thinking capability detection for pinned default models for 3p (Bedrock, Vertex, Foundry), and \u003ccode\u003e_MODEL_NAME\u003c/code\u003e/\u003ccode\u003e_DESCRIPTION\u003c/code\u003e to customize the \u003ccode\u003e/model\u003c/code\u003e picker label\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eCLAUDE_STREAM_IDLE_TIMEOUT_MS\u003c/code\u003e env var to configure the streaming idle watchdog threshold (default 90s)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eTaskCreated\u003c/code\u003e hook that fires when a task is created via \u003ccode\u003eTaskCreate\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eWorktreeCreate\u003c/code\u003e hook support for \u003ccode\u003etype: \u0026quot;http\u0026quot;\u003c/code\u003e — return the created worktree path via \u003ccode\u003ehookSpecificOutput.worktreePath\u003c/code\u003e in the response JSON\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eallowedChannelPlugins\u003c/code\u003e managed setting for team/enterprise admins to define a channel plugin allowlist\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ex-client-request-id\u003c/code\u003e header to API requests for debugging timeouts\u003c/li\u003e\n\u003cli\u003eAdded idle-return prompt that nudges users returning after 75+ minutes to \u003ccode\u003e/clear\u003c/code\u003e, reducing unnecessary token re-caching on stale sessions\u003c/li\u003e\n\u003cli\u003eDeep links (\u003ccode\u003eclaude-cli://\u003c/code\u003e) now open in your preferred terminal instead of whichever terminal happens to be first in the detection list\u003c/li\u003e\n\u003cli\u003eRules and skills \u003ccode\u003epaths:\u003c/code\u003e frontmatter now accepts a YAML list of globs\u003c/li\u003e\n\u003cli\u003eMCP tool descriptions and server instructions are now capped at 2KB to prevent OpenAPI-generated servers from bloating context\u003c/li\u003e\n\u003cli\u003eMCP servers configured both locally and via claude.ai connectors are now deduplicated — the local config wins\u003c/li\u003e\n\u003cli\u003eBackground bash tasks that appear stuck on an interactive prompt now surface a notification after ~45 seconds\u003c/li\u003e\n\u003cli\u003eToken counts ≥1M now display as \u0026quot;1.5m\u0026quot; instead of \u0026quot;1512.6k\u0026quot;\u003c/li\u003e\n\u003cli\u003eGlobal system-prompt caching now works when \u003ccode\u003eToolSearch\u003c/code\u003e is enabled, including for users with MCP tools configured\u003c/li\u003e\n\u003cli\u003eFixed voice push-to-talk: holding the voice key no longer leaks characters into the text input, and transcripts now insert at the correct position\u003c/li\u003e\n\u003cli\u003eFixed up/down arrow keys being unresponsive when a footer item is focused\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCtrl+U\u003c/code\u003e (kill-to-line-start) being a no-op at line boundaries in multiline input, so repeated \u003ccode\u003eCtrl+U\u003c/code\u003e now clears across lines\u003c/li\u003e\n\u003cli\u003eFixed null-unbinding a default chord binding (e.g. \u003ccode\u003e\u0026quot;ctrl+x ctrl+k\u0026quot;: null\u003c/code\u003e) still entering chord-wait mode instead of freeing the prefix key\u003c/li\u003e\n\u003cli\u003eFixed mouse events inserting literal \u0026quot;mouse\u0026quot; text into transcript search input\u003c/li\u003e\n\u003cli\u003eFixed workflow subagents failing with API 400 when the outer session uses \u003ccode\u003e--json-schema\u003c/code\u003e and the subagent also specifies a schema\u003c/li\u003e\n\u003cli\u003eFixed missing background color behind certain emoji in user message bubbles on some terminals\u003c/li\u003e\n\u003cli\u003eFixed the \u0026quot;allow Claude to edit its own settings for this session\u0026quot; permission option not sticking for users with \u003ccode\u003eEdit(.claude)\u003c/code\u003e allow rules\u003c/li\u003e\n\u003cli\u003eFixed a hang when generating attachment snippets for large edited files\u003c/li\u003e\n\u003cli\u003eFixed MCP tool/resource cache leak on server reconnect\u003c/li\u003e\n\u003cli\u003eFixed a startup performance issue where partial clone repositories (Scalar/GVFS) triggered mass blob downloads\u003c/li\u003e\n\u003cli\u003eFixed native terminal cursor not tracking the text input caret, so IME composition (CJK input) now renders inline and screen readers can follow the input position\u003c/li\u003e\n\u003cli\u003eFixed spurious \u0026quot;Not logged in\u0026quot; errors on macOS caused by transient keychain read failures\u003c/li\u003e\n\u003cli\u003eFixed cold-start race where core tools could be deferred without their bypass active, causing Edit/Write to fail with InputValidationError on typed parameters\u003c/li\u003e\n\u003cli\u003eImproved detection for dangerous removals of Windows drive roots (\u003ccode\u003eC:\\\u003c/code\u003e, \u003ccode\u003eC:\\Windows\u003c/code\u003e, etc.)\u003c/li\u003e\n\u003cli\u003eImproved interactive startup by ~30ms by running \u003ccode\u003esetup()\u003c/code\u003e in parallel with slash command and agent loading\u003c/li\u003e\n\u003cli\u003eImproved startup for \u003ccode\u003eclaude \u0026quot;prompt\u0026quot;\u003c/code\u003e with MCP servers — the REPL now renders immediately instead of blocking until all servers connect\u003c/li\u003e\n\u003cli\u003eImproved Remote Control to show a specific reason when blocked instead of a generic \u0026quot;not yet enabled\u0026quot; message\u003c/li\u003e\n\u003cli\u003eImproved p90 prompt cache rate\u003c/li\u003e\n\u003cli\u003eReduced scroll-to-top resets in long sessions by making the message window immune to compaction and grouping changes\u003c/li\u003e\n\u003cli\u003eReduced terminal flickering when animated tool progress scrolls above the viewport\u003c/li\u003e\n\u003cli\u003eChanged issue/PR references to only become clickable links when written as \u003ccode\u003eowner/repo#123\u003c/code\u003e — bare \u003ccode\u003e[#123](https://github.com/anthropics/claude-code/issues/123)\u003c/code\u003e is no longer auto-linked\u003c/li\u003e\n\u003cli\u003eSlash commands unavailable for the current auth setup (\u003ccode\u003e/voice\u003c/code\u003e, \u003ccode\u003e/mobile\u003c/code\u003e, \u003ccode\u003e/chrome\u003c/code\u003e, \u003ccode\u003e/upgrade\u003c/code\u003e, etc.) are now hidden instead of shown\u003c/li\u003e\n\u003cli\u003e[VSCode] Added rate limit warning banner with usage percentage and reset time\u003c/li\u003e\n\u003cli\u003eStats screenshot (Ctrl+S in /stats) now works in all builds and is 16× faster\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.83\u003c/h2\u003e\n\u003ch2\u003eWhat's changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003emanaged-settings.d/\u003c/code\u003e drop-in directory alongside \u003ccode\u003emanaged-settings.json\u003c/code\u003e, letting separate teams deploy independent policy fragments that merge alphabetically\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eCwdChanged\u003c/code\u003e and \u003ccode\u003eFileChanged\u003c/code\u003e hook events for reactive environment management (e.g., direnv)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003esandbox.failIfUnavailable\u003c/code\u003e setting to exit with an error when sandbox is enabled but cannot start, instead of running unsandboxed\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/anthropics/claude-code/blob/main/CHANGELOG.md\"\u003e@​anthropic-ai/claude-code's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.1.84\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded PowerShell tool for Windows as an opt-in preview. Learn more at \u003ca href=\"https://code.claude.com/docs/en/tools-reference#powershell-tool\"\u003ehttps://code.claude.com/docs/en/tools-reference#powershell-tool\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eANTHROPIC_DEFAULT_{OPUS,SONNET,HAIKU}_MODEL_SUPPORTS\u003c/code\u003e env vars to override effort/thinking capability detection for pinned default models for 3p (Bedrock, Vertex, Foundry), and \u003ccode\u003e_MODEL_NAME\u003c/code\u003e/\u003ccode\u003e_DESCRIPTION\u003c/code\u003e to customize the \u003ccode\u003e/model\u003c/code\u003e picker label\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eCLAUDE_STREAM_IDLE_TIMEOUT_MS\u003c/code\u003e env var to configure the streaming idle watchdog threshold (default 90s)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eTaskCreated\u003c/code\u003e hook that fires when a task is created via \u003ccode\u003eTaskCreate\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eWorktreeCreate\u003c/code\u003e hook support for \u003ccode\u003etype: \u0026quot;http\u0026quot;\u003c/code\u003e — return the created worktree path via \u003ccode\u003ehookSpecificOutput.worktreePath\u003c/code\u003e in the response JSON\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eallowedChannelPlugins\u003c/code\u003e managed setting for team/enterprise admins to define a channel plugin allowlist\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ex-client-request-id\u003c/code\u003e header to API requests for debugging timeouts\u003c/li\u003e\n\u003cli\u003eAdded idle-return prompt that nudges users returning after 75+ minutes to \u003ccode\u003e/clear\u003c/code\u003e, reducing unnecessary token re-caching on stale sessions\u003c/li\u003e\n\u003cli\u003eDeep links (\u003ccode\u003eclaude-cli://\u003c/code\u003e) now open in your preferred terminal instead of whichever terminal happens to be first in the detection list\u003c/li\u003e\n\u003cli\u003eRules and skills \u003ccode\u003epaths:\u003c/code\u003e frontmatter now accepts a YAML list of globs\u003c/li\u003e\n\u003cli\u003eMCP tool descriptions and server instructions are now capped at 2KB to prevent OpenAPI-generated servers from bloating context\u003c/li\u003e\n\u003cli\u003eMCP servers configured both locally and via claude.ai connectors are now deduplicated — the local config wins\u003c/li\u003e\n\u003cli\u003eBackground bash tasks that appear stuck on an interactive prompt now surface a notification after ~45 seconds\u003c/li\u003e\n\u003cli\u003eToken counts ≥1M now display as \u0026quot;1.5m\u0026quot; instead of \u0026quot;1512.6k\u0026quot;\u003c/li\u003e\n\u003cli\u003eGlobal system-prompt caching now works when \u003ccode\u003eToolSearch\u003c/code\u003e is enabled, including for users with MCP tools configured\u003c/li\u003e\n\u003cli\u003eFixed voice push-to-talk: holding the voice key no longer leaks characters into the text input, and transcripts now insert at the correct position\u003c/li\u003e\n\u003cli\u003eFixed up/down arrow keys being unresponsive when a footer item is focused\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCtrl+U\u003c/code\u003e (kill-to-line-start) being a no-op at line boundaries in multiline input, so repeated \u003ccode\u003eCtrl+U\u003c/code\u003e now clears across lines\u003c/li\u003e\n\u003cli\u003eFixed null-unbinding a default chord binding (e.g. \u003ccode\u003e\u0026quot;ctrl+x ctrl+k\u0026quot;: null\u003c/code\u003e) still entering chord-wait mode instead of freeing the prefix key\u003c/li\u003e\n\u003cli\u003eFixed mouse events inserting literal \u0026quot;mouse\u0026quot; text into transcript search input\u003c/li\u003e\n\u003cli\u003eFixed workflow subagents failing with API 400 when the outer session uses \u003ccode\u003e--json-schema\u003c/code\u003e and the subagent also specifies a schema\u003c/li\u003e\n\u003cli\u003eFixed missing background color behind certain emoji in user message bubbles on some terminals\u003c/li\u003e\n\u003cli\u003eFixed the \u0026quot;allow Claude to edit its own settings for this session\u0026quot; permission option not sticking for users with \u003ccode\u003eEdit(.claude)\u003c/code\u003e allow rules\u003c/li\u003e\n\u003cli\u003eFixed a hang when generating attachment snippets for large edited files\u003c/li\u003e\n\u003cli\u003eFixed MCP tool/resource cache leak on server reconnect\u003c/li\u003e\n\u003cli\u003eFixed a startup performance issue where partial clone repositories (Scalar/GVFS) triggered mass blob downloads\u003c/li\u003e\n\u003cli\u003eFixed native terminal cursor not tracking the text input caret, so IME composition (CJK input) now renders inline and screen readers can follow the input position\u003c/li\u003e\n\u003cli\u003eFixed spurious \u0026quot;Not logged in\u0026quot; errors on macOS caused by transient keychain read failures\u003c/li\u003e\n\u003cli\u003eFixed cold-start race where core tools could be deferred without their bypass active, causing Edit/Write to fail with InputValidationError on typed parameters\u003c/li\u003e\n\u003cli\u003eImproved detection for dangerous removals of Windows drive roots (\u003ccode\u003eC:\\\u003c/code\u003e, \u003ccode\u003eC:\\Windows\u003c/code\u003e, etc.)\u003c/li\u003e\n\u003cli\u003eImproved interactive startup by ~30ms by running \u003ccode\u003esetup()\u003c/code\u003e in parallel with slash command and agent loading\u003c/li\u003e\n\u003cli\u003eImproved startup for \u003ccode\u003eclaude \u0026quot;prompt\u0026quot;\u003c/code\u003e with MCP servers — the REPL now renders immediately instead of blocking until all servers connect\u003c/li\u003e\n\u003cli\u003eImproved Remote Control to show a specific reason when blocked instead of a generic \u0026quot;not yet enabled\u0026quot; message\u003c/li\u003e\n\u003cli\u003eImproved p90 prompt cache rate\u003c/li\u003e\n\u003cli\u003eReduced scroll-to-top resets in long sessions by making the message window immune to compaction and grouping changes\u003c/li\u003e\n\u003cli\u003eReduced terminal flickering when animated tool progress scrolls above the viewport\u003c/li\u003e\n\u003cli\u003eChanged issue/PR references to only become clickable links when written as \u003ccode\u003eowner/repo#123\u003c/code\u003e — bare \u003ccode\u003e[#123](https://github.com/anthropics/claude-code/issues/123)\u003c/code\u003e is no longer auto-linked\u003c/li\u003e\n\u003cli\u003eSlash commands unavailable for the current auth setup (\u003ccode\u003e/voice\u003c/code\u003e, \u003ccode\u003e/mobile\u003c/code\u003e, \u003ccode\u003e/chrome\u003c/code\u003e, \u003ccode\u003e/upgrade\u003c/code\u003e, etc.) are now hidden instead of shown\u003c/li\u003e\n\u003cli\u003e[VSCode] Added rate limit warning banner with usage percentage and reset time\u003c/li\u003e\n\u003cli\u003eStats screenshot (Ctrl+S in /stats) now works in all builds and is 16× faster\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.83\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003emanaged-settings.d/\u003c/code\u003e drop-in directory alongside \u003ccode\u003emanaged-settings.json\u003c/code\u003e, letting separate teams deploy independent policy fragments that merge alphabetically\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eCwdChanged\u003c/code\u003e and \u003ccode\u003eFileChanged\u003c/code\u003e hook events for reactive environment management (e.g., direnv)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003esandbox.failIfUnavailable\u003c/code\u003e setting to exit with an error when sandbox is enabled but cannot start, instead of running unsandboxed\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003edisableDeepLinkRegistration\u003c/code\u003e setting to prevent \u003ccode\u003eclaude-cli://\u003c/code\u003e protocol handler registration\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eCLAUDE_CODE_SUBPROCESS_ENV_SCRUB=1\u003c/code\u003e to strip Anthropic and cloud provider credentials from subprocess environments (Bash tool, hooks, MCP stdio servers)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/anthropics/claude-code/commits/v2.1.84\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.25.9 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2025.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog: 2025\u003c/h1\u003e\n\u003cp\u003eThis changelog documents all esbuild versions published in the year 2025 (versions 0.25.0 through 0.27.2).\u003c/p\u003e\n\u003ch2\u003e0.27.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow import path specifiers starting with \u003ccode\u003e#/\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4361\"\u003e#4361\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously the specification for \u003ccode\u003epackage.json\u003c/code\u003e disallowed import path specifiers starting with \u003ccode\u003e#/\u003c/code\u003e, but this restriction \u003ca href=\"https://redirect.github.com/nodejs/node/pull/60864\"\u003ehas recently been relaxed\u003c/a\u003e and support for it is being added across the JavaScript ecosystem. One use case is using it for a wildcard pattern such as mapping \u003ccode\u003e#/*\u003c/code\u003e to \u003ccode\u003e./src/*\u003c/code\u003e (previously you had to use another character such as \u003ccode\u003e#_*\u003c/code\u003e instead, which was more confusing). There is some more context in \u003ca href=\"https://redirect.github.com/nodejs/node/issues/49182\"\u003enodejs/node#49182\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis change was contributed by \u003ca href=\"https://github.com/hybrist\"\u003e\u003ccode\u003e@​hybrist\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAutomatically add the \u003ccode\u003e-webkit-mask\u003c/code\u003e prefix (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4357\"\u003e#4357\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4358\"\u003e#4358\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release automatically adds the \u003ccode\u003e-webkit-\u003c/code\u003e vendor prefix for the \u003ca href=\"https://developer.mozilla.org/en-US/docs/Web/CSS/Reference/Properties/mask\"\u003e\u003ccode\u003emask\u003c/code\u003e\u003c/a\u003e CSS shorthand property:\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\nmain {\n  mask: url(x.png) center/5rem no-repeat\n}\n\u003cp\u003e/* Old output (with --target=chrome110) */\u003cbr /\u003e\nmain {\u003cbr /\u003e\nmask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e/* New output (with --target=chrome110) */\u003cbr /\u003e\nmain {\u003cbr /\u003e\n-webkit-mask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\nmask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\n}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThis change was contributed by \u003ca href=\"https://github.com/BPJEnnova\"\u003e\u003ccode\u003e@​BPJEnnova\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdditional minification of \u003ccode\u003eswitch\u003c/code\u003e statements (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4176\"\u003e#4176\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4359\"\u003e#4359\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release contains additional minification patterns for reducing \u003ccode\u003eswitch\u003c/code\u003e statements. Here is an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nswitch (x) {\n  case 0:\n    foo()\n    break\n  case 1:\n  default:\n    bar()\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.25.9...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for esbuild since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@hono/node-server` from 1.19.2 to 1.19.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/node-server/releases\"\u003e@​hono/node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.13\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an issue in Serve Static Middleware where inconsistent handling of repeated slashes (\u003ccode\u003e//\u003c/code\u003e) between the router and static file resolution could allow middleware to be bypassed. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-92pp-h63x-v22m for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.12\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: ignore claude setting by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/314\"\u003ehonojs/node-server#314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: request draining for early 413 responses by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/329\"\u003ehonojs/node-server#329\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.11\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: do not overwrite Content-Length in the fast path pattern if Content-Length already exists. by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/309\"\u003ehonojs/node-server#309\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.10...v1.19.11\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.10...v1.19.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.10\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an authorization bypass in Serve Static Middleware caused by inconsistent URL decoding (\u003ccode\u003e%2F\u003c/code\u003e handling) between the router and static file resolution. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-wc8c-qw6v-h7f6 for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.9\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(globals): Stop overwriting global.fetch by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/295\"\u003ehonojs/node-server#295\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.8...v1.19.9\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.8...v1.19.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: add guide for listening to UNIX domain socket by \u003ca href=\"https://github.com/TransparentLC\"\u003e\u003ccode\u003e@​TransparentLC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/292\"\u003ehonojs/node-server#292\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(serve-static): Use Readable.toWeb in serveStatic by \u003ca href=\"https://github.com/otya128\"\u003e\u003ccode\u003e@​otya128\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/293\"\u003ehonojs/node-server#293\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TransparentLC\"\u003e\u003ccode\u003e@​TransparentLC\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/292\"\u003ehonojs/node-server#292\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/otya128\"\u003e\u003ccode\u003e@​otya128\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/293\"\u003ehonojs/node-server#293\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.7...v1.19.8\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.7...v1.19.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Fix for hono issue 4563 - incorrect content-length after following symlink by \u003ca href=\"https://github.com/tshmieldev\"\u003e\u003ccode\u003e@​tshmieldev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/290\"\u003ehonojs/node-server#290\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/fd64e659a34ec661fd9ccda00d1b9dff88dfaf90\"\u003e\u003ccode\u003efd64e65\u003c/code\u003e\u003c/a\u003e 1.19.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/025c30f55d589ddbe6048b151d77e904f67a8cc2\"\u003e\u003ccode\u003e025c30f\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/6cdb5a724952f3df5748e435637792068ebea6d9\"\u003e\u003ccode\u003e6cdb5a7\u003c/code\u003e\u003c/a\u003e 1.19.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/70250f780ec99d2ddc0dd8275a42f8e091e06e94\"\u003e\u003ccode\u003e70250f7\u003c/code\u003e\u003c/a\u003e fix: request draining for early 413 responses (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/329\"\u003e#329\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/cfc08b330a1f2e0a2d8cc7797cde389465b5f4fb\"\u003e\u003ccode\u003ecfc08b3\u003c/code\u003e\u003c/a\u003e chore: ignore claude setting (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/ecd4d6be55117005acfd60a22d90c4818618507b\"\u003e\u003ccode\u003eecd4d6b\u003c/code\u003e\u003c/a\u003e 1.19.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/c94489955ebd855630b703022837f7fe5f925111\"\u003e\u003ccode\u003ec944899\u003c/code\u003e\u003c/a\u003e fix: do not overwrite Content-Length in the fast path pattern if Content-Leng...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/2f8ca3665f5257305603783ec9999bd1a9bec0f2\"\u003e\u003ccode\u003e2f8ca36\u003c/code\u003e\u003c/a\u003e 1.19.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/455015be1697dd89974a68b70350ea7b2d126d2e\"\u003e\u003ccode\u003e455015b\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/cc05c48d8eb34007d5d5ff3861ea554721387041\"\u003e\u003ccode\u003ecc05c48\u003c/code\u003e\u003c/a\u003e chore: add benchmark for comparing with npm and local (dev) (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/305\"\u003e#305\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.2...v1.19.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `hono` from 4.9.7 to 4.12.21\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/hono/releases\"\u003ehono's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.12.21\u003c/h2\u003e\n\u003ch2\u003eSecurity fixes\u003c/h2\u003e\n\u003cp\u003eThis release includes fixes for the following security issues:\u003c/p\u003e\n\u003ch3\u003eapp.mount() strips mount prefix using undecoded path, causing incorrect routing for percent-encoded paths\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003eapp.mount()\u003c/code\u003e. Fixes prefix stripping using the raw URL pathname instead of the decoded path, where percent-encoded characters in the mount prefix or path could cause the prefix to be removed at the wrong position, resulting in the sub-application receiving an incorrect path. GHSA-2gcr-mfcq-wcc3\u003c/p\u003e\n\u003ch3\u003eIP Restriction bypasses static deny rules for non-canonical IPv6\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/ip-restriction\u003c/code\u003e. Fixes IP address comparison using string equality, where non-canonical IPv6 representations of a denied address — such as compressed forms or hex-notation IPv4-mapped addresses — could bypass static deny rules. GHSA-xrhx-7g5j-rcj5\u003c/p\u003e\n\u003ch3\u003eCookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/cookie\u003c/code\u003e. Fixes missing validation of \u003ccode\u003esameSite\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e options against injection characters (\u003ccode\u003e;\u003c/code\u003e, \u003ccode\u003e\\r\u003c/code\u003e, \u003ccode\u003e\\n\u003c/code\u003e), where user-controlled input passed to either option could inject additional attributes into the Set-Cookie response header. GHSA-3hrh-pfw6-9m5x\u003c/p\u003e\n\u003ch3\u003eJWT middleware accepts any Authorization scheme, not only Bearer\u003c/h3\u003e\n\u003cp\u003eAffects: \u003ccode\u003ehono/jwt\u003c/code\u003e, \u003ccode\u003ehono/jwk\u003c/code\u003e. Fixes missing scheme validation in the Authorization header, where any two-part header value was accepted regardless of the scheme name, allowing non-Bearer schemes to pass JWT authentication. GHSA-f577-qrjj-4474\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eUsers who use \u003ccode\u003eapp.mount()\u003c/code\u003e, \u003ccode\u003ehono/ip-restriction\u003c/code\u003e, \u003ccode\u003ehono/cookie\u003c/code\u003e, or \u003ccode\u003ehono/jwt\u003c/code\u003e/\u003ccode\u003ehono/jwk\u003c/code\u003e are encouraged to upgrade to this version.\u003c/p\u003e\n\u003ch2\u003ev4.12.20\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(route): preserve the base path of the mounted route() app by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4942\"\u003ehonojs/hono#4942\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(jsx): widen jsx and jsxFn children to Child[] by \u003ca href=\"https://github.com/ashunar0\"\u003e\u003ccode\u003e@​ashunar0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4947\"\u003ehonojs/hono#4947\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ashunar0\"\u003e\u003ccode\u003e@​ashunar0\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4947\"\u003ehonojs/hono#4947\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.19...v4.12.20\"\u003ehttps://github.com/honojs/hono/compare/v4.12.19...v4.12.20\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.12.19\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: pin GitHub Actions to SHAs by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4932\"\u003ehonojs/hono#4932\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(serveStatic): make options parameter optional in all adapters by \u003ca href=\"https://github.com/mixelburg\"\u003e\u003ccode\u003e@​mixelburg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4934\"\u003ehonojs/hono#4934\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(cookie): return the first cookie when there are multiple cookies with the same name by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4922\"\u003ehonojs/hono#4922\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(bearer-auth): make bearerAuth generic for typed context in verifyToken by \u003ca href=\"https://github.com/justinnais\"\u003e\u003ccode\u003e@​justinnais\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4913\"\u003ehonojs/hono#4913\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(cache): key cache entries by configured vary headers by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4915\"\u003ehonojs/hono#4915\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(request): add \u003ccode\u003ebytes()\u003c/code\u003e by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4921\"\u003ehonojs/hono#4921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(stream): upgrade \u003ccode\u003e@hono/node-server\u003c/code\u003e to v2 and fix abort handling by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4940\"\u003ehonojs/hono#4940\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/justinnais\"\u003e\u003ccode\u003e@​justinnais\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/honojs/hono/pull/4913\"\u003ehonojs/hono#4913\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/hono/compare/v4.12.18...v4.12.19\"\u003ehttps://github.com/honojs/hono/compare/v4.12.18...v4.12.19\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/a83ddb882e0c0b8c336050dba087bb2e1b12488e\"\u003e\u003ccode\u003ea83ddb8\u003c/code\u003e\u003c/a\u003e 4.12.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/6cbb025ff87fca1a3d00d0ccca0eaf3a6385c3f1\"\u003e\u003ccode\u003e6cbb025\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/c831020fb1fa2e929d222f6c84e1abfe013e512b\"\u003e\u003ccode\u003ec831020\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/905aedbc20661e0e2fa378783a7ec44a5c3df43d\"\u003e\u003ccode\u003e905aedb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/5463db2735476959b8af67756f4e513f4fe19115\"\u003e\u003ccode\u003e5463db2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/c657a39ccc8d3194d345d9e82c8587bd25b5b6e8\"\u003e\u003ccode\u003ec657a39\u003c/code\u003e\u003c/a\u003e 4.12.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/eb2d0c238adbcee5933d0f8c15f1a65a88f50565\"\u003e\u003ccode\u003eeb2d0c2\u003c/code\u003e\u003c/a\u003e fix(jsx): widen jsx and jsxFn children to Child[] (\u003ca href=\"https://redirect.github.com/honojs/hono/issues/4947\"\u003e#4947\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/hono/commit/dcabbece347817ef7193439c39d28546b...\n\n_Description has been truncated_\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpgrade dependencies across the monorepo for security fixes and stability. Highlights include `@modelcontextprotocol/sdk@1.26`, `hono`/`@hono/node-server`, `esbuild@0.28`, `ws@8.20`, `uuid@14`, and web tooling updates (`react-router`, `vite`).\n\n- **Dependencies**\n  - `@modelcontextprotocol/sdk@1.26` fixes a cross-client response leak and updates auth/schema handling.\n  - `esbuild@0.28` patches dev-server path traversal and adds integrity checks.\n  - `ws@8.20.1` fixes an uninitialized memory disclosure in `websocket.close()`.\n  - `hono@4.12.21` and `@hono/node-server` include multiple security fixes; server package targets `@hono/node-server@2.x`.\n  - `uuid@14` drops Node 18 and expects a global `crypto` (requires Node 20+).\n  - Web stack bumps: `react-router` 7.15, `@react-router/node` 7.9.4, `vite` 6.4.2.\n\n- **Migration**\n  - Ensure Node 20+ in dev, CI, and production (required by `uuid@14`).\n  - After update: clean install and rebuild (e.g., `rm -rf node_modules \u0026\u0026 yarn \u0026\u0026 yarn build`) and verify server startup and streaming paths with the new `@hono/node-server`.\n\n\u003csup\u003eWritten for commit b739c6d9b91dfb42cfc480d747bb5e6072cea929. Summary will update on new commits.\u003c/sup\u003e\n\n\u003ca href=\"https://cubic.dev/pr/Prekzursil/mcp-funnel/pull/5?utm_source=github\" target=\"_blank\" rel=\"noopener noreferrer\" data-no-image-dialog=\"true\"\u003e\u003cpicture\u003e\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://www.cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://www.cubic.dev/buttons/review-in-cubic-light.svg\"\u003e\u003cimg alt=\"Review in cubic\" src=\"https://www.cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003c/picture\u003e\u003c/a\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n","html_url":"https://github.com/Prekzursil/mcp-funnel/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Prekzursil%2Fmcp-funnel/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"}},{"old_version":"8.17.1","new_version":"8.18.0","update_type":"minor","path":null,"pr_created_at":"2026-06-14T05:12:21.000Z","version_change":"8.17.1 → 8.18.0","issue":{"uuid":"4658002667","node_id":"PR_kwDOQBu2287mL2Vh","number":15,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 3 directories with 25 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-14T05:12:21.000Z","updated_at":"2026-06-14T05:13:02.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":25,"packages":[{"name":"simple-git","old_version":"3.28.0","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"esbuild","old_version":"0.25.6","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"},{"name":"vitest","old_version":"3.2.4","new_version":"4.1.8","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"glob","old_version":"10.4.5","new_version":"13.0.6","repository_url":"https://github.com/isaacs/node-glob"},{"name":"glob","old_version":"11.0.3","new_version":"11.1.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"tar","old_version":"7.5.1","new_version":"7.5.16","repository_url":"https://github.com/isaacs/node-tar"},{"name":"uuid","old_version":"11.1.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"@modelcontextprotocol/sdk","old_version":"1.15.1","new_version":"1.29.0","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"diff","old_version":"7.0.0","new_version":"9.0.0","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"shell-quote","old_version":"1.8.3","new_version":"1.8.4","repository_url":"https://github.com/ljharb/shell-quote"},{"name":"undici","old_version":"7.15.0","new_version":"7.27.2","repository_url":"https://github.com/nodejs/undici"},{"name":"ajv","old_version":"8.17.1","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"fast-uri","old_version":"3.0.6","new_version":"3.1.2","repository_url":"https://github.com/fastify/fast-uri"},{"name":"picomatch","old_version":"4.0.3","new_version":"4.0.4","repository_url":"https://github.com/micromatch/picomatch"},{"name":"ws","old_version":"8.18.3","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"fast-xml-parser","old_version":"4.5.3","new_version":"5.8.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"jws","old_version":"4.0.0","new_version":"4.0.1","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"jws","old_version":"3.2.2","new_version":"3.2.3","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"tmp","old_version":"0.2.5","new_version":"0.2.7","repository_url":"https://github.com/raszi/node-tmp"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 20 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.28.0` | `3.36.0` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.25.6` | `0.28.1` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `3.2.4` | `4.1.8` |\n| [glob](https://github.com/isaacs/node-glob) | `10.4.5` | `13.0.6` |\n| [glob](https://github.com/isaacs/node-glob) | `11.0.3` | `11.1.0` |\n| [tar](https://github.com/isaacs/node-tar) | `7.5.1` | `7.5.16` |\n| [uuid](https://github.com/uuidjs/uuid) | `11.1.0` | `14.0.0` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.15.1` | `1.29.0` |\n| [diff](https://github.com/kpdecker/jsdiff) | `7.0.0` | `9.0.0` |\n| [shell-quote](https://github.com/ljharb/shell-quote) | `1.8.3` | `1.8.4` |\n| [undici](https://github.com/nodejs/undici) | `7.15.0` | `7.27.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.17.1` | `8.18.0` |\n| [fast-uri](https://github.com/fastify/fast-uri) | `3.0.6` | `3.1.2` |\n| [picomatch](https://github.com/micromatch/picomatch) | `4.0.3` | `4.0.4` |\n| [ws](https://github.com/websockets/ws) | `8.18.3` | `8.20.1` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.3` | `5.8.0` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [jws](https://github.com/brianloveswords/node-jws) | `4.0.0` | `4.0.1` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [tmp](https://github.com/raszi/node-tmp) | `0.2.5` | `0.2.7` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/core directory: [diff](https://github.com/kpdecker/jsdiff).\nBumps the npm_and_yarn group with 1 update in the /packages/vscode-ide-companion directory: [esbuild](https://github.com/evanw/esbuild).\n\nUpdates `simple-git` from 3.28.0 to 3.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/releases\"\u003esimple-git's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esimple-git@3.36.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e89a2294: Extend known exploitable configuration keys and per-task environment variables.\u003c/p\u003e\n\u003cp\u003eNote - \u003ccode\u003eParsedVulnerabilities\u003c/code\u003e from \u003ccode\u003eargv-parser\u003c/code\u003e is removed in favour of a readonly array of \u003ccode\u003eVulnerability\u003c/code\u003e to match usage in \u003ccode\u003esimple-git\u003c/code\u003e, rolled into the new \u003ccode\u003evulnerabilityCheck\u003c/code\u003e for simpler access to the identified issues.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/zebbern\"\u003e\u003ccode\u003e@​zebbern\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003ecore.fsmonitor\u003c/code\u003e.\nThanks to \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003eGIT_CONFIG_COUNT\u003c/code\u003e environment variables and \u003ccode\u003e--template\u003c/code\u003e / \u003ccode\u003emerge\u003c/code\u003e related config.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1ad57e8: Remove conflicting node:buffer import\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [89a2294]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [675570a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.35.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0cf9d8c: Improvements for mono-repo publishing pipeline\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0cf9d8c]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.35.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0de400e: Update monorepo version handling during publish\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0de400e]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.33.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea263635: Use \u003ccode\u003epathspec\u003c/code\u003e wrappers for remote and local paths when running either \u003ccode\u003egit.clone\u003c/code\u003e or \u003ccode\u003egit.mirror\u003c/code\u003e to\navoid leaving them less open for unexpected outcomes when passing unsanitised data into these tasks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ee253a0d: Enhanced \u003ccode\u003egit -c\u003c/code\u003e checks in \u003ccode\u003eunsafe\u003c/code\u003e plugin.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JohannesLks\"\u003e\u003ccode\u003e@​JohannesLks\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md\"\u003esimple-git's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.36.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e89a2294: Extend known exploitable configuration keys and per-task environment variables.\u003c/p\u003e\n\u003cp\u003eNote - \u003ccode\u003eParsedVulnerabilities\u003c/code\u003e from \u003ccode\u003eargv-parser\u003c/code\u003e is removed in favour of a readonly array of \u003ccode\u003eVulnerability\u003c/code\u003e to match usage in \u003ccode\u003esimple-git\u003c/code\u003e, rolled into the new \u003ccode\u003evulnerabilityCheck\u003c/code\u003e for simpler access to the identified issues.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/zebbern\"\u003e\u003ccode\u003e@​zebbern\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003ecore.fsmonitor\u003c/code\u003e.\nThanks to \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003eGIT_CONFIG_COUNT\u003c/code\u003e environment variables and \u003ccode\u003e--template\u003c/code\u003e / \u003ccode\u003emerge\u003c/code\u003e related config.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1ad57e8: Remove conflicting node:buffer import\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [89a2294]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [675570a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0cf9d8c: Improvements for mono-repo publishing pipeline\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0cf9d8c]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0de400e: Update monorepo version handling during publish\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0de400e]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e3d8708b: Updating publish config\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [3d8708b]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.34.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/7dc1a532a9ec92fb08c93202954be73175b07d83\"\u003e\u003ccode\u003e7dc1a53\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/76f5376bd418cb8baf5ec32757af442d47128e22\"\u003e\u003ccode\u003e76f5376\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1061\"\u003e#1061\u003c/a\u003e from Vinzent03/fix/buffer-import\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/89a2294febed5dfe737c4c735d936bb6018746a8\"\u003e\u003ccode\u003e89a2294\u003c/code\u003e\u003c/a\u003e Environment Parsing (\u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1156\"\u003e#1156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/1b91b762f047777ca6686f34ac3f7b8a543a4780\"\u003e\u003ccode\u003e1b91b76\u003c/code\u003e\u003c/a\u003e fix: remove explicit node:buffer import\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/e390685960a3461875dce89d87ab80e3143d79fe\"\u003e\u003ccode\u003ee390685\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/3c9e4b8309667d0cb4102cda770f92075fc781dd\"\u003e\u003ccode\u003e3c9e4b8\u003c/code\u003e\u003c/a\u003e Pin version of \u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/94ee21fd5a2a6182fbf0f218a5efca2057b567cd\"\u003e\u003ccode\u003e94ee21f\u003c/code\u003e\u003c/a\u003e Export \u003ccode\u003epathspec\u003c/code\u003e types through \u003ccode\u003esimple-git\u003c/code\u003e for backward compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/6d7cb5174273aa33d131172d3770cb386e795171\"\u003e\u003ccode\u003e6d7cb51\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/0de400e7b014a48113acf673b3409a95b9c87a15\"\u003e\u003ccode\u003e0de400e\u003c/code\u003e\u003c/a\u003e Switch to semver from workspace revisions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/2264722abcb637042dd4cc50d903d69e4ee14b38\"\u003e\u003ccode\u003e2264722\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/steveukx/git-js/commits/simple-git@3.36.0/simple-git\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for simple-git since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.25.6 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2025.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog: 2025\u003c/h1\u003e\n\u003cp\u003eThis changelog documents all esbuild versions published in the year 2025 (versions 0.25.0 through 0.27.2).\u003c/p\u003e\n\u003ch2\u003e0.27.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow import path specifiers starting with \u003ccode\u003e#/\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4361\"\u003e#4361\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously the specification for \u003ccode\u003epackage.json\u003c/code\u003e disallowed import path specifiers starting with \u003ccode\u003e#/\u003c/code\u003e, but this restriction \u003ca href=\"https://redirect.github.com/nodejs/node/pull/60864\"\u003ehas recently been relaxed\u003c/a\u003e and support for it is being added across the JavaScript ecosystem. One use case is using it for a wildcard pattern such as mapping \u003ccode\u003e#/*\u003c/code\u003e to \u003ccode\u003e./src/*\u003c/code\u003e (previously you had to use another character such as \u003ccode\u003e#_*\u003c/code\u003e instead, which was more confusing). There is some more context in \u003ca href=\"https://redirect.github.com/nodejs/node/issues/49182\"\u003enodejs/node#49182\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis change was contributed by \u003ca href=\"https://github.com/hybrist\"\u003e\u003ccode\u003e@​hybrist\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAutomatically add the \u003ccode\u003e-webkit-mask\u003c/code\u003e prefix (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4357\"\u003e#4357\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4358\"\u003e#4358\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release automatically adds the \u003ccode\u003e-webkit-\u003c/code\u003e vendor prefix for the \u003ca href=\"https://developer.mozilla.org/en-US/docs/Web/CSS/Reference/Properties/mask\"\u003e\u003ccode\u003emask\u003c/code\u003e\u003c/a\u003e CSS shorthand property:\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\nmain {\n  mask: url(x.png) center/5rem no-repeat\n}\n\u003cp\u003e/* Old output (with --target=chrome110) */\u003cbr /\u003e\nmain {\u003cbr /\u003e\nmask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e/* New output (with --target=chrome110) */\u003cbr /\u003e\nmain {\u003cbr /\u003e\n-webkit-mask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\nmask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\n}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThis change was contributed by \u003ca href=\"https://github.com/BPJEnnova\"\u003e\u003ccode\u003e@​BPJEnnova\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdditional minification of \u003ccode\u003eswitch\u003c/code\u003e statements (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4176\"\u003e#4176\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4359\"\u003e#4359\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release contains additional minification patterns for reducing \u003ccode\u003eswitch\u003c/code\u003e statements. Here is an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nswitch (x) {\n  case 0:\n    foo()\n    break\n  case 1:\n  default:\n    bar()\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.25.6...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for esbuild since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 3.2.4 to 4.1.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.8\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eDisable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v4]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10450\"\u003evitest-dev/vitest#10450\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b1\"\u003e\u003c!-- raw HTML omitted --\u003e(e4067)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove orphaned Playwright route when same module is mocked via multiple ids [backport to v4]  -  by \u003ca href=\"https://github.com/toxik\"\u003e\u003ccode\u003e@​toxik\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Zelys-DFKH\"\u003e\u003ccode\u003e@​Zelys-DFKH\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10474\"\u003evitest-dev/vitest#10474\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/675b4343f\"\u003e\u003c!-- raw HTML omitted --\u003e(675b4)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.7...v4.1.8\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner\u003c/strong\u003e: Limit concurrency per task branch in addition to per leaf callbacks (backport)  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10384\"\u003evitest-dev/vitest#10384\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/4f0f2a1ee\"\u003e\u003c!-- raw HTML omitted --\u003e(4f0f2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.6...v4.1.7\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Provide project reference in \u003ccode\u003eToMatchScreenshotResolvePath\u003c/code\u003e  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10138\"\u003evitest-dev/vitest#10138\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/31882607c\"\u003e\u003c!-- raw HTML omitted --\u003e(31882)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGlobal \u003ccode\u003esequence.concurrent: true\u003c/code\u003e with top-level \u003ccode\u003etest(..., { concurrent: false })\u003c/code\u003e + depreacte \u003ccode\u003esequential\u003c/code\u003e test API and options  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003eCodex\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10196\"\u003evitest-dev/vitest#10196\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/2847dfa2a\"\u003e\u003c!-- raw HTML omitted --\u003e(2847d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Simplify orchestrator otel carrier  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10285\"\u003evitest-dev/vitest#10285\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/18af98cee\"\u003e\u003c!-- raw HTML omitted --\u003e(18af9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🏎 Performance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStringify diff objects only once  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10276\"\u003evitest-dev/vitest#10276\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9f7b1528c\"\u003e\u003c!-- raw HTML omitted --\u003e(9f7b1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.5...v4.1.6\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Experimental Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Istanbul to support \u003ccode\u003einstrumenter\u003c/code\u003e option  -  by \u003ca href=\"https://github.com/BartWaardenburg\"\u003e\u003ccode\u003e@​BartWaardenburg\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10119\"\u003evitest-dev/vitest#10119\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/0e0ff41c7\"\u003e\u003c!-- raw HTML omitted --\u003e(0e0ff)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e--project negation excludes browser instances  -  by \u003ca href=\"https://github.com/felamaslen\"\u003e\u003ccode\u003e@​felamaslen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10131\"\u003evitest-dev/vitest#10131\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9423dc084\"\u003e\u003c!-- raw HTML omitted --\u003e(9423d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProject color label on html reporter  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10142\"\u003evitest-dev/vitest#10142\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/596f73986\"\u003e\u003c!-- raw HTML omitted --\u003e(596f7)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003evi.defineHelper\u003c/code\u003e called as object method  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10163\"\u003evitest-dev/vitest#10163\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/122c25b5b\"\u003e\u003c!-- raw HTML omitted --\u003e(122c2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlias \u003ccode\u003eagent\u003c/code\u003e reporter to \u003ccode\u003eminimal\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10157\"\u003evitest-dev/vitest#10157\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/663b99fe3\"\u003e\u003c!-- raw HTML omitted --\u003e(663b9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions  -  by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003esheremet-va\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedad\"\u003e\u003c!-- raw HTML omitted --\u003e(9787d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions \u0026quot;  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd\"\u003e\u003c!-- raw HTML omitted --\u003e(7dc6d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-collect\u003c/strong\u003e: Recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery  -  by \u003ca href=\"https://github.com/Yejneshwar\"\u003e\u003ccode\u003e@​Yejneshwar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10129\"\u003evitest-dev/vitest#10129\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab2\"\u003e\u003c!-- raw HTML omitted --\u003e(32546)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Descriptive error message when reports directory is removed during test run  -  by \u003ca href=\"https://github.com/DaveT1991\"\u003e\u003ccode\u003e@​DaveT1991\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10117\"\u003evitest-dev/vitest#10117\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1413382e1\"\u003e\u003c!-- raw HTML omitted --\u003e(14133)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esnapshot\u003c/strong\u003e: Increase default snapshot max output length  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10150\"\u003evitest-dev/vitest#10150\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/21e66ff63\"\u003e\u003c!-- raw HTML omitted --\u003e(21e66)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eui\u003c/strong\u003e: Fix jsx/tsx syntax highlight  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10152\"\u003evitest-dev/vitest#10152\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/f1b1f6c7b\"\u003e\u003c!-- raw HTML omitted --\u003e(f1b1f)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eweb-worker\u003c/strong\u003e: Support MessagePort objects referenced inside postMessage data  -  by \u003ca href=\"https://github.com/whitphx\"\u003e\u003ccode\u003e@​whitphx\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eClaude Opus 4.6 (1M context)\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9927\"\u003evitest-dev/vitest#9927\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10124\"\u003evitest-dev/vitest#10124\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7ad7d39af\"\u003e\u003c!-- raw HTML omitted --\u003e(7ad7d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Make test-specification options writable  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10154\"\u003evitest-dev/vitest#10154\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/6abd557b7\"\u003e\u003c!-- raw HTML omitted --\u003e(6abd5)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.4...v4.1.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e61f2dd2a0ba0a266c1c5e0334aad3799fee527f\"\u003e\u003ccode\u003ee61f2dd\u003c/code\u003e\u003c/a\u003e chore: release v4.1.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b150005fd42cf75f994300119245806b9\"\u003e\u003ccode\u003ee4067b3\u003c/code\u003e\u003c/a\u003e fix(browser): disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a09d47236e19fd3151351080c667036ca6164dc4\"\u003e\u003ccode\u003ea09d472\u003c/code\u003e\u003c/a\u003e chore: release v4.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a8fd24c1cad2320b19fcc651413c7d928423bdc1\"\u003e\u003ccode\u003ea8fd24c\u003c/code\u003e\u003c/a\u003e chore: release v4.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/18af98cee1830604d57f6a02bf28f8067cdffc06\"\u003e\u003ccode\u003e18af98c\u003c/code\u003e\u003c/a\u003e fix(browser): simplify orchestrator otel carrier (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10285\"\u003e#10285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/31882607cc67c7bf52ead13a606321ffdb06a857\"\u003e\u003ccode\u003e3188260\u003c/code\u003e\u003c/a\u003e feat(browser): provide project reference in \u003ccode\u003eToMatchScreenshotResolvePath\u003c/code\u003e (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e399846850fedf10b8228cbe46a419628998acd9\"\u003e\u003ccode\u003ee399846\u003c/code\u003e\u003c/a\u003e chore: release v4.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd9dda0fe6fee2fb6451d0611a9ecb6e7\"\u003e\u003ccode\u003e7dc6d54\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;fix: respect diff config options in soft assertions (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696\"\u003e#8696\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedade9896a6d3eeed7739177d6c583a68a7\"\u003e\u003ccode\u003e9787ded\u003c/code\u003e\u003c/a\u003e fix: respect diff config options in soft assertions (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696\"\u003e#8696\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab292c45c3ef27aa21ec7da380c307052c\"\u003e\u003ccode\u003e325463a\u003c/code\u003e\u003c/a\u003e fix(ast-collect): recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for vitest since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.4.5 to 13.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/e80cb38ae60d6cbff9e75f39032a994858994d35\"\u003e\u003ccode\u003ee80cb38\u003c/code\u003e\u003c/a\u003e 13.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/9cdbbfff75c64fb158c8842d4d0eb3e908676a41\"\u003e\u003ccode\u003e9cdbbff\u003c/code\u003e\u003c/a\u003e revert tsgo, not ready for test coverage correctness yet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/89c99ba8e276438b8e31ce878b63186e2cd375b4\"\u003e\u003ccode\u003e89c99ba\u003c/code\u003e\u003c/a\u003e use tsgo compiler\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/b7275d54f294174607f544acf07cc7ec526b7878\"\u003e\u003ccode\u003eb7275d5\u003c/code\u003e\u003c/a\u003e update deps, expand engines to include node 18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/942e360a669e0c378c0abd261e7d329ca2cee661\"\u003e\u003ccode\u003e942e360\u003c/code\u003e\u003c/a\u003e update workflows, pull taprc out of package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/4a0d53c7531f3f0df97f9e4d26c78489e7f6d7ef\"\u003e\u003ccode\u003e4a0d53c\u003c/code\u003e\u003c/a\u003e update tap for mockImport bugfix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/ef94ad2696c12129628208cf4e38575e7240c1c4\"\u003e\u003ccode\u003eef94ad2\u003c/code\u003e\u003c/a\u003e update tap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/180c2d43cb135f134c0c5446408dc107c79a5a9b\"\u003e\u003ccode\u003e180c2d4\u003c/code\u003e\u003c/a\u003e update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/37993c86faddcb780458b2d7ae3c2ead7a84bf31\"\u003e\u003ccode\u003e37993c8\u003c/code\u003e\u003c/a\u003e remove stray console.error in test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/03ae4c244cac6331817158b0bc12effd30deeb43\"\u003e\u003ccode\u003e03ae4c2\u003c/code\u003e\u003c/a\u003e 13.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.4.5...v13.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 11.0.3 to 11.1.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/e80cb38ae60d6cbff9e75f39032a994858994d35\"\u003e\u003ccode\u003ee80cb38\u003c/code\u003e\u003c/a\u003e 13.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/9cdbbfff75c64fb158c8842d4d0eb3e908676a41\"\u003e\u003ccode\u003e9cdbbff\u003c/code\u003e\u003c/a\u003e revert tsgo, not ready for test coverage correctness yet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/89c99ba8e276438b8e31ce878b63186e2cd375b4\"\u003e\u003ccode\u003e89c99ba\u003c/code\u003e\u003c/a\u003e use tsgo compiler\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/b7275d54f294174607f544acf07cc7ec526b7878\"\u003e\u003ccode\u003eb7275d5\u003c/code\u003e\u003c/a\u003e update deps, expand engines to include node 18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/942e360a669e0c378c0abd261e7d329ca2cee661\"\u003e\u003ccode\u003e942e360\u003c/code\u003e\u003c/a\u003e update workflows, pull taprc out of package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/4a0d53c7531f3f0df97f9e4d26c78489e7f6d7ef\"\u003e\u003ccode\u003e4a0d53c\u003c/code\u003e\u003c/a\u003e update tap for mockImport bugfix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/ef94ad2696c12129628208cf4e38575e7240c1c4\"\u003e\u003ccode\u003eef94ad2\u003c/code\u003e\u003c/a\u003e update tap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/180c2d43cb135f134c0c5446408dc107c79a5a9b\"\u003e\u003ccode\u003e180c2d4\u003c/code\u003e\u003c/a\u003e update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/37993c86faddcb780458b2d7ae3c2ead7a84bf31\"\u003e\u003ccode\u003e37993c8\u003c/code\u003e\u003c/a\u003e remove stray console.error in test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/03ae4c244cac6331817158b0bc12effd30deeb43\"\u003e\u003ccode\u003e03ae4c2\u003c/code\u003e\u003c/a\u003e 13.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.4.5...v13.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 3.2.4 to 4.1.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.8\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eDisable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v4]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10450\"\u003evitest-dev/vitest#10450\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b1\"\u003e\u003c!-- raw HTML omitted --\u003e(e4067)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove orphaned Playwright route when same module is mocked via multiple ids [backport to v4]  -  by \u003ca href=\"https://github.com/toxik\"\u003e\u003ccode\u003e@​toxik\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Zelys-DFKH\"\u003e\u003ccode\u003e@​Zelys-DFKH\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10474\"\u003evitest-dev/vitest#10474\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/675b4343f\"\u003e\u003c!-- raw HTML omitted --\u003e(675b4)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.7...v4.1.8\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner\u003c/strong\u003e: Limit concurrency per task branch in addition to per leaf callbacks (backport)  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10384\"\u003evitest-dev/vitest#10384\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/4f0f2a1ee\"\u003e\u003c!-- raw HTML omitted --\u003e(4f0f2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.6...v4.1.7\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Provide project reference in \u003ccode\u003eToMatchScreenshotResolvePath\u003c/code\u003e  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10138\"\u003evitest-dev/vitest#10138\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/31882607c\"\u003e\u003c!-- raw HTML omitted --\u003e(31882)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGlobal \u003ccode\u003esequence.concurrent: true\u003c/code\u003e with top-level \u003ccode\u003etest(..., { concurrent: false })\u003c/code\u003e + depreacte \u003ccode\u003esequential\u003c/code\u003e test API and options  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003eCodex\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10196\"\u003evitest-dev/vitest#10196\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/2847dfa2a\"\u003e\u003c!-- raw HTML omitted --\u003e(2847d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Simplify orchestrator otel carrier  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10285\"\u003evitest-dev/vitest#10285\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/18af98cee\"\u003e\u003c!-- raw HTML omitted --\u003e(18af9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🏎 Performance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStringify diff objects only once  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10276\"\u003evitest-dev/vitest#10276\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9f7b1528c\"\u003e\u003c!-- raw HTML omitted --\u003e(9f7b1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.5...v4.1.6\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Experimental Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Istanbul to support \u003ccode\u003einstrumenter\u003c/code\u003e option  -  by \u003ca href=\"https://github.com/BartWaardenburg\"\u003e\u003ccode\u003e@​BartWaardenburg\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10119\"\u003evitest-dev/vitest#10119\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/0e0ff41c7\"\u003e\u003c!-- raw HTML omitted --\u003e(0e0ff)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e--project negation excludes browser instances  -  by \u003ca href=\"https://github.com/felamaslen\"\u003e\u003ccode\u003e@​felamaslen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10131\"\u003evitest-dev/vitest#10131\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9423dc084\"\u003e\u003c!-- raw HTML omitted --\u003e(9423d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProject color label on html reporter  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10142\"\u003evitest-dev/vitest#10142\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/596f73986\"\u003e\u003c!-- raw HTML omitted --\u003e(596f7)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003evi.defineHelper\u003c/code\u003e called as object method  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10163\"\u003evitest-dev/vitest#10163\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/122c25b5b\"\u003e\u003c!-- raw HTML omitted --\u003e(122c2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlias \u003ccode\u003eagent\u003c/code\u003e reporter to \u003ccode\u003eminimal\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10157\"\u003evitest-dev/vitest#10157\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/663b99fe3\"\u003e\u003c!-- raw HTML omitted --\u003e(663b9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions  -  by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003esheremet-va\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedad\"\u003e\u003c!-- raw HTML omitted --\u003e(9787d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions \u0026quot;  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd\"\u003e\u003c!-- raw HTML omitted --\u003e(7dc6d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-collect\u003c/strong\u003e: Recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery  -  by \u003ca href=\"https://github.com/Yejneshwar\"\u003e\u003ccode\u003e@​Yejneshwar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10129\"\u003evitest-dev/vitest#10129\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab2\"\u003e\u003c!-- raw HTML omitted --\u003e(32546)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Descriptive error message when reports directory is removed during test run  -  by \u003ca href=\"https://github.com/DaveT1991\"\u003e\u003ccode\u003e@​DaveT1991\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10117\"\u003evitest-dev/vitest#10117\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1413382e1\"\u003e\u003c!-- raw HTML omitted --\u003e(14133)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esnapshot\u003c/strong\u003e: Increase default snapshot max output length  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10150\"\u003evitest-dev/vitest#10150\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/21e66ff63\"\u003e\u003c!-- raw HTML omitted --\u003e(21e66)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eui\u003c/strong\u003e: Fix jsx/tsx syntax highlight  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10152\"\u003evitest-dev/vitest#10152\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/f1b1f6c7b\"\u003e\u003c!-- raw HTML omitted --\u003e(f1b1f)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eweb-worker\u003c/strong\u003e: Support MessagePort objects referenced inside postMessage data  -  by \u003ca href=\"https://github.com/whitphx\"\u003e\u003ccode\u003e@​whitphx\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eClaude Opus 4.6 (1M context)\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9927\"\u003evitest-dev/vitest#9927\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10124\"\u003evitest-dev/vitest#10124\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7ad7d39af\"\u003e\u003c!-- raw HTML omitted --\u003e(7ad7d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Make test-specification options writable  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10154\"\u003evitest-dev/vitest#10154\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/6abd557b7\"\u003e\u003c!-- raw HTML omitted --\u003e(6abd5)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.4...v4.1.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e61f2dd2a0ba0a266c1c5e0334aad3799fee527f\"\u003e\u003ccode\u003ee61f2dd\u003c/code\u003e\u003c/a\u003e chore: release v4.1.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b150005fd42cf75f994300119245806b9\"\u003e\u003ccode\u003ee4067b3\u003c/code\u003e\u003c/a\u003e fix(browser): disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a09d47236e19fd3151351080c667036ca6164dc4\"\u003e\u003ccode\u003ea09d472\u003c/code\u003e\u003c/a\u003e chore: release v4.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a8fd24c1cad2320b19fcc651413c7d928423bdc1\"\u003e\u003ccode\u003ea8fd24c\u003c/code\u003e\u003c/a\u003e chore: release v4.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/18af98cee1830604d57f6a02bf28f8067cdffc06\"\u003e\u003ccode\u003e18af98c\u003c/code\u003e\u003c/a\u003e fix(browser): simplify orchestrator otel carrier (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10285\"\u003e#10285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/31882607cc67c7bf52ead13a606321ffdb06a857\"\u003e\u003ccode\u003e3188260\u003c/code\u003e\u003c/a\u003e feat(browser): provide project reference in \u003ccode\u003eToMatchScreenshotResolvePath\u003c/code\u003e (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e399846850fedf10b8228cbe46a419628998acd9\"\u003e\u003ccode\u003ee399846\u003c/code\u003e\u003c/a\u003e chore: release v4.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd9dda0fe6fee2fb6451d0611a9ecb6e7\"\u003e\u003ccode\u003e7dc6d54\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;fix: respect diff config options in soft assertions (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696\"\u003e#8696\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedade9896a6d3eeed7739177d6c583a68a7\"\u003e\u003ccode\u003e9787ded\u003c/code\u003e\u003c/a\u003e fix: respect diff config options in soft assertions (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696\"\u003e#8696\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab292c45c3ef27aa21ec7da380c307052c\"\u003e\u003ccode\u003e325463a\u003c/code\u003e\u003c/a\u003e fix(ast-collect): recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for vitest since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.5.1 to 7.5.16\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/cf213384ac558b539c07c830ed7cca5ffc9e8550\"\u003e\u003ccode\u003ecf21338\u003c/code\u003e\u003c/a\u003e 7.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/21a822027658c8063542be330530bbecdf0dbbfe\"\u003e\u003ccode\u003e21a8220\u003c/code\u003e\u003c/a\u003e do not apply PAX header fields to meta entries\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/52632cf38fdbdbbc7ab86184d68a85b11fdb0970\"\u003e\u003ccode\u003e52632cf\u003c/code\u003e\u003c/a\u003e update project deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/302f51ff3f8eefeccc06be4caf7d0de9b7c321d7\"\u003e\u003ccode\u003e302f51f\u003c/code\u003e\u003c/a\u003e fix inconsequential typo in PENDINGLINKS symbol name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/55dbb99b27640bb12b2ac059b26883c23523b3e3\"\u003e\u003ccode\u003e55dbb99\u003c/code\u003e\u003c/a\u003e remove some uses of mutate-fs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/87cc309f13c21d598b0b833235d387a252455058\"\u003e\u003ccode\u003e87cc309\u003c/code\u003e\u003c/a\u003e 7.5.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7aef486f0d21c10fd7790b16b1b28f04648cf334\"\u003e\u003ccode\u003e7aef486\u003c/code\u003e\u003c/a\u003e fix: regression in pending links detection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6244eb33846bbd407443f5d0e339bd8c91663cd6\"\u003e\u003ccode\u003e6244eb3\u003c/code\u003e\u003c/a\u003e 7.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/9704d8c6f639573775133cbbd541aba83cb46c9c\"\u003e\u003ccode\u003e9704d8c\u003c/code\u003e\u003c/a\u003e stricter protection against hardlinks preempting their targets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/700734f9aeb113bcc5f1400d81b8be7d499e54a2\"\u003e\u003ccode\u003e700734f\u003c/code\u003e\u003c/a\u003e update workflows and deps\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.1...v7.5.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 11.1.0 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.15.1 to 1.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e@​modelcontextprotocol/sdk's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.29.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: treat v1.x as primary branch for npm latest tag (backport \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1577\"\u003e#1577\u003c/a\u003e) by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1749\"\u003emodelcontextprotocol/typescript-sdk#1749\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] fix: disallow null (infinite) requested TTL by \u003ca href=\"https://github.com/LucaButBoring\"\u003e\u003ccode\u003e@​LucaButBoring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1339\"\u003emodelcontextprotocol/typescript-sdk#1339\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] fix: add missing size field to ResourceSchema by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1575\"\u003emodelcontextprotocol/typescript-sdk#1575\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd typings exports by \u003ca href=\"https://github.com/tdraier\"\u003e\u003ccode\u003e@​tdraier\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1623\"\u003emodelcontextprotocol/typescript-sdk#1623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev1.x npm audit fix by \u003ca href=\"https://github.com/KKonstantinov\"\u003e\u003ccode\u003e@​KKonstantinov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1780\"\u003emodelcontextprotocol/typescript-sdk#1780\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev1.x \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1623\"\u003e#1623\u003c/a\u003e follow up -add missing types to package.json by \u003ca href=\"https://github.com/KKonstantinov\"\u003e\u003ccode\u003e@​KKonstantinov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1773\"\u003emodelcontextprotocol/typescript-sdk#1773\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x backport] Allow servers / clients to advertise extensions in the capability object by \u003ca href=\"https://github.com/localden\"\u003e\u003ccode\u003e@​localden\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1811\"\u003emodelcontextprotocol/typescript-sdk#1811\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(stdio): always set windowsHide on Windows, not just in Electron by \u003ca href=\"https://github.com/jnMetaCode\"\u003e\u003ccode\u003e@​jnMetaCode\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1640\"\u003emodelcontextprotocol/typescript-sdk#1640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to...\n\n_Description has been truncated_","html_url":"https://github.com/HarleyCoops/gemini-cli/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HarleyCoops%2Fgemini-cli/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"}},{"old_version":"8.17.1","new_version":"8.18.0","update_type":"minor","path":null,"pr_created_at":"2026-06-13T20:37:36.000Z","version_change":"8.17.1 → 8.18.0","issue":{"uuid":"4656868486","node_id":"PR_kwDOQ5tu8c7mIfeM","number":23,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 24 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-14T05:14:38.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-13T20:37:36.000Z","updated_at":"2026-06-14T05:14:40.000Z","time_to_close":31022,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":24,"packages":[{"name":"simple-git","old_version":"3.28.0","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"esbuild","old_version":"0.25.6","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"},{"name":"vitest","old_version":"1.6.1","new_version":"3.2.6","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"tar","old_version":"7.5.2","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"uuid","old_version":"11.1.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"ws","old_version":"8.18.3","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"@modelcontextprotocol/sdk","old_version":"1.23.0","new_version":"1.29.0","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"diff","old_version":"7.0.0","new_version":"9.0.0","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"shell-quote","old_version":"1.8.3","new_version":"1.8.4","repository_url":"https://github.com/ljharb/shell-quote"},{"name":"undici","old_version":"7.15.0","new_version":"7.27.2","repository_url":"https://github.com/nodejs/undici"},{"name":"ajv","old_version":"8.17.1","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"picomatch","old_version":"4.0.3","new_version":"4.0.4","repository_url":"https://github.com/micromatch/picomatch"},{"name":"vite","old_version":"7.2.2","new_version":"7.3.2","repository_url":"https://github.com/vitejs/vite"},{"name":"@isaacs/brace-expansion","old_version":"5.0.0","new_version":"5.0.1"},{"name":"fast-uri","old_version":"3.0.6","new_version":"3.1.2","repository_url":"https://github.com/fastify/fast-uri"},{"name":"fast-xml-parser","old_version":"4.5.3","new_version":"5.8.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"jws","old_version":"4.0.0","new_version":"4.0.1","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"jws","old_version":"3.2.2","new_version":"3.2.3","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"rollup","old_version":"4.53.2","new_version":"4.62.0","repository_url":"https://github.com/rollup/rollup"},{"name":"tmp","old_version":"0.2.5","new_version":"0.2.7","repository_url":"https://github.com/raszi/node-tmp"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 21 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.28.0` | `3.36.0` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.25.6` | `0.28.1` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `1.6.1` | `3.2.6` |\n| [tar](https://github.com/isaacs/node-tar) | `7.5.2` | `7.5.11` |\n| [uuid](https://github.com/uuidjs/uuid) | `11.1.0` | `14.0.0` |\n| [ws](https://github.com/websockets/ws) | `8.18.3` | `8.20.1` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.23.0` | `1.29.0` |\n| [diff](https://github.com/kpdecker/jsdiff) | `7.0.0` | `9.0.0` |\n| [shell-quote](https://github.com/ljharb/shell-quote) | `1.8.3` | `1.8.4` |\n| [undici](https://github.com/nodejs/undici) | `7.15.0` | `7.27.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.17.1` | `8.18.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `4.0.3` | `4.0.4` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `7.2.2` | `7.3.2` |\n| @isaacs/brace-expansion | `5.0.0` | `5.0.1` |\n| [fast-uri](https://github.com/fastify/fast-uri) | `3.0.6` | `3.1.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.3` | `5.8.0` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [jws](https://github.com/brianloveswords/node-jws) | `4.0.0` | `4.0.1` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [rollup](https://github.com/rollup/rollup) | `4.53.2` | `4.62.0` |\n| [tmp](https://github.com/raszi/node-tmp) | `0.2.5` | `0.2.7` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/core directory: [diff](https://github.com/kpdecker/jsdiff).\n\nUpdates `simple-git` from 3.28.0 to 3.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/releases\"\u003esimple-git's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esimple-git@3.36.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e89a2294: Extend known exploitable configuration keys and per-task environment variables.\u003c/p\u003e\n\u003cp\u003eNote - \u003ccode\u003eParsedVulnerabilities\u003c/code\u003e from \u003ccode\u003eargv-parser\u003c/code\u003e is removed in favour of a readonly array of \u003ccode\u003eVulnerability\u003c/code\u003e to match usage in \u003ccode\u003esimple-git\u003c/code\u003e, rolled into the new \u003ccode\u003evulnerabilityCheck\u003c/code\u003e for simpler access to the identified issues.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/zebbern\"\u003e\u003ccode\u003e@​zebbern\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003ecore.fsmonitor\u003c/code\u003e.\nThanks to \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003eGIT_CONFIG_COUNT\u003c/code\u003e environment variables and \u003ccode\u003e--template\u003c/code\u003e / \u003ccode\u003emerge\u003c/code\u003e related config.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1ad57e8: Remove conflicting node:buffer import\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [89a2294]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [675570a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.35.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0cf9d8c: Improvements for mono-repo publishing pipeline\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0cf9d8c]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.35.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0de400e: Update monorepo version handling during publish\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0de400e]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.33.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea263635: Use \u003ccode\u003epathspec\u003c/code\u003e wrappers for remote and local paths when running either \u003ccode\u003egit.clone\u003c/code\u003e or \u003ccode\u003egit.mirror\u003c/code\u003e to\navoid leaving them less open for unexpected outcomes when passing unsanitised data into these tasks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ee253a0d: Enhanced \u003ccode\u003egit -c\u003c/code\u003e checks in \u003ccode\u003eunsafe\u003c/code\u003e plugin.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JohannesLks\"\u003e\u003ccode\u003e@​JohannesLks\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md\"\u003esimple-git's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.36.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e89a2294: Extend known exploitable configuration keys and per-task environment variables.\u003c/p\u003e\n\u003cp\u003eNote - \u003ccode\u003eParsedVulnerabilities\u003c/code\u003e from \u003ccode\u003eargv-parser\u003c/code\u003e is removed in favour of a readonly array of \u003ccode\u003eVulnerability\u003c/code\u003e to match usage in \u003ccode\u003esimple-git\u003c/code\u003e, rolled into the new \u003ccode\u003evulnerabilityCheck\u003c/code\u003e for simpler access to the identified issues.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/zebbern\"\u003e\u003ccode\u003e@​zebbern\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003ecore.fsmonitor\u003c/code\u003e.\nThanks to \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003eGIT_CONFIG_COUNT\u003c/code\u003e environment variables and \u003ccode\u003e--template\u003c/code\u003e / \u003ccode\u003emerge\u003c/code\u003e related config.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1ad57e8: Remove conflicting node:buffer import\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [89a2294]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [675570a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0cf9d8c: Improvements for mono-repo publishing pipeline\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0cf9d8c]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0de400e: Update monorepo version handling during publish\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0de400e]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e3d8708b: Updating publish config\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [3d8708b]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.34.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/7dc1a532a9ec92fb08c93202954be73175b07d83\"\u003e\u003ccode\u003e7dc1a53\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/76f5376bd418cb8baf5ec32757af442d47128e22\"\u003e\u003ccode\u003e76f5376\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1061\"\u003e#1061\u003c/a\u003e from Vinzent03/fix/buffer-import\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/89a2294febed5dfe737c4c735d936bb6018746a8\"\u003e\u003ccode\u003e89a2294\u003c/code\u003e\u003c/a\u003e Environment Parsing (\u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1156\"\u003e#1156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/1b91b762f047777ca6686f34ac3f7b8a543a4780\"\u003e\u003ccode\u003e1b91b76\u003c/code\u003e\u003c/a\u003e fix: remove explicit node:buffer import\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/e390685960a3461875dce89d87ab80e3143d79fe\"\u003e\u003ccode\u003ee390685\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/3c9e4b8309667d0cb4102cda770f92075fc781dd\"\u003e\u003ccode\u003e3c9e4b8\u003c/code\u003e\u003c/a\u003e Pin version of \u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/94ee21fd5a2a6182fbf0f218a5efca2057b567cd\"\u003e\u003ccode\u003e94ee21f\u003c/code\u003e\u003c/a\u003e Export \u003ccode\u003epathspec\u003c/code\u003e types through \u003ccode\u003esimple-git\u003c/code\u003e for backward compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/6d7cb5174273aa33d131172d3770cb386e795171\"\u003e\u003ccode\u003e6d7cb51\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/0de400e7b014a48113acf673b3409a95b9c87a15\"\u003e\u003ccode\u003e0de400e\u003c/code\u003e\u003c/a\u003e Switch to semver from workspace revisions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/2264722abcb637042dd4cc50d903d69e4ee14b38\"\u003e\u003ccode\u003e2264722\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/steveukx/git-js/commits/simple-git@3.36.0/simple-git\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for simple-git since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.25.6 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2025.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog: 2025\u003c/h1\u003e\n\u003cp\u003eThis changelog documents all esbuild versions published in the year 2025 (versions 0.25.0 through 0.27.2).\u003c/p\u003e\n\u003ch2\u003e0.27.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow import path specifiers starting with \u003ccode\u003e#/\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4361\"\u003e#4361\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously the specification for \u003ccode\u003epackage.json\u003c/code\u003e disallowed import path specifiers starting with \u003ccode\u003e#/\u003c/code\u003e, but this restriction \u003ca href=\"https://redirect.github.com/nodejs/node/pull/60864\"\u003ehas recently been relaxed\u003c/a\u003e and support for it is being added across the JavaScript ecosystem. One use case is using it for a wildcard pattern such as mapping \u003ccode\u003e#/*\u003c/code\u003e to \u003ccode\u003e./src/*\u003c/code\u003e (previously you had to use another character such as \u003ccode\u003e#_*\u003c/code\u003e instead, which was more confusing). There is some more context in \u003ca href=\"https://redirect.github.com/nodejs/node/issues/49182\"\u003enodejs/node#49182\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis change was contributed by \u003ca href=\"https://github.com/hybrist\"\u003e\u003ccode\u003e@​hybrist\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAutomatically add the \u003ccode\u003e-webkit-mask\u003c/code\u003e prefix (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4357\"\u003e#4357\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4358\"\u003e#4358\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release automatically adds the \u003ccode\u003e-webkit-\u003c/code\u003e vendor prefix for the \u003ca href=\"https://developer.mozilla.org/en-US/docs/Web/CSS/Reference/Properties/mask\"\u003e\u003ccode\u003emask\u003c/code\u003e\u003c/a\u003e CSS shorthand property:\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\nmain {\n  mask: url(x.png) center/5rem no-repeat\n}\n\u003cp\u003e/* Old output (with --target=chrome110) */\u003cbr /\u003e\nmain {\u003cbr /\u003e\nmask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e/* New output (with --target=chrome110) */\u003cbr /\u003e\nmain {\u003cbr /\u003e\n-webkit-mask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\nmask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\n}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThis change was contributed by \u003ca href=\"https://github.com/BPJEnnova\"\u003e\u003ccode\u003e@​BPJEnnova\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdditional minification of \u003ccode\u003eswitch\u003c/code\u003e statements (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4176\"\u003e#4176\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4359\"\u003e#4359\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release contains additional minification patterns for reducing \u003ccode\u003eswitch\u003c/code\u003e statements. Here is an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nswitch (x) {\n  case 0:\n    foo()\n    break\n  case 1:\n  default:\n    bar()\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.25.6...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for esbuild since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 1.6.1 to 3.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.6\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePin last supported vite-node version  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/16f120d05\"\u003e\u003c!-- raw HTML omitted --\u003e(16f12)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.5...v3.2.6\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev3.2.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Add \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e [backport to v3]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10445\"\u003evitest-dev/vitest#10445\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/af88b1f5d\"\u003e\u003c!-- raw HTML omitted --\u003e(af88b)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v3]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10456\"\u003evitest-dev/vitest#10456\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/385a1aefd\"\u003e\u003c!-- raw HTML omitted --\u003e(385a1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.4...v3.2.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev3.2.4\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUse correct path for optimisation of strip-literal  -  by \u003ca href=\"https://github.com/mrginglymus\"\u003e\u003ccode\u003e@​mrginglymus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8139\"\u003evitest-dev/vitest#8139\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/44940d9dd\"\u003e\u003c!-- raw HTML omitted --\u003e(44940)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrint uint and buffer as a simple string  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8141\"\u003evitest-dev/vitest#8141\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/b86bf0d99\"\u003e\u003c!-- raw HTML omitted --\u003e(b86bf)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eShow a helpful error when spying on an export  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8178\"\u003evitest-dev/vitest#8178\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/5600772c2\"\u003e\u003c!-- raw HTML omitted --\u003e(56007)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecli\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003evitest run --watch\u003c/code\u003e should be watch-mode  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8128\"\u003evitest-dev/vitest#8128\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/657e83f9f\"\u003e\u003c!-- raw HTML omitted --\u003e(657e8)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse absolute path environment on Windows  -  by \u003ca href=\"https://github.com/colinaaa\"\u003e\u003ccode\u003e@​colinaaa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8105\"\u003evitest-dev/vitest#8105\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/85dc0195f\"\u003e\u003c!-- raw HTML omitted --\u003e(85dc0)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThrow error when \u003ccode\u003e--shard x/\u0026lt;count\u0026gt;\u003c/code\u003e exceeds count of test files  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8112\"\u003evitest-dev/vitest#8112\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/8a18c8e20\"\u003e\u003c!-- raw HTML omitted --\u003e(8a18c)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eIgnore SCSS in browser mode  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8161\"\u003evitest-dev/vitest#8161\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/0c3be6f63\"\u003e\u003c!-- raw HTML omitted --\u003e(0c3be)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eUpdate all non-major dependencies  -  in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8123\"\u003evitest-dev/vitest#8123\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/93f3200e4\"\u003e\u003c!-- raw HTML omitted --\u003e(93f32)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eexpect\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eHandle async errors in expect.soft  -  by \u003ca href=\"https://github.com/lzl0304\"\u003e\u003ccode\u003e@​lzl0304\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8145\"\u003evitest-dev/vitest#8145\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/686996912\"\u003e\u003c!-- raw HTML omitted --\u003e(68699)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epool\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eAuto-adjust \u003ccode\u003eminWorkers\u003c/code\u003e when only \u003ccode\u003emaxWorkers\u003c/code\u003e specified  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8110\"\u003evitest-dev/vitest#8110\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/14dc0724f\"\u003e\u003c!-- raw HTML omitted --\u003e(14dc0)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ereporter\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etask.meta\u003c/code\u003e should be available in custom reporter's errors  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8115\"\u003evitest-dev/vitest#8115\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/27df68a0e\"\u003e\u003c!-- raw HTML omitted --\u003e(27df6)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003erunner\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003ePreserve handler wrapping on extend  -  by \u003ca href=\"https://github.com/pengooseDev\"\u003e\u003ccode\u003e@​pengooseDev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8153\"\u003evitest-dev/vitest#8153\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/a92812b70\"\u003e\u003c!-- raw HTML omitted --\u003e(a9281)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eui\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eEnsure ui config option works correctly  -  by \u003ca href=\"https://github.com/lzl0304\"\u003e\u003ccode\u003e@​lzl0304\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8147\"\u003evitest-dev/vitest#8147\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/42eeb2ee6\"\u003e\u003c!-- raw HTML omitted --\u003e(42eeb)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.3...v3.2.4\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev3.2.3\u003c/h2\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Use base url instead of \u003cstrong\u003evitest\u003c/strong\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8126\"\u003evitest-dev/vitest#8126\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1d8ebf9ae\"\u003e\u003c!-- raw HTML omitted --\u003e(1d8eb)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/b6d56f8171ae814ee7571df63a35a0da5203dbaa\"\u003e\u003ccode\u003eb6d56f8\u003c/code\u003e\u003c/a\u003e chore: release v3.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/16f120d0585677f6a32bcb3dd01fa61c140e2588\"\u003e\u003ccode\u003e16f120d\u003c/code\u003e\u003c/a\u003e fix: pin last supported vite-node version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/2cbad0a923c48c6144266df3cd25f93547cb5221\"\u003e\u003ccode\u003e2cbad0a\u003c/code\u003e\u003c/a\u003e chore: release v3.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/385a1aefd4c2bfa5e7d58bf7c6834c929969f2c7\"\u003e\u003ccode\u003e385a1ae\u003c/code\u003e\u003c/a\u003e fix(browser): disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/af88b1f5d82844a4761ea9a977156c98e2b14ca8\"\u003e\u003ccode\u003eaf88b1f\u003c/code\u003e\u003c/a\u003e feat(api): add \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e [backport to v3]...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/c666d149a4516761bae92ca56ce1336d2fd352c3\"\u003e\u003ccode\u003ec666d14\u003c/code\u003e\u003c/a\u003e chore: release v3.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/8a18c8e20a19f2c8d9f402e426886999f378c389\"\u003e\u003ccode\u003e8a18c8e\u003c/code\u003e\u003c/a\u003e fix(cli): throw error when \u003ccode\u003e--shard x/\\\u0026lt;count\u0026gt;\u003c/code\u003e exceeds count of test files (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/8abd7cc6fff5fa47d899b5f5383f526d2fdef784\"\u003e\u003ccode\u003e8abd7cc\u003c/code\u003e\u003c/a\u003e chore(deps): update \u003ccode\u003etinypool\u003c/code\u003e (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8174\"\u003e#8174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/93f3200e452874ed4e2d018718bbbde7ebd28590\"\u003e\u003ccode\u003e93f3200\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8123\"\u003e#8123\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/0c3be6f637d65ef47f2fcf2ccd637f1ecc9d1786\"\u003e\u003ccode\u003e0c3be6f\u003c/code\u003e\u003c/a\u003e fix(coverage): ignore SCSS in browser mode (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8161\"\u003e#8161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v3.2.6/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for vitest since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.5.2 to 7.5.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2b72abc1d47c3570e1ad95c9ab557fc4c2e6e4b1\"\u003e\u003ccode\u003e2b72abc\u003c/code\u003e\u003c/a\u003e 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f\"\u003e\u003ccode\u003e7bc755d\u003c/code\u003e\u003c/a\u003e parse root off paths before sanitizing .. parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/c8cb84629dee649feedde03f2f4ea48f2e44e778\"\u003e\u003ccode\u003ec8cb846\u003c/code\u003e\u003c/a\u003e update deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/1f0c2c9006b10199cf2686f8ef43e79a1773e1aa\"\u003e\u003ccode\u003e1f0c2c9\u003c/code\u003e\u003c/a\u003e 7.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/fbb08518bf290733b68ca4d4135f75becf73fd75\"\u003e\u003ccode\u003efbb0851\u003c/code\u003e\u003c/a\u003e build minified version as default export\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6b8eba0ef367ac937e703238daa6df94ae6f823f\"\u003e\u003ccode\u003e6b8eba0\u003c/code\u003e\u003c/a\u003e 7.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2cb1120bcefe28d7ecc719b41441ade59c52e384\"\u003e\u003ccode\u003e2cb1120\u003c/code\u003e\u003c/a\u003e fix(unpack): improve UnpackSync symlink error \u0026quot;into\u0026quot; path accuracy\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.2...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 11.1.0 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.18.3 to 8.20.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an uninitialized memory disclosure issue in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\n(c0327ec1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding a \u003ccode\u003eTypedArray\u003c/code\u003e (e.g. \u003ccode\u003eFloat32Array\u003c/code\u003e) as the \u003ccode\u003ereason\u003c/code\u003e argument for\n\u003ccode\u003ewebsocket.close()\u003c/code\u003e, rather than the supported string or \u003ccode\u003eBuffer\u003c/code\u003e types, caused\nuninitialized memory to be disclosed to the remote peer.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { deepStrictEqual } from 'node:assert';\r\nimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer(\n{ port: 0, skipUTF8Validation: true },\nfunction () {\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e, {\nskipUTF8Validation: true\n});\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ews.on('close', function (code, reason) {\r\n  deepStrictEqual(reason, Buffer.alloc(80));\r\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e}\n);\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.close(1000, new Float32Array(20));\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe issue was privately reported by \u003ca href=\"https://github.com/ChALkeR\"\u003eNikita Skovoroda\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e8.20.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded exports for the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and utilities for the\n\u003ccode\u003eSec-WebSocket-Extensions\u003c/code\u003e and \u003ccode\u003eSec-WebSocket-Protocol\u003c/code\u003e headers (d3503c1f).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.19.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecloseTimeout\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2308\"\u003e#2308\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eHandled a forthcoming breaking change in Node.js core (19984854).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/3ee5349a0b1580f6e1f347b59ec3371011bd8481\"\u003e\u003ccode\u003e3ee5349\u003c/code\u003e\u003c/a\u003e [api] Convert the \u003ccode\u003eisServer\u003c/code\u003e and \u003ccode\u003emaxPayload\u003c/code\u003e parameters to options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/91707b470ebd803aaa3fd1e896217740f39267d4\"\u003e\u003ccode\u003e91707b4\u003c/code\u003e\u003c/a\u003e [doc] Add missing space\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8b553192268810a83253e2a4a39ac16768e75bb3\"\u003e\u003ccode\u003e8b55319\u003c/code\u003e\u003c/a\u003e [pkg] Update eslint to version 10.0.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.18.3...8.20.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.23.0 to 1.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e@​modelcontextprotocol/sdk's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.29.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: treat v1.x as primary branch for npm latest tag (backport \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1577\"\u003e#1577\u003c/a\u003e) by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1749\"\u003emodelcontextprotocol/typescript-sdk#1749\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] fix: disallow null (infinite) requested TTL by \u003ca href=\"https://github.com/LucaButBoring\"\u003e\u003ccode\u003e@​LucaButBoring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1339\"\u003emodelcontextprotocol/typescript-sdk#1339\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] fix: add missing size field to ResourceSchema by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1575\"\u003emodelcontextprotocol/typescript-sdk#1575\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd typings exports by \u003ca href=\"https://github.com/tdraier\"\u003e\u003ccode\u003e@​tdraier\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1623\"\u003emodelcontextprotocol/typescript-sdk#1623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev1.x npm audit fix by \u003ca href=\"https://github.com/KKonstantinov\"\u003e\u003ccode\u003e@​KKonstantinov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1780\"\u003emodelcontextprotocol/typescript-sdk#1780\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev1.x \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1623\"\u003e#1623\u003c/a\u003e follow up -add missing types to package.json by \u003ca href=\"https://github.com/KKonstantinov\"\u003e\u003ccode\u003e@​KKonstantinov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1773\"\u003emodelcontextprotocol/typescript-sdk#1773\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x backport] Allow servers / clients to advertise extensions in the capability object by \u003ca href=\"https://github.com/localden\"\u003e\u003ccode\u003e@​localden\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1811\"\u003emodelcontextprotocol/typescript-sdk#1811\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(stdio): always set windowsHide on Windows, not just in Electron by \u003ca href=\"https://github.com/jnMetaCode\"\u003e\u003ccode\u003e@​jnMetaCode\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1640\"\u003emodelcontextprotocol/typescript-sdk#1640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.29.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1820\"\u003emodelcontextprotocol/typescript-sdk#1820\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tdraier\"\u003e\u003ccode\u003e@​tdraier\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1623\"\u003emodelcontextprotocol/typescript-sdk#1623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnMetaCode\"\u003e\u003ccode\u003e@​jnMetaCode\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1640\"\u003emodelcontextprotocol/typescript-sdk#1640\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.28.0...v1.29.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.28.0...v1.29.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.28.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: use scopes_supported from resource metadata by default (fixes \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/580\"\u003e#580\u003c/a\u003e) by \u003ca href=\"https://github.com/antogyn\"\u003e\u003ccode\u003e@​antogyn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/757\"\u003emodelcontextprotocol/typescript-sdk#757\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x backport] Default to client_secret_basic when server omits token_endpoint_auth_methods_supported by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1611\"\u003emodelcontextprotocol/typescript-sdk#1611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: reject plain JSON Schema objects passed as inputSchema by \u003ca href=\"https://github.com/tiluckdave\"\u003e\u003ccode\u003e@​tiluckdave\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1596\"\u003emodelcontextprotocol/typescript-sdk#1596\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: clear _timeoutInfo in _onclose() and scope .finally() abort controller cleanup by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1462\"\u003emodelcontextprotocol/typescript-sdk#1462\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(server/auth): RFC 8252 loopback port relaxation by \u003ca href=\"https://github.com/poteat\"\u003e\u003ccode\u003e@​poteat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1738\"\u003emodelcontextprotocol/typescript-sdk#1738\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.28.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1746\"\u003emodelcontextprotocol/typescript-sdk#1746\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/antogyn\"\u003e\u003ccode\u003e@​antogyn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/757\"\u003emodelcontextprotocol/typescript-sdk#757\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tiluckdave\"\u003e\u003ccode\u003e@​tiluckdave\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1596\"\u003emodelcontextprotocol/typescript-sdk#1596\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/poteat\"\u003e\u003ccode\u003e@​poteat\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1738\"\u003emodelcontextprotocol/typescript-sdk#1738\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.1...v1.28.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.1...v1.28.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: implement auth/pre-registration conformance scenario by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1545\"\u003emodelcontextprotocol/typescript-sdk#1545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add governance documentation for SEP-1730 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1547\"\u003emodelcontextprotocol/typescript-sdk#1547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: comprehensive feature documentation for SEP-1730 Tier 1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1548\"\u003emodelcontextprotocol/typescript-sdk#1548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent command injection in example URL opening (v1.x backport) by \u003ca href=\"https://github.com/maxisbey\"\u003e\u003ccode\u003e@​maxisbey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1579\"\u003emodelcontextprotocol/typescript-sdk#1579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: call onerror for silently swallowed transport errors by \u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.27.1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1581\"\u003emodelcontextprotocol/typescript-sdk#1581\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/e12cbd7078db388152f6e839abdbe09ba01f3f32\"\u003e\u003ccode\u003ee12cbd7\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.29.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1820\"\u003e#1820\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/3913fd4443a86536155e3ebef9edd2045c372c1e\"\u003e\u003ccode\u003e3913fd4\u003c/code\u003e\u003c/a\u003e fix(stdio): always set windowsHide on Windows, not just in Electron (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1640\"\u003e#1640\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/5608e78dd0d4ca6cd7dd03278419578f1780365a\"\u003e\u003ccode\u003e5608e78\u003c/code\u003e\u003c/a\u003e [v1.x backport] Allow servers / clients to advertise extensions in the capabi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/7213816788e634ffb9d09affe50f0295093bfb73\"\u003e\u003ccode\u003e7213816\u003c/code\u003e\u003c/a\u003e v1.x \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1623\"\u003e#1623\u003c/a\u003e follow up -add missing types to package.json (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1773\"\u003e#1773\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/364f38ca2d8895aed7c37b7a0a1031bb7ae4841c\"\u003e\u003ccode\u003e364f38c\u003c/code\u003e\u003c/a\u003e v1.x npm audit fix (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1780\"\u003e#1780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/c95cc0943b045517e4cc414baf1f168b216c3142\"\u003e\u003ccode\u003ec95cc09\u003c/code\u003e\u003c/a\u003e Add typings exports (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1623\"\u003e#1623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/ddadaa6cc633fb5db0c094bf031b15b68a357820\"\u003e\u003ccode\u003eddadaa6\u003c/code\u003e\u003c/a\u003e [v1.x] fix: add missing size field to ResourceSchema (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1575\"\u003e#1575\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/2a158513028d9f862c4188b6957e78cd5663f26b\"\u003e\u003ccode\u003e2a15851\u003c/code\u003e\u003c/a\u003e [v1.x] fix: disallow null (infinite) requested TTL (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1339\"\u003e#1339\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/13e30f1d36de8442417fec695983bdb155c00768\"\u003e\u003ccode\u003e13e30f1\u003c/code\u003e\u003c/a\u003e fix: treat v1.x as primary branch for npm latest tag (backport \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1577\"\u003e#1577\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1749\"\u003e#1749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/a0565695218544fc53e99bf5b544a887d373cefa\"\u003e\u003ccode\u003ea056569\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.28.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1746\"\u003e#1746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.23.0...v1.29.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 7.0.0 to 9.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e9.0.0\u003c/h2\u003e\n\u003cp\u003e(All changes part of PR \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/672\"\u003e#672\u003c/a\u003e.)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eES5 support is dropped\u003c/strong\u003e. \u003ccode\u003eparsePatch\u003c/code\u003e now uses \u003ccode\u003eTextDecoder\u003c/code\u003e and \u003ccode\u003eUint8Array\u003c/code\u003e, which are not available in ES5, and TypeScript is now compiled with the \u0026quot;es6\u0026quot; \u003ccode\u003etarget\u003c/code\u003e. From now on, I intend to freely use any features that are deemed \u0026quot;Widely available\u0026quot; by \u003ca href=\"https://web.dev/baseline\"\u003eBaseline\u003c/a\u003e. Users who need ES5 support should stick to version 8.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eC-style quoted strings in filename headers are now properly supported\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eWhen the name of either the old or new file in a patch contains \u0026quot;special characters\u0026quot;, both GNU \u003ccode\u003ediff\u003c/code\u003e and Git quote the filename in the patch's headers and escape special characters using the same escape sequences that are used in string literals in C, including octal escapes for all non-ASCII characters. Previously, jsdiff had very little support for this; \u003ccode\u003eparsePatch\u003c/code\u003e would remove the quotes, and unescape any escaped backslashes, but would not unescape other escape sequences. \u003ccode\u003eformatPatch\u003c/code\u003e, meanwhile, did not quote or escape special characters at all.\u003c/p\u003e\n\u003cp\u003eNow, \u003ccode\u003eparsePatch\u003c/code\u003e parses all the possible escape sequences that GNU diff (or Git) ever output, and \u003ccode\u003eformatPatch\u003c/code\u003e quotes and escapes filenames containing special characters in the same way GNU diff does.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e now omits file headers when \u003ccode\u003eoldFileName\u003c/code\u003e or \u003ccode\u003enewFileName\u003c/code\u003e in the provided patch object are \u003ccode\u003eundefined\u003c/code\u003e\u003c/strong\u003e, regardless of the \u003ccode\u003eheaderOptions\u003c/code\u003e parameter. (Previously, it would treat the absence of \u003ccode\u003eoldFileName\u003c/code\u003e or \u003ccode\u003enewFileName\u003c/code\u003e as indicating the filename was the word \u0026quot;undefined\u0026quot; and emit headers \u003ccode\u003e--- undefined\u003c/code\u003e / \u003ccode\u003e+++ undefined\u003c/code\u003e.)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e no longer outputs trailing tab characters at the end of \u003ccode\u003e---\u003c/code\u003e/\u003ccode\u003e+++\u003c/code\u003e headers.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003ePreviously, if \u003ccode\u003eformatPatch\u003c/code\u003e was passed a patch object to serialize that had empty strings for the \u003ccode\u003eoldHeader\u003c/code\u003e or \u003ccode\u003enewHeader\u003c/code\u003e property, it would include a trailing tab character after the filename in the \u003ccode\u003e---\u003c/code\u003e and/or \u003ccode\u003e+++\u003c/code\u003e file header. Now, this scenario is treated the same as when \u003ccode\u003eoldHeader\u003c/code\u003e/\u003ccode\u003enewHeader\u003c/code\u003e is \u003ccode\u003eundefined\u003c/code\u003e - i.e. the trailing tab is omitted.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e no longer mutates its input\u003c/strong\u003e when serializing a patch containing a hunk where either the old or new content contained zero lines. (Such a hunk occurs only when the hunk has no context lines and represents a pure insertion or pure deletion, which for instance will occur whenever one of the two files being diffed is completely empty.) Previously \u003ccode\u003eformatPatch\u003c/code\u003e would provide the correct output but also mutate the \u003ccode\u003eoldLines\u003c/code\u003e or \u003ccode\u003enewLines\u003c/code\u003e property on the hunk, changing the meaning of the underlying patch.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eGit-style patches are now supported by \u003ccode\u003eparsePatch\u003c/code\u003e, \u003ccode\u003eformatPatch\u003c/code\u003e, and \u003ccode\u003ereversePatch\u003c/code\u003e\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003ePatches output by \u003ccode\u003egit diff\u003c/code\u003e can include some features that are unlike those output by GNU \u003ccode\u003ediff\u003c/code\u003e, and therefore not handled by an ordinary unified diff format parser. An ordinary diff simply describes the differences between the \u003cem\u003econtent\u003c/em\u003e of two files, but Git diffs can also indicate, via \u0026quot;extended headers\u0026quot;, the creation or deletion of (potentially empty) files, indicate that a file was renamed, and contain information about file mode changes. Furthermore, when these changes appear in a diff in the absence of a content change (e.g. when an empty file is created, or a file is renamed without content changes), the patch will contain no associated \u003ccode\u003e---\u003c/code\u003e/\u003ccode\u003e+++\u003c/code\u003e file headers nor any hunks.\u003c/p\u003e\n\u003cp\u003ejsdiff previously did not support parsing Git's extended headers, nor hunkless patches. Now \u003ccode\u003eparsePatch\u003c/code\u003e parses some of the extended headers, parses hunkless Git patches, and can determine filenames (e.g. from the extended headers) when parsing a patch that includes no \u003ccode\u003e---\u003c/code\u003e or \u003ccode\u003e+++\u003c/code\u003e file headers. The additional information conveyed by the extended headers we support is recorded on new fields on the result object returned by \u003ccode\u003eparsePatch\u003c/code\u003e. See \u003ccode\u003eisGit\u003c/code\u003e and subsequent properties in the docs in the README.md file.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003eformatPatch\u003c/code\u003e now outputs extended headers based on these new Git-specific properties, and \u003ccode\u003ereversePatch\u003c/code\u003e respects them as far as possible (with one unavoidable caveat noted in the README.md file).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eUnpaired file headers now cause \u003ccode\u003eparsePatch\u003c/code\u003e to throw\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eIt remains acceptable to have a patch with no file headers whatsoever (e.g. one that begins with a \u003ccode\u003e@@\u003c/code\u003e hunk header on the very first line), but a patch with \u003cem\u003eonly\u003c/em\u003e a \u003ccode\u003e---\u003c/code\u003e header or only a \u003ccode\u003e+++\u003c/code\u003e header is now considered an error.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eparsePatch\u003c/code\u003e is now more tolerant of \u0026quot;trailing garbage\u0026quot;\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThat is: after a patch, or between files/indexes in a patch, it is now acceptable to have arbitrary lines of \u0026quot;garbage\u0026quot; (so long as they unambiguously have no syntactic meaning - e.g. trailing garbage that leads with a \u003ccode\u003e+\u003c/code\u003e, \u003ccode\u003e-\u003c/code\u003e, or \u003ccode\u003e \u003c/code\u003e and thus is interpretable as part of a hunk still triggers a throw).\u003c/p\u003e\n\u003cp\u003eThis means we no longer reject patches output by tools that include extra data in \u0026quot;garbage\u0026quot; lines not understood by generic unified diff parsers. (For example, SVN patches can include \u0026quot;Property changes on:\u0026quot; lines that generic unified diff parsers should discard as garbage; jsdiff previously threw errors when encountering them.)\u003c/p\u003e\n\u003cp\u003eThis change brings jsdiff's behaviour more in line with GNU \u003ccode\u003epatch\u003c/code\u003e, which is highly permissive of \u0026quot;garbage\u0026quot;.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThe \u003ccode\u003eoldFileName\u003c/code\u003e and \u003ccode\u003enewFileName\u003c/code\u003e fields of \u003ccode\u003eStructuredPatch\u003c/code\u003e are now typed as \u003ccode\u003estring | undefined\u003c/code\u003e instead of \u003ccode\u003estring\u003c/code\u003e\u003c/strong\u003e. This type change reflects the (pre-existing) reality that \u003ccode\u003eparsePatch\u003c/code\u003e can produce patches without filenames (e.g. when parsing a patch that simply contains hunks with no file headers).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/667\"\u003e#667\u003c/a\u003e - \u003cstrong\u003efix another bug in \u003ccode\u003ediffWords\u003c/code\u003e when used with an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e\u003c/strong\u003e. If the text to be diffed included a combining mark after a whitespace character (i.e. roughly speaking, an accented space), \u003ccode\u003ediffWords\u003c/code\u003e would previously crash. Now this case is handled correctly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/631\"\u003e#631\u003c/a\u003e - \u003cstrong\u003efix support for using an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e with \u003ccode\u003ediffWords\u003c/code\u003e\u003c/strong\u003e. This has been almost completely broken since the feature was added in v6.0.0, since it would outright crash on any text that featured two consecutive newlines between a pair of words (a very common case).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/635\"\u003e#635\u003c/a\u003e - \u003cstrong\u003esmall tweaks to tokenization behaviour of \u003ccode\u003ediffWords\u003c/code\u003e\u003c/strong\u003e when used \u003cem\u003ewithout\u003c/em\u003e an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e. Specifically, the soft hyphen (U+00AD) is no longer considered to be a word break, and the multiplication and division signs (\u003ccode\u003e×\u003c/code\u003e and \u003ccode\u003e÷\u003c/code\u003e) are now treated as punctuation instead of as letters / word characters.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/ed13aca03aa25735fafc0645d1185e7a1c68fd8c\"\u003e\u003ccode\u003eed13aca\u003c/code\u003e\u003c/a\u003e Update version in package.json and in release notes (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/683\"\u003e#683\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/7a49317b503a932b88fc72ad9c57a481df038e24\"\u003e\u003ccode\u003e7a49317\u003c/code\u003e\u003c/a\u003e Bump dependencies again (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/682\"\u003e#682\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/afe5aecad189c9f5941ad3feb3c94c46b32ecb0a\"\u003e\u003ccode\u003eafe5aec\u003c/code\u003e\u003c/a\u003e Add Git support, and otherwise variously improve \u0026amp; fix parsePatch (and other ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/2e46779d8866ce7da1303a03db33ed038590c6f6\"\u003e\u003ccode\u003e2e46779\u003c/code\u003e\u003c/a\u003e Fix a typo (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/679\"\u003e#679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/dd2f99497703a1540b2ae406b51c49b74b5fc1a1\"\u003e\u003ccode\u003edd2f994\u003c/code\u003e\u003c/a\u003e 8.0.4 release (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/3cc438434db53c5d1c40412b727ea7650f6f145a\"\u003e\u003ccode\u003e3cc4384\u003c/code\u003e\u003c/a\u003e Update docs on releasing to reflect migration to yarn berry (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/is...\n\n_Description has been truncated_","html_url":"https://github.com/cosmiccareer/terminai/pull/23","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/cosmiccareer%2Fterminai/issues/23","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/23/packages"}},{"old_version":"8.17.1","new_version":"8.18.0","update_type":"minor","path":null,"pr_created_at":"2026-06-13T20:37:29.000Z","version_change":"8.17.1 → 8.18.0","issue":{"uuid":"4656868166","node_id":"PR_kwDOQ8daQ87mIfaP","number":9,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 3 directories with 26 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-13T20:37:29.000Z","updated_at":"2026-06-13T20:38:23.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":26,"packages":[{"name":"simple-git","old_version":"3.28.0","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"esbuild","old_version":"0.25.6","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"},{"name":"vitest","old_version":"1.6.1","new_version":"3.2.6","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"@modelcontextprotocol/sdk","old_version":"1.25.1","new_version":"1.26.0","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"diff","old_version":"7.0.0","new_version":"9.0.0","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"shell-quote","old_version":"1.8.3","new_version":"1.8.4","repository_url":"https://github.com/ljharb/shell-quote"},{"name":"tar","old_version":"7.5.2","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"undici","old_version":"6.22.0","new_version":"6.24.0","repository_url":"https://github.com/nodejs/undici"},{"name":"ajv","old_version":"8.17.1","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"fast-uri","old_version":"3.0.6","new_version":"3.1.2","repository_url":"https://github.com/fastify/fast-uri"},{"name":"picomatch","old_version":"4.0.3","new_version":"4.0.4","repository_url":"https://github.com/micromatch/picomatch"},{"name":"uuid","old_version":"9.0.1","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"ws","old_version":"8.18.3","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"markdown-it","old_version":"14.1.0","new_version":"14.1.1","repository_url":"https://github.com/markdown-it/markdown-it"},{"name":"postcss","old_version":"8.5.6","new_version":"8.5.15","repository_url":"https://github.com/postcss/postcss"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"rollup","old_version":"4.44.0","new_version":"4.62.0","repository_url":"https://github.com/rollup/rollup"},{"name":"tmp","old_version":"0.2.5","new_version":"0.2.7","repository_url":"https://github.com/raszi/node-tmp"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 19 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.28.0` | `3.36.0` |\n| [esbuild](https://github.com/evanw/esbuild) | `0.25.6` | `0.28.1` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `1.6.1` | `3.2.6` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.25.1` | `1.26.0` |\n| [diff](https://github.com/kpdecker/jsdiff) | `7.0.0` | `9.0.0` |\n| [shell-quote](https://github.com/ljharb/shell-quote) | `1.8.3` | `1.8.4` |\n| [tar](https://github.com/isaacs/node-tar) | `7.5.2` | `7.5.11` |\n| [undici](https://github.com/nodejs/undici) | `6.22.0` | `6.24.0` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.17.1` | `8.18.0` |\n| [fast-uri](https://github.com/fastify/fast-uri) | `3.0.6` | `3.1.2` |\n| [picomatch](https://github.com/micromatch/picomatch) | `4.0.3` | `4.0.4` |\n| [uuid](https://github.com/uuidjs/uuid) | `9.0.1` | `14.0.0` |\n| [ws](https://github.com/websockets/ws) | `8.18.3` | `8.20.1` |\n| [markdown-it](https://github.com/markdown-it/markdown-it) | `14.1.0` | `14.1.1` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.6` | `8.5.15` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [rollup](https://github.com/rollup/rollup) | `4.44.0` | `4.62.0` |\n| [tmp](https://github.com/raszi/node-tmp) | `0.2.5` | `0.2.7` |\n\nBumps the npm_and_yarn group with 2 updates in the /packages/core directory: [diff](https://github.com/kpdecker/jsdiff) and [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 2 updates in the /packages/sdk-typescript directory: [esbuild](https://github.com/evanw/esbuild) and [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).\n\nUpdates `simple-git` from 3.28.0 to 3.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/releases\"\u003esimple-git's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esimple-git@3.36.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e89a2294: Extend known exploitable configuration keys and per-task environment variables.\u003c/p\u003e\n\u003cp\u003eNote - \u003ccode\u003eParsedVulnerabilities\u003c/code\u003e from \u003ccode\u003eargv-parser\u003c/code\u003e is removed in favour of a readonly array of \u003ccode\u003eVulnerability\u003c/code\u003e to match usage in \u003ccode\u003esimple-git\u003c/code\u003e, rolled into the new \u003ccode\u003evulnerabilityCheck\u003c/code\u003e for simpler access to the identified issues.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/zebbern\"\u003e\u003ccode\u003e@​zebbern\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003ecore.fsmonitor\u003c/code\u003e.\nThanks to \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003eGIT_CONFIG_COUNT\u003c/code\u003e environment variables and \u003ccode\u003e--template\u003c/code\u003e / \u003ccode\u003emerge\u003c/code\u003e related config.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1ad57e8: Remove conflicting node:buffer import\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [89a2294]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [675570a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.35.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0cf9d8c: Improvements for mono-repo publishing pipeline\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0cf9d8c]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.35.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0de400e: Update monorepo version handling during publish\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0de400e]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.33.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea263635: Use \u003ccode\u003epathspec\u003c/code\u003e wrappers for remote and local paths when running either \u003ccode\u003egit.clone\u003c/code\u003e or \u003ccode\u003egit.mirror\u003c/code\u003e to\navoid leaving them less open for unexpected outcomes when passing unsanitised data into these tasks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ee253a0d: Enhanced \u003ccode\u003egit -c\u003c/code\u003e checks in \u003ccode\u003eunsafe\u003c/code\u003e plugin.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JohannesLks\"\u003e\u003ccode\u003e@​JohannesLks\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md\"\u003esimple-git's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.36.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e89a2294: Extend known exploitable configuration keys and per-task environment variables.\u003c/p\u003e\n\u003cp\u003eNote - \u003ccode\u003eParsedVulnerabilities\u003c/code\u003e from \u003ccode\u003eargv-parser\u003c/code\u003e is removed in favour of a readonly array of \u003ccode\u003eVulnerability\u003c/code\u003e to match usage in \u003ccode\u003esimple-git\u003c/code\u003e, rolled into the new \u003ccode\u003evulnerabilityCheck\u003c/code\u003e for simpler access to the identified issues.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/zebbern\"\u003e\u003ccode\u003e@​zebbern\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003ecore.fsmonitor\u003c/code\u003e.\nThanks to \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003eGIT_CONFIG_COUNT\u003c/code\u003e environment variables and \u003ccode\u003e--template\u003c/code\u003e / \u003ccode\u003emerge\u003c/code\u003e related config.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1ad57e8: Remove conflicting node:buffer import\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [89a2294]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [675570a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0cf9d8c: Improvements for mono-repo publishing pipeline\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0cf9d8c]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0de400e: Update monorepo version handling during publish\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0de400e]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e3d8708b: Updating publish config\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [3d8708b]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.34.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/7dc1a532a9ec92fb08c93202954be73175b07d83\"\u003e\u003ccode\u003e7dc1a53\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/76f5376bd418cb8baf5ec32757af442d47128e22\"\u003e\u003ccode\u003e76f5376\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1061\"\u003e#1061\u003c/a\u003e from Vinzent03/fix/buffer-import\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/89a2294febed5dfe737c4c735d936bb6018746a8\"\u003e\u003ccode\u003e89a2294\u003c/code\u003e\u003c/a\u003e Environment Parsing (\u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1156\"\u003e#1156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/1b91b762f047777ca6686f34ac3f7b8a543a4780\"\u003e\u003ccode\u003e1b91b76\u003c/code\u003e\u003c/a\u003e fix: remove explicit node:buffer import\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/e390685960a3461875dce89d87ab80e3143d79fe\"\u003e\u003ccode\u003ee390685\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/3c9e4b8309667d0cb4102cda770f92075fc781dd\"\u003e\u003ccode\u003e3c9e4b8\u003c/code\u003e\u003c/a\u003e Pin version of \u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/94ee21fd5a2a6182fbf0f218a5efca2057b567cd\"\u003e\u003ccode\u003e94ee21f\u003c/code\u003e\u003c/a\u003e Export \u003ccode\u003epathspec\u003c/code\u003e types through \u003ccode\u003esimple-git\u003c/code\u003e for backward compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/6d7cb5174273aa33d131172d3770cb386e795171\"\u003e\u003ccode\u003e6d7cb51\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/0de400e7b014a48113acf673b3409a95b9c87a15\"\u003e\u003ccode\u003e0de400e\u003c/code\u003e\u003c/a\u003e Switch to semver from workspace revisions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/2264722abcb637042dd4cc50d903d69e4ee14b38\"\u003e\u003ccode\u003e2264722\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/steveukx/git-js/commits/simple-git@3.36.0/simple-git\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for simple-git since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.25.6 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2025.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog: 2025\u003c/h1\u003e\n\u003cp\u003eThis changelog documents all esbuild versions published in the year 2025 (versions 0.25.0 through 0.27.2).\u003c/p\u003e\n\u003ch2\u003e0.27.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow import path specifiers starting with \u003ccode\u003e#/\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4361\"\u003e#4361\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously the specification for \u003ccode\u003epackage.json\u003c/code\u003e disallowed import path specifiers starting with \u003ccode\u003e#/\u003c/code\u003e, but this restriction \u003ca href=\"https://redirect.github.com/nodejs/node/pull/60864\"\u003ehas recently been relaxed\u003c/a\u003e and support for it is being added across the JavaScript ecosystem. One use case is using it for a wildcard pattern such as mapping \u003ccode\u003e#/*\u003c/code\u003e to \u003ccode\u003e./src/*\u003c/code\u003e (previously you had to use another character such as \u003ccode\u003e#_*\u003c/code\u003e instead, which was more confusing). There is some more context in \u003ca href=\"https://redirect.github.com/nodejs/node/issues/49182\"\u003enodejs/node#49182\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis change was contributed by \u003ca href=\"https://github.com/hybrist\"\u003e\u003ccode\u003e@​hybrist\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAutomatically add the \u003ccode\u003e-webkit-mask\u003c/code\u003e prefix (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4357\"\u003e#4357\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4358\"\u003e#4358\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release automatically adds the \u003ccode\u003e-webkit-\u003c/code\u003e vendor prefix for the \u003ca href=\"https://developer.mozilla.org/en-US/docs/Web/CSS/Reference/Properties/mask\"\u003e\u003ccode\u003emask\u003c/code\u003e\u003c/a\u003e CSS shorthand property:\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\nmain {\n  mask: url(x.png) center/5rem no-repeat\n}\n\u003cp\u003e/* Old output (with --target=chrome110) */\u003cbr /\u003e\nmain {\u003cbr /\u003e\nmask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\n}\u003c/p\u003e\n\u003cp\u003e/* New output (with --target=chrome110) */\u003cbr /\u003e\nmain {\u003cbr /\u003e\n-webkit-mask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\nmask: url(x.png) center/5rem no-repeat;\u003cbr /\u003e\n}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThis change was contributed by \u003ca href=\"https://github.com/BPJEnnova\"\u003e\u003ccode\u003e@​BPJEnnova\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdditional minification of \u003ccode\u003eswitch\u003c/code\u003e statements (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4176\"\u003e#4176\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4359\"\u003e#4359\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release contains additional minification patterns for reducing \u003ccode\u003eswitch\u003c/code\u003e statements. Here is an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nswitch (x) {\n  case 0:\n    foo()\n    break\n  case 1:\n  default:\n    bar()\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.25.6...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for esbuild since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 1.6.1 to 3.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.6\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePin last supported vite-node version  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/16f120d05\"\u003e\u003c!-- raw HTML omitted --\u003e(16f12)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.5...v3.2.6\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev3.2.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Add \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e [backport to v3]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10445\"\u003evitest-dev/vitest#10445\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/af88b1f5d\"\u003e\u003c!-- raw HTML omitted --\u003e(af88b)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v3]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10456\"\u003evitest-dev/vitest#10456\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/385a1aefd\"\u003e\u003c!-- raw HTML omitted --\u003e(385a1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.4...v3.2.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev3.2.4\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUse correct path for optimisation of strip-literal  -  by \u003ca href=\"https://github.com/mrginglymus\"\u003e\u003ccode\u003e@​mrginglymus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8139\"\u003evitest-dev/vitest#8139\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/44940d9dd\"\u003e\u003c!-- raw HTML omitted --\u003e(44940)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrint uint and buffer as a simple string  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8141\"\u003evitest-dev/vitest#8141\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/b86bf0d99\"\u003e\u003c!-- raw HTML omitted --\u003e(b86bf)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eShow a helpful error when spying on an export  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8178\"\u003evitest-dev/vitest#8178\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/5600772c2\"\u003e\u003c!-- raw HTML omitted --\u003e(56007)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecli\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003evitest run --watch\u003c/code\u003e should be watch-mode  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8128\"\u003evitest-dev/vitest#8128\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/657e83f9f\"\u003e\u003c!-- raw HTML omitted --\u003e(657e8)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse absolute path environment on Windows  -  by \u003ca href=\"https://github.com/colinaaa\"\u003e\u003ccode\u003e@​colinaaa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8105\"\u003evitest-dev/vitest#8105\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/85dc0195f\"\u003e\u003c!-- raw HTML omitted --\u003e(85dc0)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThrow error when \u003ccode\u003e--shard x/\u0026lt;count\u0026gt;\u003c/code\u003e exceeds count of test files  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8112\"\u003evitest-dev/vitest#8112\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/8a18c8e20\"\u003e\u003c!-- raw HTML omitted --\u003e(8a18c)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eIgnore SCSS in browser mode  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8161\"\u003evitest-dev/vitest#8161\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/0c3be6f63\"\u003e\u003c!-- raw HTML omitted --\u003e(0c3be)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eUpdate all non-major dependencies  -  in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8123\"\u003evitest-dev/vitest#8123\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/93f3200e4\"\u003e\u003c!-- raw HTML omitted --\u003e(93f32)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eexpect\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eHandle async errors in expect.soft  -  by \u003ca href=\"https://github.com/lzl0304\"\u003e\u003ccode\u003e@​lzl0304\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8145\"\u003evitest-dev/vitest#8145\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/686996912\"\u003e\u003c!-- raw HTML omitted --\u003e(68699)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epool\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eAuto-adjust \u003ccode\u003eminWorkers\u003c/code\u003e when only \u003ccode\u003emaxWorkers\u003c/code\u003e specified  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8110\"\u003evitest-dev/vitest#8110\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/14dc0724f\"\u003e\u003c!-- raw HTML omitted --\u003e(14dc0)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ereporter\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etask.meta\u003c/code\u003e should be available in custom reporter's errors  -  by \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8115\"\u003evitest-dev/vitest#8115\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/27df68a0e\"\u003e\u003c!-- raw HTML omitted --\u003e(27df6)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003erunner\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003ePreserve handler wrapping on extend  -  by \u003ca href=\"https://github.com/pengooseDev\"\u003e\u003ccode\u003e@​pengooseDev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8153\"\u003evitest-dev/vitest#8153\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/a92812b70\"\u003e\u003c!-- raw HTML omitted --\u003e(a9281)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eui\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eEnsure ui config option works correctly  -  by \u003ca href=\"https://github.com/lzl0304\"\u003e\u003ccode\u003e@​lzl0304\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8147\"\u003evitest-dev/vitest#8147\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/42eeb2ee6\"\u003e\u003c!-- raw HTML omitted --\u003e(42eeb)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.3...v3.2.4\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev3.2.3\u003c/h2\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Use base url instead of \u003cstrong\u003evitest\u003c/strong\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8126\"\u003evitest-dev/vitest#8126\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1d8ebf9ae\"\u003e\u003c!-- raw HTML omitted --\u003e(1d8eb)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/b6d56f8171ae814ee7571df63a35a0da5203dbaa\"\u003e\u003ccode\u003eb6d56f8\u003c/code\u003e\u003c/a\u003e chore: release v3.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/16f120d0585677f6a32bcb3dd01fa61c140e2588\"\u003e\u003ccode\u003e16f120d\u003c/code\u003e\u003c/a\u003e fix: pin last supported vite-node version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/2cbad0a923c48c6144266df3cd25f93547cb5221\"\u003e\u003ccode\u003e2cbad0a\u003c/code\u003e\u003c/a\u003e chore: release v3.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/385a1aefd4c2bfa5e7d58bf7c6834c929969f2c7\"\u003e\u003ccode\u003e385a1ae\u003c/code\u003e\u003c/a\u003e fix(browser): disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/af88b1f5d82844a4761ea9a977156c98e2b14ca8\"\u003e\u003ccode\u003eaf88b1f\u003c/code\u003e\u003c/a\u003e feat(api): add \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e [backport to v3]...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/c666d149a4516761bae92ca56ce1336d2fd352c3\"\u003e\u003ccode\u003ec666d14\u003c/code\u003e\u003c/a\u003e chore: release v3.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/8a18c8e20a19f2c8d9f402e426886999f378c389\"\u003e\u003ccode\u003e8a18c8e\u003c/code\u003e\u003c/a\u003e fix(cli): throw error when \u003ccode\u003e--shard x/\\\u0026lt;count\u0026gt;\u003c/code\u003e exceeds count of test files (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/8abd7cc6fff5fa47d899b5f5383f526d2fdef784\"\u003e\u003ccode\u003e8abd7cc\u003c/code\u003e\u003c/a\u003e chore(deps): update \u003ccode\u003etinypool\u003c/code\u003e (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8174\"\u003e#8174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/93f3200e452874ed4e2d018718bbbde7ebd28590\"\u003e\u003ccode\u003e93f3200\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8123\"\u003e#8123\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/0c3be6f637d65ef47f2fcf2ccd637f1ecc9d1786\"\u003e\u003ccode\u003e0c3be6f\u003c/code\u003e\u003c/a\u003e fix(coverage): ignore SCSS in browser mode (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8161\"\u003e#8161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v3.2.6/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for vitest since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.25.1 to 1.26.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e@​modelcontextprotocol/sdk's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.26.0\u003c/h2\u003e\n\u003cp\u003eAddresses \u0026quot;Sharing server/transport instances can leak cross-client response data\u0026quot; in this GHSA \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: bump v1.25.3 for backport fixes by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1412\"\u003emodelcontextprotocol/typescript-sdk#1412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by \u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) by \u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.26.0 by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1479\"\u003emodelcontextprotocol/typescript-sdk#1479\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v1.x backport] Use correct schema for client sampling validation when tools are present by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1407\"\u003emodelcontextprotocol/typescript-sdk#1407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent Hono from overriding global Response object (v1.x) by \u003ca href=\"https://github.com/mattzcarey\"\u003e\u003ccode\u003e@​mattzcarey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1411\"\u003emodelcontextprotocol/typescript-sdk#1411\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: trigger workflow on v1.x branch by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1319\"\u003emodelcontextprotocol/typescript-sdk#1319\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: README badges links destinations by \u003ca href=\"https://github.com/antonpk1\"\u003e\u003ccode\u003e@​antonpk1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/907\"\u003emodelcontextprotocol/typescript-sdk#907\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent ReDoS in UriTemplate regex patterns (v1.x backport) by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1365\"\u003emodelcontextprotocol/typescript-sdk#1365\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/antonpk1\"\u003e\u003ccode\u003e@​antonpk1\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/907\"\u003emodelcontextprotocol/typescript-sdk#907\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.1...v1.25.2\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.1...v1.25.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/fe9c07b465871394c7069207c86513df9c1194a4\"\u003e\u003ccode\u003efe9c07b\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.26.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1479\"\u003e#1479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/4f01e7e0708e1a85ccc7dbf39e850005f2d9ff03\"\u003e\u003ccode\u003e4f01e7e\u003c/code\u003e\u003c/a\u003e fix: add non-null assertions for optional setupServer fields in stateful test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/a05be176cabeae1f933b676e3ce024bf02e2314d\"\u003e\u003ccode\u003ea05be17\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/50d9fa3cd12e807e7963bcb9e1548786d3d5d941\"\u003e\u003ccode\u003e50d9fa3\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1442\"\u003e#1442\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/aa81a66556fb4434d8a6d1b70f7ac9fc40b5d325\"\u003e\u003ccode\u003eaa81a66\u003c/code\u003e\u003c/a\u003e fix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x back...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/6aba0659654e1ff0699844524595922a61e44cb9\"\u003e\u003ccode\u003e6aba065\u003c/code\u003e\u003c/a\u003e chore: bump v1.25.3 for backport fixes (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1412\"\u003e#1412\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/6e8f7e1a43a819ae230373c62b82228dafd892c6\"\u003e\u003ccode\u003e6e8f7e1\u003c/code\u003e\u003c/a\u003e fix: prevent Hono from overriding global Response object (v1.x) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1411\"\u003e#1411\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/12ae856cee6ca58499cce24e80f650e78a0c7610\"\u003e\u003ccode\u003e12ae856\u003c/code\u003e\u003c/a\u003e [v1.x backport] Use correct schema for client sampling validation when tools ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/b392f02ffcf37c088dbd114fedf25026ec3913d3\"\u003e\u003ccode\u003eb392f02\u003c/code\u003e\u003c/a\u003e fix: prevent ReDoS in UriTemplate regex patterns (v1.x backport) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1365\"\u003e#1365\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/a0c9b13484748acab9e5dc8317a7e89c06b52e37\"\u003e\u003ccode\u003ea0c9b13\u003c/code\u003e\u003c/a\u003e fix: README badges links destinations (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/907\"\u003e#907\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.25.1...v1.26.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 7.0.0 to 9.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e9.0.0\u003c/h2\u003e\n\u003cp\u003e(All changes part of PR \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/672\"\u003e#672\u003c/a\u003e.)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eES5 support is dropped\u003c/strong\u003e. \u003ccode\u003eparsePatch\u003c/code\u003e now uses \u003ccode\u003eTextDecoder\u003c/code\u003e and \u003ccode\u003eUint8Array\u003c/code\u003e, which are not available in ES5, and TypeScript is now compiled with the \u0026quot;es6\u0026quot; \u003ccode\u003etarget\u003c/code\u003e. From now on, I intend to freely use any features that are deemed \u0026quot;Widely available\u0026quot; by \u003ca href=\"https://web.dev/baseline\"\u003eBaseline\u003c/a\u003e. Users who need ES5 support should stick to version 8.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eC-style quoted strings in filename headers are now properly supported\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eWhen the name of either the old or new file in a patch contains \u0026quot;special characters\u0026quot;, both GNU \u003ccode\u003ediff\u003c/code\u003e and Git quote the filename in the patch's headers and escape special characters using the same escape sequences that are used in string literals in C, including octal escapes for all non-ASCII characters. Previously, jsdiff had very little support for this; \u003ccode\u003eparsePatch\u003c/code\u003e would remove the quotes, and unescape any escaped backslashes, but would not unescape other escape sequences. \u003ccode\u003eformatPatch\u003c/code\u003e, meanwhile, did not quote or escape special characters at all.\u003c/p\u003e\n\u003cp\u003eNow, \u003ccode\u003eparsePatch\u003c/code\u003e parses all the possible escape sequences that GNU diff (or Git) ever output, and \u003ccode\u003eformatPatch\u003c/code\u003e quotes and escapes filenames containing special characters in the same way GNU diff does.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e now omits file headers when \u003ccode\u003eoldFileName\u003c/code\u003e or \u003ccode\u003enewFileName\u003c/code\u003e in the provided patch object are \u003ccode\u003eundefined\u003c/code\u003e\u003c/strong\u003e, regardless of the \u003ccode\u003eheaderOptions\u003c/code\u003e parameter. (Previously, it would treat the absence of \u003ccode\u003eoldFileName\u003c/code\u003e or \u003ccode\u003enewFileName\u003c/code\u003e as indicating the filename was the word \u0026quot;undefined\u0026quot; and emit headers \u003ccode\u003e--- undefined\u003c/code\u003e / \u003ccode\u003e+++ undefined\u003c/code\u003e.)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e no longer outputs trailing tab characters at the end of \u003ccode\u003e---\u003c/code\u003e/\u003ccode\u003e+++\u003c/code\u003e headers.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003ePreviously, if \u003ccode\u003eformatPatch\u003c/code\u003e was passed a patch object to serialize that had empty strings for the \u003ccode\u003eoldHeader\u003c/code\u003e or \u003ccode\u003enewHeader\u003c/code\u003e property, it would include a trailing tab character after the filename in the \u003ccode\u003e---\u003c/code\u003e and/or \u003ccode\u003e+++\u003c/code\u003e file header. Now, this scenario is treated the same as when \u003ccode\u003eoldHeader\u003c/code\u003e/\u003ccode\u003enewHeader\u003c/code\u003e is \u003ccode\u003eundefined\u003c/code\u003e - i.e. the trailing tab is omitted.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e no longer mutates its input\u003c/strong\u003e when serializing a patch containing a hunk where either the old or new content contained zero lines. (Such a hunk occurs only when the hunk has no context lines and represents a pure insertion or pure deletion, which for instance will occur whenever one of the two files being diffed is completely empty.) Previously \u003ccode\u003eformatPatch\u003c/code\u003e would provide the correct output but also mutate the \u003ccode\u003eoldLines\u003c/code\u003e or \u003ccode\u003enewLines\u003c/code\u003e property on the hunk, changing the meaning of the underlying patch.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eGit-style patches are now supported by \u003ccode\u003eparsePatch\u003c/code\u003e, \u003ccode\u003eformatPatch\u003c/code\u003e, and \u003ccode\u003ereversePatch\u003c/code\u003e\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003ePatches output by \u003ccode\u003egit diff\u003c/code\u003e can include some features that are unlike those output by GNU \u003ccode\u003ediff\u003c/code\u003e, and therefore not handled by an ordinary unified diff format parser. An ordinary diff simply describes the differences between the \u003cem\u003econtent\u003c/em\u003e of two files, but Git diffs can also indicate, via \u0026quot;extended headers\u0026quot;, the creation or deletion of (potentially empty) files, indicate that a file was renamed, and contain information about file mode changes. Furthermore, when these changes appear in a diff in the absence of a content change (e.g. when an empty file is created, or a file is renamed without content changes), the patch will contain no associated \u003ccode\u003e---\u003c/code\u003e/\u003ccode\u003e+++\u003c/code\u003e file headers nor any hunks.\u003c/p\u003e\n\u003cp\u003ejsdiff previously did not support parsing Git's extended headers, nor hunkless patches. Now \u003ccode\u003eparsePatch\u003c/code\u003e parses some of the extended headers, parses hunkless Git patches, and can determine filenames (e.g. from the extended headers) when parsing a patch that includes no \u003ccode\u003e---\u003c/code\u003e or \u003ccode\u003e+++\u003c/code\u003e file headers. The additional information conveyed by the extended headers we support is recorded on new fields on the result object returned by \u003ccode\u003eparsePatch\u003c/code\u003e. See \u003ccode\u003eisGit\u003c/code\u003e and subsequent properties in the docs in the README.md file.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003eformatPatch\u003c/code\u003e now outputs extended headers based on these new Git-specific properties, and \u003ccode\u003ereversePatch\u003c/code\u003e respects them as far as possible (with one unavoidable caveat noted in the README.md file).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eUnpaired file headers now cause \u003ccode\u003eparsePatch\u003c/code\u003e to throw\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eIt remains acceptable to have a patch with no file headers whatsoever (e.g. one that begins with a \u003ccode\u003e@@\u003c/code\u003e hunk header on the very first line), but a patch with \u003cem\u003eonly\u003c/em\u003e a \u003ccode\u003e---\u003c/code\u003e header or only a \u003ccode\u003e+++\u003c/code\u003e header is now considered an error.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eparsePatch\u003c/code\u003e is now more tolerant of \u0026quot;trailing garbage\u0026quot;\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThat is: after a patch, or between files/indexes in a patch, it is now acceptable to have arbitrary lines of \u0026quot;garbage\u0026quot; (so long as they unambiguously have no syntactic meaning - e.g. trailing garbage that leads with a \u003ccode\u003e+\u003c/code\u003e, \u003ccode\u003e-\u003c/code\u003e, or \u003ccode\u003e \u003c/code\u003e and thus is interpretable as part of a hunk still triggers a throw).\u003c/p\u003e\n\u003cp\u003eThis means we no longer reject patches output by tools that include extra data in \u0026quot;garbage\u0026quot; lines not understood by generic unified diff parsers. (For example, SVN patches can include \u0026quot;Property changes on:\u0026quot; lines that generic unified diff parsers should discard as garbage; jsdiff previously threw errors when encountering them.)\u003c/p\u003e\n\u003cp\u003eThis change brings jsdiff's behaviour more in line with GNU \u003ccode\u003epatch\u003c/code\u003e, which is highly permissive of \u0026quot;garbage\u0026quot;.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThe \u003ccode\u003eoldFileName\u003c/code\u003e and \u003ccode\u003enewFileName\u003c/code\u003e fields of \u003ccode\u003eStructuredPatch\u003c/code\u003e are now typed as \u003ccode\u003estring | undefined\u003c/code\u003e instead of \u003ccode\u003estring\u003c/code\u003e\u003c/strong\u003e. This type change reflects the (pre-existing) reality that \u003ccode\u003eparsePatch\u003c/code\u003e can produce patches without filenames (e.g. when parsing a patch that simply contains hunks with no file headers).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/667\"\u003e#667\u003c/a\u003e - \u003cstrong\u003efix another bug in \u003ccode\u003ediffWords\u003c/code\u003e when used with an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e\u003c/strong\u003e. If the text to be diffed included a combining mark after a whitespace character (i.e. roughly speaking, an accented space), \u003ccode\u003ediffWords\u003c/code\u003e would previously crash. Now this case is handled correctly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/631\"\u003e#631\u003c/a\u003e - \u003cstrong\u003efix support for using an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e with \u003ccode\u003ediffWords\u003c/code\u003e\u003c/strong\u003e. This has been almost completely broken since the feature was added in v6.0.0, since it would outright crash on any text that featured two consecutive newlines between a pair of words (a very common case).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/635\"\u003e#635\u003c/a\u003e - \u003cstrong\u003esmall tweaks to tokenization behaviour of \u003ccode\u003ediffWords\u003c/code\u003e\u003c/strong\u003e when used \u003cem\u003ewithout\u003c/em\u003e an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e. Specifically, the soft hyphen (U+00AD) is no longer considered to be a word break, and the multiplication and division signs (\u003ccode\u003e×\u003c/code\u003e and \u003ccode\u003e÷\u003c/code\u003e) are now treated as punctuation instead of as letters / word characters.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/ed13aca03aa25735fafc0645d1185e7a1c68fd8c\"\u003e\u003ccode\u003eed13aca\u003c/code\u003e\u003c/a\u003e Update version in package.json and in release notes (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/683\"\u003e#683\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/7a49317b503a932b88fc72ad9c57a481df038e24\"\u003e\u003ccode\u003e7a49317\u003c/code\u003e\u003c/a\u003e Bump dependencies again (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/682\"\u003e#682\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/afe5aecad189c9f5941ad3feb3c94c46b32ecb0a\"\u003e\u003ccode\u003eafe5aec\u003c/code\u003e\u003c/a\u003e Add Git support, and otherwise variously improve \u0026amp; fix parsePatch (and other ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/2e46779d8866ce7da1303a03db33ed038590c6f6\"\u003e\u003ccode\u003e2e46779\u003c/code\u003e\u003c/a\u003e Fix a typo (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/679\"\u003e#679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/dd2f99497703a1540b2ae406b51c49b74b5fc1a1\"\u003e\u003ccode\u003edd2f994\u003c/code\u003e\u003c/a\u003e 8.0.4 release (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/3cc438434db53c5d1c40412b727ea7650f6f145a\"\u003e\u003ccode\u003e3cc4384\u003c/code\u003e\u003c/a\u003e Update docs on releasing to reflect migration to yarn berry (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/6fc2aa6b7672af08774b50aae00d97b99c5b5715\"\u003e\u003ccode\u003e6fc2aa6\u003c/code\u003e\u003c/a\u003e yarn up '*' \u0026amp;\u0026amp; yarn up -R '**' (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/676\"\u003e#676\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/af7393ac3404565dc8da655c2e7aeeed28c01ff7\"\u003e\u003ccode\u003eaf7393a\u003c/code\u003e\u003c/a\u003e yarn up '*' \u0026amp;\u0026amp; yarn up -R '**' (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4b5d1800370bf29b61a3378fb8086aeb231d3ef7\"\u003e\u003ccode\u003e4b5d180\u003c/code\u003e\u003c/a\u003e Fix another bug in diffWords's \u0026quot;intlSegmenter\u0026quot; mode (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/667\"\u003e#667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/10da50c466709e7bd4b192dac96af0af46f8b7bd\"\u003e\u003ccode\u003e10da50c\u003c/code\u003e\u003c/a\u003e yarn up '*' \u0026amp;\u0026amp; yarn up -R '**' (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/666\"\u003e#666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/7.0.0...v9.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `shell-quote` from 1.8.3 to 1.8.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md\"\u003eshell-quote's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/ljharb/shell-quote/compare/v1.8.3...v1.8.4\"\u003ev1.8.4\u003c/a\u003e - 2026-05-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003equote\u003c/code\u003e: validate object-token shapes \u003ca href=\"https://github.com/ljharb/shell-quote/commit/4378a6e613db5948168684864e49b42b83134d2d\"\u003e\u003ccode\u003e4378a6e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/ljharb/shell-quote/commit/22ebec04349065a45ad8afc8cc8d53c4624634a6\"\u003e\u003ccode\u003e22ebec0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage \u003ca href=\"https://github.com/ljharb/shell-quote/commit/9f3caa31900cc6ee64858b31134144c648ce206d\"\u003e\u003ccode\u003e9f3caa3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge \u003ca href=\"https://github.com/ljharb/shell-quote/commit/3344a047dd1e95f71c4ca27522cbfd05c56277e0\"\u003e\u003ccode\u003e3344a04\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/ljharb/shell-quote/commit/699c5113d135f4d4591574bebf173334ffa453d4\"\u003e\u003ccode\u003e699c511\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/shell-quote/commit/ff166e2b63eb5f932bd131a8886a99e9afdf45ae\"\u003e\u003ccode\u003eff166e2\u003c/code\u003e\u003c/a\u003e v1.8.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/shell-quote/commit/4378a6e613db5948168684864e49b42b83134d2d\"\u003e\u003ccode\u003e4378a6e\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003equote\u003c/code\u003e: validate object-token shapes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/shell-quote/commit/22ebec04349065a45ad8afc8cc8d53c4624634a6\"\u003e\u003ccode\u003e22ebec0\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, `npmig...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/shell-quote/commit/9f3caa31900cc6ee64858b31134144c648ce206d\"\u003e\u003ccode\u003e9f3caa3\u003c/code\u003e\u003c/a\u003e [Tests] increase coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/shell-quote/commit/3344a047dd1e95f71c4ca27522cbfd05c56277e0\"\u003e\u003ccode\u003e3344a04\u003c/code\u003e\u003c/a\u003e [readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/shell-quote/commit/699c5113d135f4d4591574bebf173334ffa453d4\"\u003e\u003ccode\u003e699c511\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ljharb/shell-quote/compare/v1.8.3...v1.8.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.5.2 to 7.5.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2b72abc1d47c3570e1ad95c9ab557fc4c2e6e4b1\"\u003e\u003ccode\u003e2b72abc\u003c/code\u003e\u003c/a\u003e 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f\"\u003e\u003ccode\u003e7bc755d\u003c/code\u003e\u003c/a\u003e parse root off paths before sanitizing .. parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/c8cb84629dee649feedde03f2f4ea48f2e44e778\"\u003e\u003ccode\u003ec8cb846\u003c/code\u003e\u003c/a\u003e update deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/1f0c2c9006b10199cf2686f8ef43e79a1773e1aa\"\u003e\u003ccode\u003e1f0c2c9\u003c/code\u003e\u003c/a\u003e 7.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/fbb08518bf290733b68ca4d4135f75becf73fd75\"\u003e\u003ccode\u003efbb0851\u003c/code\u003e\u003c/a\u003e build minified version as default export\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6b8eba0ef367ac937e703238daa6df94ae6f823f\"\u003e\u003ccode\u003e6b8eba0\u003c/code\u003e\u003c/a\u003e 7.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2cb1120bcefe28d7ecc719b41441ade59c52e384\"\u003e\u003ccode\u003e2cb1120\u003c/code\u003e\u003c/a\u003e fix(unpack): improve UnpackSync symlink error \u0026quot;into\u0026quot; path accuracy\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.2...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `undici` from 6.22.0 to 6.24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodejs/undici/releases\"\u003eundici's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.24.0\u003c/h2\u003e\n\u003ch1\u003eUndici v6.24.0 Security Release Notes (LTS)\u003c/h1\u003e\n\u003cp\u003eThis release backports fixes for security vulnerabilities affecting the v6 line.\u003c/p\u003e\n\u003ch2\u003eUpgrade guidance\u003c/h2\u003e\n\u003cp\u003eAll users on v6 should upgrade to \u003cstrong\u003ev6.24.0\u003c/strong\u003e or later.\u003c/p\u003e\n\u003ch2\u003eFixed advisories\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm\"\u003eGHSA-2mjp-6q6p-2qxm\u003c/a\u003e / CVE-2026-1525 (Medium)\u003cbr /\u003e\nInconsistent interpretation of HTTP requests (request/response smuggling class issue).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj\"\u003eGHSA-f269-vfmq-vjvj\u003c/a\u003e / CVE-2026-1528 (High)\u003cbr /\u003e\nMalicious WebSocket 64-bit frame length handling could crash the client.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq\"\u003eGHSA-4992-7rv2-5pvq\u003c/a\u003e / CVE-2026-1527 (Medium)\u003cbr /\u003e\nCRLF injection via the \u003ccode\u003eupgrade\u003c/code\u003e option.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8\"\u003eGHSA-v9p9-hfj2-hcw8\u003c/a\u003e / CVE-2026-2229 (High)\u003cbr /\u003e\nUnhandled exception from invalid \u003ccode\u003eserver_max_window_bits\u003c/code\u003e in WebSocket permessage-deflate negotiation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q\"\u003eGHSA-vrm6-8vpv-qv8q\u003c/a\u003e / CVE-2026-1526 (High)\u003cbr /\u003e\nUnbounded memory consumption in WebSocket permessage-deflate decompression.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNot applicable to v6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h\"\u003eGHSA-phc3-fgpg-7m6h\u003c/a\u003e / CVE-2026-2581 affects \u003ccode\u003e\u0026gt;= 7.17.0 \u0026lt; 7.24.0\u003c/code\u003e only.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAffected and patched ranges (v6)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-1525: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1528: affected \u003ccode\u003e\u0026gt;= 6.0.0 \u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1527: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-2229: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1526: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eReferences\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGitHub Security Advisories: \u003ca href=\"https://github.com/nodejs/undici/security/advisories\"\u003ehttps://github.com/nodejs/undici/security/advisories\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1525: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1525\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1528: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1528\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1527: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1527\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-2229: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-2229\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-2229\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1526: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1526\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1526\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.23.0\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/8873c947271faf1ebc455bdc6158ecbc022ecfa9\"\u003e\u003ccode\u003e8873c94\u003c/code\u003e\u003c/a\u003e Bumped v6.24.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/411bd01a42e7917009bbf686f7628b99d67bbce9\"\u003e\u003ccode\u003e411bd01\u003c/code\u003e\u003c/a\u003e test(websocket): use node:assert for Node 18 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/844bf59699d778944f78a24ae819c0e8f295766e\"\u003e\u003ccode\u003e844bf59\u003c/code\u003e\u003c/a\u003e test: fix http2 lint regressions in backport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/a444e4f13e8958b4e1ac42bc0d53ace7fba0a9c1\"\u003e\u003ccode\u003ea444e4f\u003c/code\u003e\u003c/a\u003e test: stabilize h2 and tls-cert-leak under current test runner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/dc032a1050d5489b8ce9b4c22aafba98a942f87b\"\u003e\u003ccode\u003edc032a1\u003c/code\u003e\u003c/a\u003e fix: h2 CI (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4395\"\u003e#4395\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/4cd3f4b3a2ef910ba728c47ae78294d956410450\"\u003e\u003ccode\u003e4cd3f4b\u003c/code\u003e\u003c/a\u003e test: increase bitness in \u003ccode\u003etest/fixtures/*.pem\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/3659\"\u003e#3659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/7df6442194b7a54e9ac734335e6e0a56a9bc6666\"\u003e\u003ccode\u003e7df6442\u003c/code\u003e\u003c/a\u003e fix: adapt websocket frame-limit handling for v6 parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/4e0179ae643e6f4380f24cc3683c1b1ca2afb094\"\u003e\u003ccode\u003e4e0179a\u003c/code\u003e\u003c/a\u003e fix: reject duplicate content-length and host headers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/5a97f0893b53ba7d1d5549d3df7e55d9c2673f89\"\u003e\u003ccode\u003e5a97f08\u003c/code\u003e\u003c/a\u003e Fix websocket 64-bit length overflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/e43e898603dd5e0c14a75b08b83257598d664a39\"\u003e\u003ccode\u003ee43e898\u003c/code\u003e\u003c/a\u003e fix: validate upgrade header to prevent CRLF injection\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodejs/undici/compare/v6.22.0...v6.24.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 8.17.1 to 8.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ajv-validator/ajv/releases\"\u003eajv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow tree-shaking by adding \u003ccode\u003e\u0026quot;sideEffects\u0026quot;: false\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e by \u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2487\"\u003eajv-validator/ajv#2487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: small grammatical error in managing-schemas.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: typos in schema-language.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2507\"\u003eajv-validator/ajv#2507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(pattern): use configured RegExp engine with $data keyword to mitigate ReDoS attacks (CVE-2025-69873) by \u003ca href=\"https://github.com/epoberezkin\"\u003e\u003ccode\u003e@​epoberezkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2586\"\u003eajv-validator/ajv#2586\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/142ce84b807c4fe66e619c22480a28d0e4bd50fa\"\u003e\u003ccode\u003e142ce84\u003c/code\u003e\u003c/a\u003e 8.18.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/720a23fa453ffae8340e92c9b0fe886c54cfe0d5\"\u003e\u003ccode\u003e720a23f\u003c/code\u003e\u003c/a\u003e fix(pattern): use configured RegExp engine with $data keyword to mitigate ReD...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/82735a15826a30cc51e97a1bbfb59b3d388e4b98\"\u003e\u003ccode\u003e82735a1\u003c/code\u003e\u003c/a\u003e fix: typos in schema-language.md (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2507\"\u003e#2507\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b17ec32cd97542e90ae27231d8a8bce88b9e53b6\"\u003e\u003ccode\u003eb17ec32\u003c/code\u003e\u003c/a\u003e fix: small grammatical error in managing-schemas.md (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2508\"\u003e#2508\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/69568d08564303e2c32a2de61feb833b41075f96\"\u003e\u003ccode\u003e69568d0\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/f06766f33ed7291f84c19f22a1286a34475fbdaf\"\u003e\u003ccode\u003ef06766f\u003c/code\u003e\u003c/a\u003e feat: allow tree-shaking by adding ``\u0026quot;sideEffects\u0026quot;: false\u003ccode\u003eto\u003c/code\u003epackage.json` ...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-uri` from 3.0.6 to 3.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fast-uri/releases\"\u003efast-uri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.2\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc\"\u003ehttps://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHandle malformed fragment decoding as a parse error by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/171\"\u003efastify/fast-uri#171\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2\"\u003ehttps://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6\"\u003ehttps://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump tsd from 0.32.0 to 0.33.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/148\"\u003efastify/fast-uri#148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/149\"\u003efastify/fast-uri#149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(.npmrc): ignore scripts by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/150\"\u003efastify/fast-uri#150\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): remove \u003ccode\u003e@​fastify/pre-commit\u003c/code\u003e by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/151\"\u003efastify/fast-uri#151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/152\"\u003efastify/fast-uri#152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): add concurrency config by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/153\"\u003efastify/fast-uri#153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/154\"\u003efastify/fast-uri#154\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/156\"\u003efastify/fast-uri#156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/159\"\u003efastify/fast-uri#159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/161\"\u003efastify/fast-uri#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: remove unused github files by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/162\"\u003efastify/fast-uri#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update readme by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/164\"\u003efastify/fast-uri#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-manager.yml fr...\n\n_Description has been truncated_\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpgrade dependencies across the monorepo to pick up security fixes and keep build/test tooling current. Notable bumps include `esbuild` 0.28, `vitest` 3.x/4.x, `undici` 6.24 (CLI) and 8.4 (core), `simple-git` 3.36, `@modelcontextprotocol/sdk` 1.26, `diff` 9, and `uuid` 14.\n\n- **Dependencies**\n  - Security: `undici` (WS/HTTP fixes), `fast-uri` (parsing), `ajv` (ReDoS), `tar`, `@modelcontextprotocol/sdk` (transport leak), plus patches to `markdown-it` and `ws`.\n  - Tooling: `esbuild` → 0.28, `vitest` → 3.x/4.x, `postcss` → 8.5.15; `rollup` updated indirectly.\n  - Runtime libs: `simple-git` → 3.36 (safer config handling), `diff` → 9 (ES6 baseline), `uuid` → 14, `fast-uri` in core → 4.x, minor bumps to `shell-quote` and others.\n\n\u003csup\u003eWritten for commit 01778b00fde90665f5e4cfe77197b3c9629d60e3. Summary will update on new commits.\u003c/sup\u003e\n\n\u003ca href=\"https://cubic.dev/pr/EmilynnJ/qwen-code/pull/9?utm_source=github\" target=\"_blank\" rel=\"noopener noreferrer\" data-no-image-dialog=\"true\"\u003e\u003cpicture\u003e\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://www.cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://www.cubic.dev/buttons/review-in-cubic-light.svg\"\u003e\u003cimg alt=\"Review in cubic\" src=\"https://www.cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003c/picture\u003e\u003c/a\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n\n\n\u003c!-- Macroscope's pull request summary starts here --\u003e\n\u003c!-- Macroscope will only edit the content between these invisible markers, and the markers themselves will not be visible in the GitHub rendered markdown. --\u003e\n\u003c!-- If you delete either of the start / end markers from your PR's description, Macroscope will append its summary at the bottom of the description. --\u003e\n\u003e [!NOTE]\n\u003e ### Bump npm dependencies across workspace packages\n\u003e - Updates `esbuild` to ^0.28.1, `vitest` to ^3.2.6/^4.1.8, `simple-git` to ^3.36.0, `diff` to ^9.0.0, `undici` to ^6.24.0/^8.4.1, `uuid` to ^14.0.0, `@opentelemetry/sdk-node` to ^0.219.0, and several other packages across the monorepo.\n\u003e - Risk: Major version bumps for `uuid` (v9→v14), `undici` (v6→v8 in core), `fast-uri` (v3→v4), and `diff` (v7→v9) may include breaking API changes.\n\u003e\n\u003e \u003c!-- Macroscope's review summary starts here --\u003e\n\u003e\n\u003e \u003csup\u003e\u003ca href=\"https://app.macroscope.com\"\u003eMacroscope\u003c/a\u003e summarized 01778b0.\u003c/sup\u003e\n\u003e \u003c!-- Macroscope's review summary ends here --\u003e\n\u003e\n\u003c!-- macroscope-ui-refresh --\u003e\n\u003c!-- Macroscope's pull request summary ends here --\u003e","html_url":"https://github.com/EmilynnJ/qwen-code/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/EmilynnJ%2Fqwen-code/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"}},{"old_version":"8.17.1","new_version":"8.18.0","update_type":"minor","path":null,"pr_created_at":"2026-06-13T20:34:01.000Z","version_change":"8.17.1 → 8.18.0","issue":{"uuid":"4656859206","node_id":"PR_kwDOJ7Nq587mIdtQ","number":1162,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 2 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-13T20:34:01.000Z","updated_at":"2026-06-14T01:07:51.519Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":2,"packages":[{"name":"postcss","old_version":"8.5.6","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"ajv","old_version":"8.17.1","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"postcss","old_version":"8.5.6","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /modules/web/packages/ui directory: [postcss](https://github.com/postcss/postcss).\nBumps the npm_and_yarn group with 2 updates in the /modules/web/web-app directory: [ajv](https://github.com/ajv-validator/ajv) and [postcss](https://github.com/postcss/postcss).\n\nUpdates `postcss` from 8.5.6 to 8.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986\"\u003e\u003ccode\u003e33b9790\u003c/code\u003e\u003c/a\u003e Release 8.5.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b\"\u003e\u003ccode\u003e536c79e\u003c/code\u003e\u003c/a\u003e Escape \u0026lt;/style\u0026gt; in CSS output (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2074\"\u003e#2074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4\"\u003e\u003ccode\u003eafa96b2\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2073\"\u003e#2073\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d\"\u003e\u003ccode\u003eeffe88b\u003c/code\u003e\u003c/a\u003e Typo (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2072\"\u003e#2072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad\"\u003e\u003ccode\u003e3ee79a2\u003c/code\u003e\u003c/a\u003e Thread model (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01\"\u003e\u003ccode\u003e2e0683d\u003c/code\u003e\u003c/a\u003e Create incident response docs (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/fe88ac29c06b7b218be32994cdc6ca1525bdf2c9\"\u003e\u003ccode\u003efe88ac2\u003c/code\u003e\u003c/a\u003e Release 8.5.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/c551632496b87ab3f1965bfda5dc386b6c71963e\"\u003e\u003ccode\u003ec551632\u003c/code\u003e\u003c/a\u003e Avoid RegExp when we can use simple JS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/89a6b744060eb8dee743351c785a9fbe37d4525a\"\u003e\u003ccode\u003e89a6b74\u003c/code\u003e\u003c/a\u003e Move SECURITY.txt for docs folder to keep GitHub page cleaner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/6ceb8a46af9f9de821faee98f861bdf84617347b\"\u003e\u003ccode\u003e6ceb8a4\u003c/code\u003e\u003c/a\u003e Create SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.5.6...8.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 8.17.1 to 8.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ajv-validator/ajv/releases\"\u003eajv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow tree-shaking by adding \u003ccode\u003e\u0026quot;sideEffects\u0026quot;: false\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e by \u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2487\"\u003eajv-validator/ajv#2487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: small grammatical error in managing-schemas.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: typos in schema-language.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2507\"\u003eajv-validator/ajv#2507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(pattern): use configured RegExp engine with $data keyword to mitigate ReDoS attacks (CVE-2025-69873) by \u003ca href=\"https://github.com/epoberezkin\"\u003e\u003ccode\u003e@​epoberezkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2586\"\u003eajv-validator/ajv#2586\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/142ce84b807c4fe66e619c22480a28d0e4bd50fa\"\u003e\u003ccode\u003e142ce84\u003c/code\u003e\u003c/a\u003e 8.18.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/720a23fa453ffae8340e92c9b0fe886c54cfe0d5\"\u003e\u003ccode\u003e720a23f\u003c/code\u003e\u003c/a\u003e fix(pattern): use configured RegExp engine with $data keyword to mitigate ReD...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/82735a15826a30cc51e97a1bbfb59b3d388e4b98\"\u003e\u003ccode\u003e82735a1\u003c/code\u003e\u003c/a\u003e fix: typos in schema-language.md (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2507\"\u003e#2507\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b17ec32cd97542e90ae27231d8a8bce88b9e53b6\"\u003e\u003ccode\u003eb17ec32\u003c/code\u003e\u003c/a\u003e fix: small grammatical error in managing-schemas.md (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2508\"\u003e#2508\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/69568d08564303e2c32a2de61feb833b41075f96\"\u003e\u003ccode\u003e69568d0\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/f06766f33ed7291f84c19f22a1286a34475fbdaf\"\u003e\u003ccode\u003ef06766f\u003c/code\u003e\u003c/a\u003e feat: allow tree-shaking by adding ``\u0026quot;sideEffects\u0026quot;: false\u003ccode\u003eto\u003c/code\u003epackage.json` ...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.5.6 to 8.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986\"\u003e\u003ccode\u003e33b9790\u003c/code\u003e\u003c/a\u003e Release 8.5.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b\"\u003e\u003ccode\u003e536c79e\u003c/code\u003e\u003c/a\u003e Escape \u0026lt;/style\u0026gt; in CSS output (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2074\"\u003e#2074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4\"\u003e\u003ccode\u003eafa96b2\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2073\"\u003e#2073\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d\"\u003e\u003ccode\u003eeffe88b\u003c/code\u003e\u003c/a\u003e Typo (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2072\"\u003e#2072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad\"\u003e\u003ccode\u003e3ee79a2\u003c/code\u003e\u003c/a\u003e Thread model (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01\"\u003e\u003ccode\u003e2e0683d\u003c/code\u003e\u003c/a\u003e Create incident response docs (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/fe88ac29c06b7b218be32994cdc6ca1525bdf2c9\"\u003e\u003ccode\u003efe88ac2\u003c/code\u003e\u003c/a\u003e Release 8.5.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/c551632496b87ab3f1965bfda5dc386b6c71963e\"\u003e\u003ccode\u003ec551632\u003c/code\u003e\u003c/a\u003e Avoid RegExp when we can use simple JS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/89a6b744060eb8dee743351c785a9fbe37d4525a\"\u003e\u003ccode\u003e89a6b74\u003c/code\u003e\u003c/a\u003e Move SECURITY.txt for docs folder to keep GitHub page cleaner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/6ceb8a46af9f9de821faee98f861bdf84617347b\"\u003e\u003ccode\u003e6ceb8a4\u003c/code\u003e\u003c/a\u003e Create SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.5.6...8.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/meteroid-oss/meteroid/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/meteroid-oss/meteroid/pull/1162","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/meteroid-oss%2Fmeteroid/issues/1162","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1162/packages"}},{"old_version":"6.12.6","new_version":"6.15.0","update_type":"minor","path":null,"pr_created_at":"2026-06-13T04:08:22.000Z","version_change":"6.12.6 → 6.15.0","issue":{"uuid":"4654295461","node_id":"PR_kwDON9fcd87mAx5E","number":24,"state":"closed","title":"build(deps): Bump the npm_and_yarn group across 9 directories with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-14T00:51:10.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-13T04:08:22.000Z","updated_at":"2026-06-14T00:51:12.000Z","time_to_close":74568,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): Bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"rollup","old_version":"4.31.0","new_version":"4.59.0","repository_url":"https://github.com/rollup/rollup"},{"name":"vite","old_version":"6.1.6","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"flatted","old_version":"3.3.2","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.2.0","repository_url":"https://github.com/nodeca/js-yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /plugins/package-managers/node/src/funTest/assets/projects/synthetic/npm/babel directory: [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 1 update in the /plugins/package-managers/node/src/funTest/assets/projects/synthetic/npm/node-modules directory: [undici](https://github.com/nodejs/undici).\nBumps the npm_and_yarn group with 1 update in the /plugins/package-managers/node/src/funTest/assets/projects/synthetic/npm/project-with-lockfile directory: [undici](https://github.com/nodejs/undici).\nBumps the npm_and_yarn group with 1 update in the /plugins/package-managers/node/src/funTest/assets/projects/synthetic/npm/workspaces directory: [glob](https://github.com/isaacs/node-glob).\nBumps the npm_and_yarn group with 2 updates in the /plugins/package-managers/node/src/funTest/assets/projects/synthetic/yarn/babel directory: [lodash](https://github.com/lodash/lodash) and [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 1 update in the /plugins/package-managers/node/src/funTest/assets/projects/synthetic/yarn/project-with-lockfile directory: [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 1 update in the /plugins/package-managers/node/src/funTest/assets/projects/synthetic/yarn2/project-with-lockfile directory: [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 7 updates in the /plugins/reporters/web-app-template directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [rollup](https://github.com/rollup/rollup) | `4.31.0` | `4.59.0` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.1.6` | `6.4.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.2` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.2.0` |\n\nBumps the npm_and_yarn group with 11 updates in the /website directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [undici](https://github.com/nodejs/undici) | `6.21.1` | `6.26.0` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.25.9` | `7.29.7` |\n| [fast-uri](https://github.com/fastify/fast-uri) | `3.0.1` | `3.1.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.6` | `1.16.0` |\n| [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast) | `13.2.0` | `13.2.1` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.1` | `1.4.0` |\n| [shell-quote](https://github.com/ljharb/shell-quote) | `1.8.1` | `1.8.4` |\n| [svgo](https://github.com/svg/svgo) | `3.3.2` | `3.3.3` |\n| [webpack](https://github.com/webpack/webpack) | `5.96.1` | `5.107.2` |\n| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `4.15.2` | `5.2.5` |\n\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `undici` from 6.21.3 to 6.26.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodejs/undici/releases\"\u003eundici's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.26.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: validate EOF for chunked h1 responses by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5308\"\u003enodejs/undici#5308\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v6.25.0...v6.26.0\"\u003ehttps://github.com/nodejs/undici/compare/v6.25.0...v6.26.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.25.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v6.24.1...v6.25.0\"\u003ehttps://github.com/nodejs/undici/compare/v6.24.1...v6.25.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.24.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v6.24.0...v6.24.1\"\u003ehttps://github.com/nodejs/undici/compare/v6.24.0...v6.24.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.24.0\u003c/h2\u003e\n\u003ch1\u003eUndici v6.24.0 Security Release Notes (LTS)\u003c/h1\u003e\n\u003cp\u003eThis release backports fixes for security vulnerabilities affecting the v6 line.\u003c/p\u003e\n\u003ch2\u003eUpgrade guidance\u003c/h2\u003e\n\u003cp\u003eAll users on v6 should upgrade to \u003cstrong\u003ev6.24.0\u003c/strong\u003e or later.\u003c/p\u003e\n\u003ch2\u003eFixed advisories\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm\"\u003eGHSA-2mjp-6q6p-2qxm\u003c/a\u003e / CVE-2026-1525 (Medium)\u003cbr /\u003e\nInconsistent interpretation of HTTP requests (request/response smuggling class issue).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj\"\u003eGHSA-f269-vfmq-vjvj\u003c/a\u003e / CVE-2026-1528 (High)\u003cbr /\u003e\nMalicious WebSocket 64-bit frame length handling could crash the client.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq\"\u003eGHSA-4992-7rv2-5pvq\u003c/a\u003e / CVE-2026-1527 (Medium)\u003cbr /\u003e\nCRLF injection via the \u003ccode\u003eupgrade\u003c/code\u003e option.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8\"\u003eGHSA-v9p9-hfj2-hcw8\u003c/a\u003e / CVE-2026-2229 (High)\u003cbr /\u003e\nUnhandled exception from invalid \u003ccode\u003eserver_max_window_bits\u003c/code\u003e in WebSocket permessage-deflate negotiation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q\"\u003eGHSA-vrm6-8vpv-qv8q\u003c/a\u003e / CVE-2026-1526 (High)\u003cbr /\u003e\nUnbounded memory consumption in WebSocket permessage-deflate decompression.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNot applicable to v6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h\"\u003eGHSA-phc3-fgpg-7m6h\u003c/a\u003e / CVE-2026-2581 affects \u003ccode\u003e\u0026gt;= 7.17.0 \u0026lt; 7.24.0\u003c/code\u003e only.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAffected and patched ranges (v6)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-1525: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1528: affected \u003ccode\u003e\u0026gt;= 6.0.0 \u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/768beacd331786c6a1ca61dd81938fca041a45b5\"\u003e\u003ccode\u003e768beac\u003c/code\u003e\u003c/a\u003e Bumped v6.26.0 (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5323\"\u003e#5323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/7917b254484132f848fb785afbc398b1cfba389f\"\u003e\u003ccode\u003e7917b25\u003c/code\u003e\u003c/a\u003e fix: validate EOF for chunked h1 responses (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5308\"\u003e#5308\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/3420499cad88e72e04972b7bb28dd9f2ec2638ac\"\u003e\u003ccode\u003e3420499\u003c/code\u003e\u003c/a\u003e Bumped v6.25.0 (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5029\"\u003e#5029\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/d7a1e55fbe9607e8b56a10b4be129ca63d16014b\"\u003e\u003ccode\u003ed7a1e55\u003c/code\u003e\u003c/a\u003e feat: add configurable maxPayloadSize for WebSocket (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4955\"\u003e#4955\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/a9d1848fa18d351813e9563bb7653acf1e3c60ad\"\u003e\u003ccode\u003ea9d1848\u003c/code\u003e\u003c/a\u003e Do not mark v6.x releases as latest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/01265866974369f75f939109969097e45e72b1e1\"\u003e\u003ccode\u003e0126586\u003c/code\u003e\u003c/a\u003e Ignore local agent configuration files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/c0cf656ef5e66f7372a7e57d08c6cbdd5b127e82\"\u003e\u003ccode\u003ec0cf656\u003c/code\u003e\u003c/a\u003e Bumped v6.24.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/f5a9f0ccbe958e7d0cfd7b63a9a8d195378ac6f6\"\u003e\u003ccode\u003ef5a9f0c\u003c/code\u003e\u003c/a\u003e Fix v6 release workflow branch targeting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/af2cb8fe01320f189394bef193c2d5b441fcfe6f\"\u003e\u003ccode\u003eaf2cb8f\u003c/code\u003e\u003c/a\u003e wqremove maxDecompressedMessageSize (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4891\"\u003e#4891\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/8873c947271faf1ebc455bdc6158ecbc022ecfa9\"\u003e\u003ccode\u003e8873c94\u003c/code\u003e\u003c/a\u003e Bumped v6.24.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodejs/undici/compare/v6.21.3...v6.26.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for undici since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `undici` from 6.21.3 to 6.26.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodejs/undici/releases\"\u003eundici's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.26.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: validate EOF for chunked h1 responses by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5308\"\u003enodejs/undici#5308\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v6.25.0...v6.26.0\"\u003ehttps://github.com/nodejs/undici/compare/v6.25.0...v6.26.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.25.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v6.24.1...v6.25.0\"\u003ehttps://github.com/nodejs/undici/compare/v6.24.1...v6.25.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.24.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v6.24.0...v6.24.1\"\u003ehttps://github.com/nodejs/undici/compare/v6.24.0...v6.24.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.24.0\u003c/h2\u003e\n\u003ch1\u003eUndici v6.24.0 Security Release Notes (LTS)\u003c/h1\u003e\n\u003cp\u003eThis release backports fixes for security vulnerabilities affecting the v6 line.\u003c/p\u003e\n\u003ch2\u003eUpgrade guidance\u003c/h2\u003e\n\u003cp\u003eAll users on v6 should upgrade to \u003cstrong\u003ev6.24.0\u003c/strong\u003e or later.\u003c/p\u003e\n\u003ch2\u003eFixed advisories\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm\"\u003eGHSA-2mjp-6q6p-2qxm\u003c/a\u003e / CVE-2026-1525 (Medium)\u003cbr /\u003e\nInconsistent interpretation of HTTP requests (request/response smuggling class issue).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj\"\u003eGHSA-f269-vfmq-vjvj\u003c/a\u003e / CVE-2026-1528 (High)\u003cbr /\u003e\nMalicious WebSocket 64-bit frame length handling could crash the client.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq\"\u003eGHSA-4992-7rv2-5pvq\u003c/a\u003e / CVE-2026-1527 (Medium)\u003cbr /\u003e\nCRLF injection via the \u003ccode\u003eupgrade\u003c/code\u003e option.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8\"\u003eGHSA-v9p9-hfj2-hcw8\u003c/a\u003e / CVE-2026-2229 (High)\u003cbr /\u003e\nUnhandled exception from invalid \u003ccode\u003eserver_max_window_bits\u003c/code\u003e in WebSocket permessage-deflate negotiation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q\"\u003eGHSA-vrm6-8vpv-qv8q\u003c/a\u003e / CVE-2026-1526 (High)\u003cbr /\u003e\nUnbounded memory consumption in WebSocket permessage-deflate decompression.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNot applicable to v6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h\"\u003eGHSA-phc3-fgpg-7m6h\u003c/a\u003e / CVE-2026-2581 affects \u003ccode\u003e\u0026gt;= 7.17.0 \u0026lt; 7.24.0\u003c/code\u003e only.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAffected and patched ranges (v6)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-1525: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1528: affected \u003ccode\u003e\u0026gt;= 6.0.0 \u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/768beacd331786c6a1ca61dd81938fca041a45b5\"\u003e\u003ccode\u003e768beac\u003c/code\u003e\u003c/a\u003e Bumped v6.26.0 (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5323\"\u003e#5323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/7917b254484132f848fb785afbc398b1cfba389f\"\u003e\u003ccode\u003e7917b25\u003c/code\u003e\u003c/a\u003e fix: validate EOF for chunked h1 responses (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5308\"\u003e#5308\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/3420499cad88e72e04972b7bb28dd9f2ec2638ac\"\u003e\u003ccode\u003e3420499\u003c/code\u003e\u003c/a\u003e Bumped v6.25.0 (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5029\"\u003e#5029\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/d7a1e55fbe9607e8b56a10b4be129ca63d16014b\"\u003e\u003ccode\u003ed7a1e55\u003c/code\u003e\u003c/a\u003e feat: add configurable maxPayloadSize for WebSocket (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4955\"\u003e#4955\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/a9d1848fa18d351813e9563bb7653acf1e3c60ad\"\u003e\u003ccode\u003ea9d1848\u003c/code\u003e\u003c/a\u003e Do not mark v6.x releases as latest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/01265866974369f75f939109969097e45e72b1e1\"\u003e\u003ccode\u003e0126586\u003c/code\u003e\u003c/a\u003e Ignore local agent configuration files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/c0cf656ef5e66f7372a7e57d08c6cbdd5b127e82\"\u003e\u003ccode\u003ec0cf656\u003c/code\u003e\u003c/a\u003e Bumped v6.24.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/f5a9f0ccbe958e7d0cfd7b63a9a8d195378ac6f6\"\u003e\u003ccode\u003ef5a9f0c\u003c/code\u003e\u003c/a\u003e Fix v6 release workflow branch targeting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/af2cb8fe01320f189394bef193c2d5b441fcfe6f\"\u003e\u003ccode\u003eaf2cb8f\u003c/code\u003e\u003c/a\u003e wqremove maxDecompressedMessageSize (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4891\"\u003e#4891\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/8873c947271faf1ebc455bdc6158ecbc022ecfa9\"\u003e\u003ccode\u003e8873c94\u003c/code\u003e\u003c/a\u003e Bumped v6.24.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodejs/undici/compare/v6.21.3...v6.26.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for undici since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.3.10 to 13.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/e80cb38ae60d6cbff9e75f39032a994858994d35\"\u003e\u003ccode\u003ee80cb38\u003c/code\u003e\u003c/a\u003e 13.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/9cdbbfff75c64fb158c8842d4d0eb3e908676a41\"\u003e\u003ccode\u003e9cdbbff\u003c/code\u003e\u003c/a\u003e revert tsgo, not ready for test coverage correctness yet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/89c99ba8e276438b8e31ce878b63186e2cd375b4\"\u003e\u003ccode\u003e89c99ba\u003c/code\u003e\u003c/a\u003e use tsgo compiler\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/b7275d54f294174607f544acf07cc7ec526b7878\"\u003e\u003ccode\u003eb7275d5\u003c/code\u003e\u003c/a\u003e update deps, expand engines to include node 18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/942e360a669e0c378c0abd261e7d329ca2cee661\"\u003e\u003ccode\u003e942e360\u003c/code\u003e\u003c/a\u003e update workflows, pull taprc out of package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/4a0d53c7531f3f0df97f9e4d26c78489e7f6d7ef\"\u003e\u003ccode\u003e4a0d53c\u003c/code\u003e\u003c/a\u003e update tap for mockImport bugfix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/ef94ad2696c12129628208cf4e38575e7240c1c4\"\u003e\u003ccode\u003eef94ad2\u003c/code\u003e\u003c/a\u003e update tap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/180c2d43cb135f134c0c5446408dc107c79a5a9b\"\u003e\u003ccode\u003e180c2d4\u003c/code\u003e\u003c/a\u003e update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/37993c86faddcb780458b2d7ae3c2ead7a84bf31\"\u003e\u003ccode\u003e37993c8\u003c/code\u003e\u003c/a\u003e remove stray console.error in test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/03ae4c244cac6331817158b0bc12effd30deeb43\"\u003e\u003ccode\u003e03ae4c2\u003c/code\u003e\u003c/a\u003e 13.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.3.10...v13.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 9.0.3 to 10.2.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rollup` from 4.31.0 to 4.59.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/releases\"\u003erollup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.59.0\u003c/h2\u003e\n\u003ch2\u003e4.59.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow when the generated bundle contains paths that would leave the output directory (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6276\"\u003e#6276\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6275\"\u003e#6275\u003c/a\u003e: Validate bundle stays within output dir (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.58.0\u003c/h2\u003e\n\u003ch2\u003e4.58.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-20\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAlso support \u003ccode\u003e__NO_SIDE_EFFECTS__\u003c/code\u003e annotation before variable declarations declaring function expressions (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6272\"\u003e#6272\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6256\"\u003e#6256\u003c/a\u003e: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (\u003ca href=\"https://github.com/njg7194\"\u003e\u003ccode\u003e@​njg7194\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6259\"\u003e#6259\u003c/a\u003e: docs: Correct typo and improve sentence structure in docs for \u003ccode\u003eoutput.experimentalMinChunkSize\u003c/code\u003e (\u003ca href=\"https://github.com/millerick\"\u003e\u003ccode\u003e@​millerick\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6260\"\u003e#6260\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v47 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6261\"\u003e#6261\u003c/a\u003e: fix(deps): lock file maintenance minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6262\"\u003e#6262\u003c/a\u003e: Avoid unnecessary cloning of the code string (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6263\"\u003e#6263\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6265\"\u003e#6265\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca hre...\n\n_Description has been truncated_","html_url":"https://github.com/coutureb/ort/pull/24","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/coutureb%2Fort/issues/24","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/24/packages"}},{"old_version":"6.12.6","new_version":"8.20.0","update_type":"major","path":null,"pr_created_at":"2026-06-13T01:48:30.000Z","version_change":"6.12.6 → 8.20.0","issue":{"uuid":"4653852520","node_id":"PR_kwDOQpX1xc7l_XsE","number":200,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 6 directories with 10 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-13T01:48:30.000Z","updated_at":"2026-06-13T01:48:34.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":10,"packages":[{"name":"esbuild","old_version":"0.28.0","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"},{"name":"@hono/node-server","old_version":"1.19.11","new_version":"1.19.13","repository_url":"https://github.com/honojs/node-server"},{"name":"esbuild","old_version":"0.25.12","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"},{"name":"@modelcontextprotocol/sdk","old_version":"1.25.2","new_version":"1.26.0","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"esbuild","old_version":"0.28.0","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"},{"name":"ip-address","old_version":"10.1.0","new_version":"10.2.0"},{"name":"esbuild","old_version":"0.25.12","new_version":"0.28.1","repository_url":"https://github.com/evanw/esbuild"},{"name":"ws","old_version":"8.18.0","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"ajv","old_version":"6.12.6","new_version":"8.20.0","repository_url":"https://github.com/ajv-validator/ajv"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 2 updates in the / directory: [esbuild](https://github.com/evanw/esbuild) and [@hono/node-server](https://github.com/honojs/node-server).\nBumps the npm_and_yarn group with 1 update in the /apps/tormentnexus-extension directory: [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 2 updates in the /borg directory: [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) and [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 2 updates in the /borg/apps/tormentnexus-extension directory: [esbuild](https://github.com/evanw/esbuild) and [ws](https://github.com/websockets/ws).\nBumps the npm_and_yarn group with 3 updates in the /borg/research/OpenQode/bin/goose-ultra-final directory: [esbuild](https://github.com/evanw/esbuild), [ajv](https://github.com/ajv-validator/ajv) and [shell-quote](https://github.com/ljharb/shell-quote).\nBumps the npm_and_yarn group with 3 updates in the /research/OpenQode/bin/goose-ultra-final directory: [esbuild](https://github.com/evanw/esbuild), [@tootallnate/once](https://github.com/TooTallNate/once) and [shell-quote](https://github.com/ljharb/shell-quote).\n\nUpdates `esbuild` from 0.28.0 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\n{\n  using x = new Resource()\n  x.activate()\n}\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nnew (foo()`bar`)()\nnew (foo()?.bar)()\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.28.0...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@hono/node-server` from 1.19.11 to 1.19.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/node-server/releases\"\u003e@​hono/node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.13\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an issue in Serve Static Middleware where inconsistent handling of repeated slashes (\u003ccode\u003e//\u003c/code\u003e) between the router and static file resolution could allow middleware to be bypassed. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-92pp-h63x-v22m for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.12\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: ignore claude setting by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/314\"\u003ehonojs/node-server#314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: request draining for early 413 responses by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/329\"\u003ehonojs/node-server#329\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/fd64e659a34ec661fd9ccda00d1b9dff88dfaf90\"\u003e\u003ccode\u003efd64e65\u003c/code\u003e\u003c/a\u003e 1.19.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/025c30f55d589ddbe6048b151d77e904f67a8cc2\"\u003e\u003ccode\u003e025c30f\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/6cdb5a724952f3df5748e435637792068ebea6d9\"\u003e\u003ccode\u003e6cdb5a7\u003c/code\u003e\u003c/a\u003e 1.19.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/70250f780ec99d2ddc0dd8275a42f8e091e06e94\"\u003e\u003ccode\u003e70250f7\u003c/code\u003e\u003c/a\u003e fix: request draining for early 413 responses (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/329\"\u003e#329\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/cfc08b330a1f2e0a2d8cc7797cde389465b5f4fb\"\u003e\u003ccode\u003ecfc08b3\u003c/code\u003e\u003c/a\u003e chore: ignore claude setting (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.11...v1.19.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.25.12 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\n{\n  using x = new Resource()\n  x.activate()\n}\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nnew (foo()`bar`)()\nnew (foo()?.bar)()\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.28.0...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.25.2 to 1.26.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e@​modelcontextprotocol/sdk's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.26.0\u003c/h2\u003e\n\u003cp\u003eAddresses \u0026quot;Sharing server/transport instances can leak cross-client response data\u0026quot; in this GHSA \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: bump v1.25.3 for backport fixes by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1412\"\u003emodelcontextprotocol/typescript-sdk#1412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by \u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) by \u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.26.0 by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1479\"\u003emodelcontextprotocol/typescript-sdk#1479\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v1.x backport] Use correct schema for client sampling validation when tools are present by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1407\"\u003emodelcontextprotocol/typescript-sdk#1407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent Hono from overriding global Response object (v1.x) by \u003ca href=\"https://github.com/mattzcarey\"\u003e\u003ccode\u003e@​mattzcarey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1411\"\u003emodelcontextprotocol/typescript-sdk#1411\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/fe9c07b465871394c7069207c86513df9c1194a4\"\u003e\u003ccode\u003efe9c07b\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.26.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1479\"\u003e#1479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/4f01e7e0708e1a85ccc7dbf39e850005f2d9ff03\"\u003e\u003ccode\u003e4f01e7e\u003c/code\u003e\u003c/a\u003e fix: add non-null assertions for optional setupServer fields in stateful test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/a05be176cabeae1f933b676e3ce024bf02e2314d\"\u003e\u003ccode\u003ea05be17\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/50d9fa3cd12e807e7963bcb9e1548786d3d5d941\"\u003e\u003ccode\u003e50d9fa3\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1442\"\u003e#1442\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/aa81a66556fb4434d8a6d1b70f7ac9fc40b5d325\"\u003e\u003ccode\u003eaa81a66\u003c/code\u003e\u003c/a\u003e fix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x back...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/6aba0659654e1ff0699844524595922a61e44cb9\"\u003e\u003ccode\u003e6aba065\u003c/code\u003e\u003c/a\u003e chore: bump v1.25.3 for backport fixes (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1412\"\u003e#1412\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/6e8f7e1a43a819ae230373c62b82228dafd892c6\"\u003e\u003ccode\u003e6e8f7e1\u003c/code\u003e\u003c/a\u003e fix: prevent Hono from overriding global Response object (v1.x) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1411\"\u003e#1411\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/12ae856cee6ca58499cce24e80f650e78a0c7610\"\u003e\u003ccode\u003e12ae856\u003c/code\u003e\u003c/a\u003e [v1.x backport] Use correct schema for client sampling validation when tools ...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.26.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.28.0 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\n{\n  using x = new Resource()\n  x.activate()\n}\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nnew (foo()`bar`)()\nnew (foo()?.bar)()\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.28.0...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ip-address` from 10.1.0 to 10.2.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/80fccaae984618f35dc941efab55cf2440ab37e8\"\u003e\u003ccode\u003e80fccaa\u003c/code\u003e\u003c/a\u003e 10.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/abaeb4d817cab16d3a1a78abd249d1f116bd302e\"\u003e\u003ccode\u003eabaeb4d\u003c/code\u003e\u003c/a\u003e Type Address4.addressMinusSuffix as non-nilable (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/2878c294e1216f9a0b69ad1d3c57a3790a7d5e8e\"\u003e\u003ccode\u003e2878c29\u003c/code\u003e\u003c/a\u003e Preserve subnet prefix through Address6.to4() (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/123\"\u003e#123\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/203\"\u003e#203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/586666ee9e666464071761d7a453715f98b6caee\"\u003e\u003ccode\u003e586666e\u003c/code\u003e\u003c/a\u003e Reject trailing junk in Address6.fromURL (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/158\"\u003e#158\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/202\"\u003e#202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/80bc76eddf63df38db60defd5004bea919adf7ac\"\u003e\u003ccode\u003e80bc76e\u003c/code\u003e\u003c/a\u003e Validate static factories instead of silently overflowing (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/201\"\u003e#201\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/98927be9ef0c09f8ffcaf30b297405c9eff0a520\"\u003e\u003ccode\u003e98927be\u003c/code\u003e\u003c/a\u003e Clarify isValid() accepts CIDRs with host bits set (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/81\"\u003e#81\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/a0eb0732d6ac3088daa1106f4933eade41fd364a\"\u003e\u003ccode\u003ea0eb073\u003c/code\u003e\u003c/a\u003e Fix getScope() and broaden getType() classification (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/122\"\u003e#122\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/200\"\u003e#200\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/ec52105c87179129b9f091e97581e87b007824c7\"\u003e\u003ccode\u003eec52105\u003c/code\u003e\u003c/a\u003e Add networkForm() for CIDR network-address strings (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/199\"\u003e#199\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/a9443a72215b21a1e692be75cd3e18e8aa2262cb\"\u003e\u003ccode\u003ea9443a7\u003c/code\u003e\u003c/a\u003e Add isMapped4() predicate for IPv4-mapped IPv6 addresses (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/62\"\u003e#62\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/198\"\u003e#198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/f01d74267ed39f84521157e5f199edade9809f1e\"\u003e\u003ccode\u003ef01d742\u003c/code\u003e\u003c/a\u003e Add address-property predicates (private, ULA, loopback, link-local, etc.) (#...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/beaugunderson/ip-address/compare/v10.1.0...v10.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.25.12 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\n{\r\n  using x = new Resource()\r\n  x.activate()\r\n}\r\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\r\nnew (foo()`bar`)()\r\nnew (foo()?.bar)()\r\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003c/p\u003e\n\u003cp\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.28.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisallow \u003ccode\u003e\\\u003c/code\u003e in local development server HTTP requests (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-g7r4-m6w7-qqqr\"\u003eGHSA-g7r4-m6w7-qqqr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \u003ccode\u003e\\\u003c/code\u003e backslash character. It happened due to the use of Go's \u003ccode\u003epath.Clean()\u003c/code\u003e function, which only handles Unix-style \u003ccode\u003e/\u003c/code\u003e characters. HTTP requests with paths containing \u003ccode\u003e\\\u003c/code\u003e are no longer allowed.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/dellalibera\"\u003e\u003ccode\u003e@​dellalibera\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd integrity checks to the Deno API (\u003ca href=\"https://github.com/evanw/esbuild/security/advisories/GHSA-gv7w-rqvm-qjhr\"\u003eGHSA-gv7w-rqvm-qjhr\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.\u003c/p\u003e\n\u003cp\u003eNote that esbuild's Deno API installs from \u003ccode\u003eregistry.npmjs.org\u003c/code\u003e by default, but allows the \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e environment variable to override this with a custom package registry. This change means that the esbuild executable served by \u003ccode\u003eNPM_CONFIG_REGISTRY\u003c/code\u003e must now match the expected content.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/sondt99\"\u003e\u003ccode\u003e@​sondt99\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAvoid inlining \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild's minifier sometimes incorrectly inlined \u003ccode\u003eusing\u003c/code\u003e and \u003ccode\u003eawait using\u003c/code\u003e declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for \u003ccode\u003elet\u003c/code\u003e and \u003ccode\u003econst\u003c/code\u003e declarations by avoiding doing it for \u003ccode\u003evar\u003c/code\u003e declarations, which no longer worked when more declaration types were added. Here's an example:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\n{\n  using x = new Resource()\n  x.activate()\n}\n\u003cp\u003e// Old output (with --minify)\u003cbr /\u003e\nnew Resource().activate();\u003c/p\u003e\n\u003cp\u003e// New output (with --minify)\u003cbr /\u003e\n{using e=new Resource;e.activate()}\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix module evaluation when an error is thrown (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4467\"\u003e#4467\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eIf an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e is used to import a module multiple times. The thrown error is supposed to be thrown by every call to \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e, not just the first. With this release, esbuild will now throw the same error every time you call \u003ccode\u003eimport()\u003c/code\u003e or \u003ccode\u003erequire()\u003c/code\u003e on a module that throws during its evaluation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some edge cases around the \u003ccode\u003enew\u003c/code\u003e operator (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4477\"\u003e#4477\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003ePreviously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a \u003ccode\u003enew\u003c/code\u003e expression (specifically an optional chain and/or a tagged template literal). The generated code for the \u003ccode\u003enew\u003c/code\u003e target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the \u003ccode\u003enew\u003c/code\u003e target in parentheses. Here is an example of some affected code:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// Original code\nnew (foo()`bar`)()\nnew (foo()?.bar)()\n\u003cp\u003e// Old output\u003cbr /\u003e\nnew foo()\u003ccode\u003ebar\u003c/code\u003e();\u003cbr /\u003e\nnew (foo())?.bar();\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/bb9db84c02433fbe37b3509f53f9f3e3cc48725e\"\u003e\u003ccode\u003ebb9db84\u003c/code\u003e\u003c/a\u003e publish 0.28.1 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9ff053e53b8eeb990f59355dbea365277ac45ee2\"\u003e\u003ccode\u003e9ff053e\u003c/code\u003e\u003c/a\u003e security: add integrity checks to the Deno API\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0a9bf2135b67c7e28989a5ba19f0f000805a5ab5\"\u003e\u003ccode\u003e0a9bf21\u003c/code\u003e\u003c/a\u003e enforce non-negative size in gzip parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e2a1a7132058ee067fe736eac15f695861b8654e\"\u003e\u003ccode\u003ee2a1a71\u003c/code\u003e\u003c/a\u003e security: forbid \u003ccode\u003e\\\\\u003c/code\u003e in local dev server requests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/83a2cbfc35809f4fd5152da59572d7bed7739d78\"\u003e\u003ccode\u003e83a2cbf\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4482\"\u003e#4482\u003c/a\u003e: don't inline \u003ccode\u003eusing\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/308ad745d824c77bc607603451b257d0f2fd9a38\"\u003e\u003ccode\u003e308ad74\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4471\"\u003e#4471\u003c/a\u003e: renaming of nested \u003ccode\u003evar\u003c/code\u003e declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f013f5f99a015bce92ec48d49181d4ad3177b29b\"\u003e\u003ccode\u003ef013f5f\u003c/code\u003e\u003c/a\u003e fix some typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/aafd6e48b1088336a5f5a17e930be7e840d43d8c\"\u003e\u003ccode\u003eaafd6e4\u003c/code\u003e\u003c/a\u003e chore: fix some minor issues in comments (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4462\"\u003e#4462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/15300c30b5e22f7cfcbed850c246d35095658386\"\u003e\u003ccode\u003e15300c3\u003c/code\u003e\u003c/a\u003e follow up: cjs evaluation fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1bda0c31d7697c0af44b3ab39b81e599e559a395\"\u003e\u003ccode\u003e1bda0c3\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4461\"\u003e#4461\u003c/a\u003e, fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4467\"\u003e#4467\u003c/a\u003e: esm evaluation fixes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.28.0...v0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.18.0 to 8.20.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an uninitialized memory disclosure issue in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\n(c0327ec1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding a \u003ccode\u003eTypedArray\u003c/code\u003e (e.g. \u003ccode\u003eFloat32Array\u003c/code\u003e) as the \u003ccode\u003ereason\u003c/code\u003e argument for\n\u003ccode\u003ewebsocket.close()\u003c/code\u003e, rather than the supported string or \u003ccode\u003eBuffer\u003c/code\u003e types, caused\nuninitialized memory to be disclosed to the remote peer.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { deepStrictEqual } from 'node:assert';\r\nimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer(\n{ port: 0, skipUTF8Validation: true },\nfunction () {\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e, {\nskipUTF8Validation: true\n});\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ews.on('close', function (code, reason) {\r\n  deepStrictEqual(reason, Buffer.alloc(80));\r\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e}\n);\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.close(1000, new Float32Array(20));\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe issue was privately reported by \u003ca href=\"https://github.com/ChALkeR\"\u003eNikita Skovoroda\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e8.20.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded exports for the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and utilities for the\n\u003ccode\u003eSec-WebSocket-Extensions\u003c/code\u003e and \u003ccode\u003eSec-WebSocket-Protocol\u003c/code\u003e headers (d3503c1f).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.19.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecloseTimeout\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2308\"\u003e#2308\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eHandled a forthcoming breaking change in Node.js core (19984854).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/3ee5349a0b1580f6e1f347b59ec3371011bd8481\"\u003e\u003ccode\u003e3ee5349\u003c/code\u003e\u003c/a\u003e [api] Convert the \u003ccode\u003eisServer\u003c/code\u003e and \u003ccode\u003emaxPayload\u003c/code\u003e parameters to options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/91707b470ebd803aaa3fd1e896217740f39267d4\"\u003e\u003ccode\u003e91707b4\u003c/code\u003e\u003c/a\u003e [doc] Add missing space\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8b553192268810a83253e2a4a39ac16768e75bb3\"\u003e\u003ccode\u003e8b55319\u003c/code\u003e\u003c/a\u003e [pkg] Update eslint to version 10.0.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.18.0...8.20.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `esbuild`\n\nUpdates `ajv` from 6.12.6 to 8.20.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ajv-validator/ajv/releases\"\u003eajv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.20.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add support for node 22/24, drop node 16/21 by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2580\"\u003eajv-validator/ajv#2580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: add ES2022.RegExp for RegExpIndicesArray by \u003ca href=\"https://github.com/SignpostMarv\"\u003e\u003ccode\u003e@​SignpostMarv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2604\"\u003eajv-validator/ajv#2604\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.19.0...v8.20.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.19.0...v8.20.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix prototype pollution via format keyword using $data ref by \u003ca href=\"https://github.com/epoberezkin\"\u003e\u003ccode\u003e@​epoberezkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2607\"\u003eajv-validator/ajv#2607\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.18.0...v8.19.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.18.0...v8.19.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow tree-shaking by adding \u003ccode\u003e\u0026quot;sideEffects\u0026quot;: false\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e by \u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2487\"\u003eajv-validator/ajv#2487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: small grammatical error in managing-schemas.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: typos in schema-language.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2507\"\u003eajv-validator/ajv#2507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(pattern): use configured RegExp engine with $data keyword to mitigate ReDoS attacks (CVE-2025-69873) by \u003ca href=\"https://github.com/epoberezkin\"\u003e\u003ccode\u003e@​epoberezkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2586\"\u003eajv-validator/ajv#2586\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.17.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump version to 8.17.1 by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2472\"\u003eajv-validator/ajv#2472\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.0...v8.17.1\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.17.0...v8.17.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ePlus everything in 8.17.0 which failed to release\u003c/h2\u003e\n\u003cp\u003eThe only functional change is to switch from uri-js (which is no longer supported), to fast-uri. This is the second attempt and the team on fast-uri have been really helpful addressing the issues we found last time.\u003c/p\u003e\n\u003cp\u003eRevert \u0026quot;Revert fast-uri change (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2444\"\u003eajv-validator/ajv#2444\u003c/a\u003e)\u0026quot; by \u003ca href=\"https://github.com/gurgunday\"\u003e\u003ccode\u003e@​gurgunday\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2448\"\u003eajv-validator/ajv#2448\u003c/a\u003e\nfix: ignore new eslint error for \u003ccode\u003e@​typescript-eslint/no-extraneous-class\u003c/code\u003e by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2455\"\u003eajv-validator/ajv#2455\u003c/a\u003e\ndocs: clarify behaviour of addVocabulary by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2454\"\u003eajv-validator/ajv#2454\u003c/a\u003e\ndocs: refactor to improve legibility by \u003ca href=\"https://github.com/blottn\"\u003e\u003ccode\u003e@​blottn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://...\n\n_Description has been truncated_","html_url":"https://github.com/robertpelloni/TormentNexus/pull/200","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/robertpelloni%2FTormentNexus/issues/200","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/200/packages"}},{"old_version":"8.7.1","new_version":"8.18.0","update_type":"minor","path":null,"pr_created_at":"2026-06-12T21:47:17.000Z","version_change":"8.7.1 → 8.18.0","issue":{"uuid":"4652820127","node_id":"PR_kwDOQBO5Ec7l8A-p","number":10,"state":"open","title":"Bump the npm_and_yarn group across 12 directories with 22 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-12T21:47:17.000Z","updated_at":"2026-06-12T21:52:17.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":22,"packages":[{"name":"ajv","old_version":"8.7.1","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"postcss","old_version":"8.4.38","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"uuid","old_version":"9.0.1","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"webpack","old_version":"5.97.0","new_version":"5.104.1","repository_url":"https://github.com/webpack/webpack"},{"name":"@babel/runtime","old_version":"7.25.7","new_version":"7.26.10","repository_url":"https://github.com/babel/babel"},{"name":"showdown","old_version":"1.9.1","new_version":"2.1.0","repository_url":"https://github.com/showdownjs/showdown"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"@octokit/request-error","old_version":"2.1.0","new_version":"5.1.1","repository_url":"https://github.com/octokit/request-error.js"},{"name":"webpack-dev-server","old_version":"4.15.2","new_version":"5.2.4","repository_url":"https://github.com/webpack/webpack-dev-server"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 9 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.7.1` | `8.18.0` |\n| [postcss](https://github.com/postcss/postcss) | `8.4.38` | `8.5.10` |\n| [uuid](https://github.com/uuidjs/uuid) | `9.0.1` | `14.0.0` |\n| [webpack](https://github.com/webpack/webpack) | `5.97.0` | `5.104.1` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.25.7` | `7.26.10` |\n| [showdown](https://github.com/showdownjs/showdown) | `1.9.1` | `2.1.0` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [@octokit/request-error](https://github.com/octokit/request-error.js) | `2.1.0` | `5.1.1` |\n| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `4.15.2` | `5.2.4` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/annotations directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/babel-preset-default directory: [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime).\nBumps the npm_and_yarn group with 2 updates in the /packages/blocks directory: [uuid](https://github.com/uuidjs/uuid) and [showdown](https://github.com/showdownjs/showdown).\nBumps the npm_and_yarn group with 1 update in the /packages/components directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/dataviews directory: [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime).\nBumps the npm_and_yarn group with 1 update in the /packages/e2e-tests directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/interface directory: [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime).\nBumps the npm_and_yarn group with 1 update in the /packages/project-management-automation directory: [@octokit/request-error](https://github.com/octokit/request-error.js).\nBumps the npm_and_yarn group with 1 update in the /packages/scripts directory: [webpack-dev-server](https://github.com/webpack/webpack-dev-server).\nBumps the npm_and_yarn group with 1 update in the /packages/upload-media directory: [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime).\nBumps the npm_and_yarn group with 4 updates in the /platform-docs directory: [ajv](https://github.com/ajv-validator/ajv), [webpack-dev-server](https://github.com/webpack/webpack-dev-server), [lodash](https://github.com/lodash/lodash) and [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast).\n\nUpdates `ajv` from 8.7.1 to 8.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ajv-validator/ajv/releases\"\u003eajv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow tree-shaking by adding \u003ccode\u003e\u0026quot;sideEffects\u0026quot;: false\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e by \u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2487\"\u003eajv-validator/ajv#2487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: small grammatical error in managing-schemas.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: typos in schema-language.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2507\"\u003eajv-validator/ajv#2507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(pattern): use configured RegExp engine with $data keyword to mitigate ReDoS attacks (CVE-2025-69873) by \u003ca href=\"https://github.com/epoberezkin\"\u003e\u003ccode\u003e@​epoberezkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2586\"\u003eajv-validator/ajv#2586\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.17.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump version to 8.17.1 by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2472\"\u003eajv-validator/ajv#2472\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.0...v8.17.1\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.17.0...v8.17.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ePlus everything in 8.17.0 which failed to release\u003c/h2\u003e\n\u003cp\u003eThe only functional change is to switch from uri-js (which is no longer supported), to fast-uri. This is the second attempt and the team on fast-uri have been really helpful addressing the issues we found last time.\u003c/p\u003e\n\u003cp\u003eRevert \u0026quot;Revert fast-uri change (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2444\"\u003eajv-validator/ajv#2444\u003c/a\u003e)\u0026quot; by \u003ca href=\"https://github.com/gurgunday\"\u003e\u003ccode\u003e@​gurgunday\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2448\"\u003eajv-validator/ajv#2448\u003c/a\u003e\nfix: ignore new eslint error for \u003ccode\u003e@​typescript-eslint/no-extraneous-class\u003c/code\u003e by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2455\"\u003eajv-validator/ajv#2455\u003c/a\u003e\ndocs: clarify behaviour of addVocabulary by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2454\"\u003eajv-validator/ajv#2454\u003c/a\u003e\ndocs: refactor to improve legibility by \u003ca href=\"https://github.com/blottn\"\u003e\u003ccode\u003e@​blottn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2432\"\u003eajv-validator/ajv#2432\u003c/a\u003e\nFix grammatical typo in managing-schemas.md by \u003ca href=\"https://github.com/wetneb\"\u003e\u003ccode\u003e@​wetneb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2305\"\u003eajv-validator/ajv#2305\u003c/a\u003e\ndocs: Fix broken strict-mode link by \u003ca href=\"https://github.com/alexanderjsx\"\u003e\u003ccode\u003e@​alexanderjsx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2459\"\u003eajv-validator/ajv#2459\u003c/a\u003e\nfeat: add test for encoded refs and bump fast-uri by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2449\"\u003eajv-validator/ajv#2449\u003c/a\u003e\nfix: changes for \u003ccode\u003e@​typescript-eslint/array-type\u003c/code\u003e rule by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2467\"\u003eajv-validator/ajv#2467\u003c/a\u003e\nfixes \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2217\"\u003eajv-validator/ajv#2217\u003c/a\u003e - clarify custom keyword naming by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2457\"\u003eajv-validator/ajv#2457\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThe only functional change is to switch from uri-js (which is no longer supported), to fast-uri. This is the second attempt and the team on fast-uri have been really helpful addressing the issues we found last time.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRevert \u0026quot;Revert fast-uri change (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2444\"\u003e#2444\u003c/a\u003e)\u0026quot; by \u003ca href=\"https://github.com/gurgunday\"\u003e\u003ccode\u003e@​gurgunday\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2448\"\u003eajv-validator/ajv#2448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: ignore new eslint error for \u003ccode\u003e@​typescript-eslint/no-extraneous-class\u003c/code\u003e by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2455\"\u003eajv-validator/ajv#2455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify behaviour of addVocabulary by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2454\"\u003eajv-validator/ajv#2454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: refactor to improve legibility by \u003ca href=\"https://github.com/blottn\"\u003e\u003ccode\u003e@​blottn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2432\"\u003eajv-validator/ajv#2432\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix grammatical typo in managing-schemas.md by \u003ca href=\"https://github.com/wetneb\"\u003e\u003ccode\u003e@​wetneb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2305\"\u003eajv-validator/ajv#2305\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Fix broken strict-mode link by \u003ca href=\"https://github.com/alexanderjsx\"\u003e\u003ccode\u003e@​alexanderjsx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2459\"\u003eajv-validator/ajv#2459\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add test for encoded refs and bump fast-uri by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2449\"\u003eajv-validator/ajv#2449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: changes for \u003ccode\u003e@​typescript-eslint/array-type\u003c/code\u003e rule by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2467\"\u003eajv-validator/ajv#2467\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efixes \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2217\"\u003e#2217\u003c/a\u003e - clarify custom keyword naming by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2457\"\u003eajv-validator/ajv#2457\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/142ce84b807c4fe66e619c22480a28d0e4bd50fa\"\u003e\u003ccode\u003e142ce84\u003c/code\u003e\u003c/a\u003e 8.18.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/720a23fa453ffae8340e92c9b0fe886c54cfe0d5\"\u003e\u003ccode\u003e720a23f\u003c/code\u003e\u003c/a\u003e fix(pattern): use configured RegExp engine with $data keyword to mitigate ReD...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/82735a15826a30cc51e97a1bbfb59b3d388e4b98\"\u003e\u003ccode\u003e82735a1\u003c/code\u003e\u003c/a\u003e fix: typos in schema-language.md (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2507\"\u003e#2507\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b17ec32cd97542e90ae27231d8a8bce88b9e53b6\"\u003e\u003ccode\u003eb17ec32\u003c/code\u003e\u003c/a\u003e fix: small grammatical error in managing-schemas.md (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2508\"\u003e#2508\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/69568d08564303e2c32a2de61feb833b41075f96\"\u003e\u003ccode\u003e69568d0\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/f06766f33ed7291f84c19f22a1286a34475fbdaf\"\u003e\u003ccode\u003ef06766f\u003c/code\u003e\u003c/a\u003e feat: allow tree-shaking by adding ``\u0026quot;sideEffects\u0026quot;: false\u003ccode\u003eto\u003c/code\u003epackage.json` ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/9050ba1359fb87cd7c143f3c79513ea7624ea443\"\u003e\u003ccode\u003e9050ba1\u003c/code\u003e\u003c/a\u003e bump version to 8.17.1 (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2472\"\u003e#2472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/f7831b41c3a27064c6219f51a1e7371ffb582dfe\"\u003e\u003ccode\u003ef7831b4\u003c/code\u003e\u003c/a\u003e fixes \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2217\"\u003e#2217\u003c/a\u003e - clarify custom keyword naming (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2457\"\u003e#2457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/a523784388a79ce65e42caf4d2731da36a94b386\"\u003e\u003ccode\u003ea523784\u003c/code\u003e\u003c/a\u003e fix: changes for \u003ccode\u003e@​typescript-eslint/array-type\u003c/code\u003e rule (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2467\"\u003e#2467\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/595fe58e64e8d5fb8a50fd7a58f9e7f3bcca0bac\"\u003e\u003ccode\u003e595fe58\u003c/code\u003e\u003c/a\u003e feat: add test for encoded refs and bump fast-uri (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2449\"\u003e#2449\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.7.1...v8.18.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.4.38 to 8.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003ePostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e during \u003ca href=\"https://redirect.github.com/postcss/postcss/issues/1995\"\u003ehis work\u003c/a\u003e on \u003ca href=\"https://stylelint.io\"\u003eStylelint\u003c/a\u003e added \u003ccode\u003eInput#document\u003c/code\u003e in additional to \u003ccode\u003eInput#css\u003c/code\u003e.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eroot.source.input.document //=\u0026gt; \u0026quot;\u0026lt;p\u0026gt;Hello\u0026lt;/p\u0026gt;\r\n                           //    \u0026lt;style\u0026gt;\r\n                           //    p {\r\n                           //      color: green;\r\n                           //    }\r\n                           //    \u0026lt;/style\u0026gt;\u0026quot;\r\nroot.source.input.css      //=\u0026gt; \u0026quot;p {\r\n                           //      color: green;\r\n                           //    }\u0026quot;\r\n\u003cp\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eInput#document\u003c/code\u003e for sources like CSS-in-JS or HTML (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.4.49\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax without \u003ccode\u003esource.offset\u003c/code\u003e (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986\"\u003e\u003ccode\u003e33b9790\u003c/code\u003e\u003c/a\u003e Release 8.5.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b\"\u003e\u003ccode\u003e536c79e\u003c/code\u003e\u003c/a\u003e Escape \u0026lt;/style\u0026gt; in CSS output (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2074\"\u003e#2074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4\"\u003e\u003ccode\u003eafa96b2\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2073\"\u003e#2073\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d\"\u003e\u003ccode\u003eeffe88b\u003c/code\u003e\u003c/a\u003e Typo (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2072\"\u003e#2072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad\"\u003e\u003ccode\u003e3ee79a2\u003c/code\u003e\u003c/a\u003e Thread model (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01\"\u003e\u003ccode\u003e2e0683d\u003c/code\u003e\u003c/a\u003e Create incident response docs (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/fe88ac29c06b7b218be32994cdc6ca1525bdf2c9\"\u003e\u003ccode\u003efe88ac2\u003c/code\u003e\u003c/a\u003e Release 8.5.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/c551632496b87ab3f1965bfda5dc386b6c71963e\"\u003e\u003ccode\u003ec551632\u003c/code\u003e\u003c/a\u003e Avoid RegExp when we can use simple JS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/89a6b744060eb8dee743351c785a9fbe37d4525a\"\u003e\u003ccode\u003e89a6b74\u003c/code\u003e\u003c/a\u003e Move SECURITY.txt for docs folder to keep GitHub page cleaner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/6ceb8a46af9f9de821faee98f861bdf84617347b\"\u003e\u003ccode\u003e6ceb8a4\u003c/code\u003e\u003c/a\u003e Create SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.4.38...8.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 9.0.1 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v9.0.1...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack` from 5.97.0 to 5.104.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/releases\"\u003ewebpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.104.1\u003c/h2\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.104.0\u003c/h2\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.103.0\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eDotenvPlugin\u003c/code\u003e and top level \u003ccode\u003edotenv\u003c/code\u003e option to enable this plugin\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eWebpackManifestPlugin\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded support the \u003ccode\u003eignoreList\u003c/code\u003e option in devtool plugins\u003c/li\u003e\n\u003cli\u003eAllow to use custom javascript parse function\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/blob/main/CHANGELOG.md\"\u003ewebpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/24e3c2d2c9f8c6d60810302b2ea70ed86e2863dc\"\u003e\u003ccode\u003e24e3c2d\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20253\"\u003e#20253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/2efd21b0b06baa9b1a7f009b336379dcef24c1a5\"\u003e\u003ccode\u003e2efd21b\u003c/code\u003e\u003c/a\u003e fix(re-exports): reexports runtime calculation should not accessing `__WEBPAC...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/c5100702335a9cdcb75558ccd80def2329bd4abf\"\u003e\u003ccode\u003ec510070\u003c/code\u003e\u003c/a\u003e fix(security): userinfo bypass vulnerability in HttpUriPlugin allowedUris\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/4b0501c69700963bad1285b56f9cfa74704cb963\"\u003e\u003ccode\u003e4b0501c\u003c/code\u003e\u003c/a\u003e ci: fix release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20252\"\u003e#20252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/0c213cecf2906bc41102c3a4cfdd1ad3522d0171\"\u003e\u003ccode\u003e0c213ce\u003c/code\u003e\u003c/a\u003e ci: use \u003ccode\u003e\\\u0026lt;@\u0026amp;1450591255485743204\u0026gt;\u003c/code\u003e over \u003ccode\u003e@here\u003c/code\u003e for discord notificationw\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/5bf8bc51bcfb49d25b73aae450b246cd8b8b423a\"\u003e\u003ccode\u003e5bf8bc5\u003c/code\u003e\u003c/a\u003e refactor: types for benchmarks and tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/505a5e744fbcf4471ddb534bf1d4aebea9643c1b\"\u003e\u003ccode\u003e505a5e7\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20188\"\u003e#20188\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/0c066808d59e4f9406e11bab4ffa2e0feacbd0e2\"\u003e\u003ccode\u003e0c06680\u003c/code\u003e\u003c/a\u003e refactor: update eslint configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/2eb0d6a410513960bd7d65bf15baf15704a612eb\"\u003e\u003ccode\u003e2eb0d6a\u003c/code\u003e\u003c/a\u003e ci: release announcement (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20238\"\u003e#20238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/b2b24590a08755b706d2009ca97a226addf9e83b\"\u003e\u003ccode\u003eb2b2459\u003c/code\u003e\u003c/a\u003e ci: cancel in progress (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20239\"\u003e#20239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/webpack/webpack/compare/v5.97.0...v5.104.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/runtime` from 7.25.7 to 7.26.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/runtime's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.26.10 (2025-03-11)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/jordan-choi\"\u003e\u003ccode\u003e@​jordan-choi\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/mmmsssttt404\"\u003e\u003ccode\u003e@​mmmsssttt404\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003cp\u003eThis release includes a fix for \u003ca href=\"https://github.com/babel/babel/security/advisories/GHSA-968p-4wvh-cqc8\"\u003ehttps://github.com/babel/babel/security/advisories/GHSA-968p-4wvh-cqc8\u003c/a\u003e, a security vulnerability which affects the \u003ccode\u003e.replace\u003c/code\u003e method of transpiled regular expressions that use named capturing groups.\u003c/p\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17159\"\u003e#17159\u003c/a\u003e Disallow decorator in array pattern (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e, \u003ccode\u003ebabel-template\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17164\"\u003e#17164\u003c/a\u003e Fix: always initialize ExportDeclaration attributes (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17142\"\u003e#17142\u003c/a\u003e fix: \u0026quot;Map maximum size exceeded\u0026quot; in deepClone (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-typescript\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17154\"\u003e#17154\u003c/a\u003e Update typescript parser tests (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17151\"\u003e#17151\u003c/a\u003e fix: Should not evaluate vars in child scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17153\"\u003e#17153\u003c/a\u003e fix: Correctly generate \u003ccode\u003eabstract override\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17107\"\u003e#17107\u003c/a\u003e Fix source type detection when parsing TypeScript (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-runtime\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs2\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17173\"\u003e#17173\u003c/a\u003e Fix processing of replacement pattern with named capture groups (\u003ca href=\"https://github.com/%5Bmmmsssttt404%5D(https://github.com/mmmsssttt404)\"\u003e\u003ccode\u003e@​mmmsssttt404\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17158\"\u003e#17158\u003c/a\u003e Avoid warnings when re-bundling \u003ccode\u003e@​babel/standalone\u003c/code\u003e with webpack (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17160\"\u003e#17160\u003c/a\u003e Left-value parsing cleanup (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBabel Bot (\u003ca href=\"https://github.com/babel-bot\"\u003e\u003ccode\u003e@​babel-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eYunyoung Jordan Choi (\u003ca href=\"https://github.com/jordan-choi\"\u003e\u003ccode\u003e@​jordan-choi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mmmsssttt404\"\u003e\u003ccode\u003e@​mmmsssttt404\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.26.9 (2025-02-14)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17103\"\u003e#17103\u003c/a\u003e fix: Definition for \u003ccode\u003eTSPropertySignature.kind\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17062\"\u003e#17062\u003c/a\u003e Print TypeScript optional/definite in ClassPrivateProperty (\u003ca href=\"https://github.com/jamiebuilds-signal\"\u003e\u003ccode\u003e@​jamiebuilds-signal\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/e1ce99df422971175249509e7bbc2b327b8f7957\"\u003e\u003ccode\u003ee1ce99d\u003c/code\u003e\u003c/a\u003e v7.26.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d5952e80c0faa5ec20e35085531b6e572d31dad4\"\u003e\u003ccode\u003ed5952e8\u003c/code\u003e\u003c/a\u003e Fix processing of replacement pattern with named capture groups (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17173\"\u003e#17173\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/64bca7b5f308cd52c192a5c821a57f6d1b0475f4\"\u003e\u003ccode\u003e64bca7b\u003c/code\u003e\u003c/a\u003e v7.26.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/2d9514066e3b135835ed93246ebbcdb7ca0263ca\"\u003e\u003ccode\u003e2d95140\u003c/code\u003e\u003c/a\u003e v7.26.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/63d30381c169780460e01bdb6669c5e01af1dfbe\"\u003e\u003ccode\u003e63d3038\u003c/code\u003e\u003c/a\u003e v7.26.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/b07957ebb316a1e2fc67454fc7423508bb942e63\"\u003e\u003ccode\u003eb07957e\u003c/code\u003e\u003c/a\u003e v7.25.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/af917594e4df3decdde2ce0b1614d607b27367a5\"\u003e\u003ccode\u003eaf91759\u003c/code\u003e\u003c/a\u003e fix: Accidentally publishing useless files (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/16917\"\u003e#16917\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/babel/babel/commits/v7.26.10/packages/babel-runtime\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `showdown` from 1.9.1 to 2.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/showdownjs/showdown/releases\"\u003eshowdown's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.1.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/showdownjs/showdown/compare/2.0.0...2.1.0\"\u003e2.1.0\u003c/a\u003e (2022-04-21)\u003c/h2\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ethe CLI no longer accepts \u0026quot;extra options\u0026quot;. Instead you should pass the \u003ccode\u003e-c\u003c/code\u003e flag. To update:\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ebefore:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eshowdown makehtml -i foo.md -o bar.html --strikethrough --emoji\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eafter:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eshowdown makehtml -i foo.md -o bar.html -c strikethrough -c emoji\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003e2.0.4 (2022-04-21)\u003c/h2\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/showdownjs/showdown/compare/2.0.3...2.0.4\"\u003e2.0.4\u003c/a\u003e (2022-04-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003etest(cli): Add test for multiple config options (\u003ca href=\"https://github.com/showdownjs/showdown/commit/914129f\"\u003e914129f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/showdownjs/showdown/issues/916\"\u003e#916\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecli:\u003c/strong\u003e cli displays the correct version number (\u003ca href=\"https://github.com/showdownjs/showdown/commit/8b48882\"\u003e8b48882\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.3 (2022-03-08)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecli:\u003c/strong\u003e fix cli to work with yargs (\u003ca href=\"https://github.com/showdownjs/showdown/commit/f8c4bd2\"\u003ef8c4bd2\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/showdownjs/showdown/issues/893\"\u003e#893\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.0 (2022-02-15)\u003c/h2\u003e\n\u003cp\u003e2.0.0 is mostly a maintenance release. There are only a few changes beyond 1.9.1 as noted below. The major driver of this update is to update the yargs dependency to a more recent version without security issues.\u003c/p\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupported Node Versions were set to match the \u003ca href=\"https://nodejs.org/en/about/releases/\"\u003enode release schedule\u003c/a\u003e which at the time of writing includes Node 12.x, 14.x, 16.x and 17.x\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eyargs\u003c/code\u003e dependency was updated to \u003ccode\u003e^17.2.1\u003c/code\u003e to mitigate a security issue.\u003c/li\u003e\n\u003cli\u003eThe Showdown license has been changed from BSD-3-Clause to MIT\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eallow escaping of colons (\u003ca href=\"https://github.com/showdownjs/showdown/commit/25c4420\"\u003e25c4420\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ereduce npm package size  (\u003ca href=\"https://github.com/showdownjs/showdown/commit/35730b7\"\u003e35730b7\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/showdownjs/showdown/issues/619\"\u003e#619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eellipsis\u003c/code\u003e option to configure if the ellipsis unicode character is used or not. ( Thanks \u003ca href=\"https://github.com/VladimirV99\"\u003e\u003ccode\u003e@​VladimirV99\u003c/code\u003e\u003c/a\u003e )\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/showdownjs/showdown/blob/master/CHANGELOG.md\"\u003eshowdown's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/showdownjs/showdown/compare/2.0.0...2.1.0\"\u003e2.1.0\u003c/a\u003e (2022-04-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(cli)!: Remove support for \u0026quot;extra options\u0026quot; and add -c flag, closes \u003ca href=\"https://redirect.github.com/showdownjs/showdown/issues/916\"\u003e#916\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecli:\u003c/strong\u003e cli displays the correct version number (\u003ca href=\"https://github.com/showdownjs/showdown/commit/8b48882\"\u003e8b48882\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ethe CLI no longer accepts \u0026quot;extra options\u0026quot;. Instead you should pass the \u003ccode\u003e-c\u003c/code\u003e flag. To update:\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ebefore:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eshowdown makehtml -i foo.md -o bar.html --strikethrough --emoji\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eafter:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eshowdown makehtml -i foo.md -o bar.html -c strikethrough -c emoji\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/showdownjs/showdown/compare/1.9.1...2.0.0\"\u003e2.0.0\u003c/a\u003e (2022-02-15)\u003c/h1\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupported Node Versions were set to match the \u003ca href=\"https://nodejs.org/en/about/releases/\"\u003enode release schedule\u003c/a\u003e which at the time of writing includes Node 12.x, 14.x, 16.x and 17.x\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eyargs\u003c/code\u003e dependecy was updated to \u003ccode\u003e^17.2.1\u003c/code\u003e to mitigate a security issue.\u003c/li\u003e\n\u003cli\u003eThe Showdown Licesnse has been changed from  BSD-3-Clause to MIT\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eallow escaping of colons (\u003ca href=\"https://github.com/showdownjs/showdown/commit/25c4420\"\u003e25c4420\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ereduce npm package size  (\u003ca href=\"https://github.com/showdownjs/showdown/commit/35730b7\"\u003e35730b7\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/showdownjs/showdown/issues/619\"\u003e#619\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eellipsis\u003c/code\u003e option to configure if the ellipsis unicode character is used or not. ( Thanks \u003ca href=\"https://github.com/VladimirV99\"\u003e\u003ccode\u003e@​VladimirV99\u003c/code\u003e\u003c/a\u003e )\u003c/li\u003e\n\u003cli\u003eAdded a default security policy. Please report security issues to the issues tab on GitHub.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/showdownjs/showdown/commit/9958ba5cfaf01c93ea9e1a48650fb3074eff98ce\"\u003e\u003ccode\u003e9958ba5\u003c/code\u003e\u003c/a\u003e build: release 2.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/showdownjs/showdown/commit/2be8e2ff0c16e4854120dff0f9270ccc2145e659\"\u003e\u003ccode\u003e2be8e2f\u003c/code\u003e\u003c/a\u003e build: release 2.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/showdownjs/showdown/commit/914129f5dc40ed51632fd140c0dab6b8773bc419\"\u003e\u003ccode\u003e914129f\u003c/code\u003e\u003c/a\u003e test(cli)!: Add test for multiple config options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/showdownjs/showdown/commit/8b488825ac95dd187ef1f32cb8eca886bfefa5a7\"\u003e\u003ccode\u003e8b48882\u003c/code\u003e\u003c/a\u003e fix(cli): cli displays the corrent version number\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/showdownjs/showdown/commit/d5c1b38bc45ed82303369658f59cf3d07d3e49af\"\u003e\u003ccode\u003ed5c1b38\u003c/code\u003e\u003c/a\u003e update funding in package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/showdownjs/showdown/commit/50a1d0b5e8499432c011c64b6ce568f0b426952f\"\u003e\u003ccode\u003e50a1d0b\u003c/code\u003e\u003c/a\u003e release: v 2.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/showdownjs/showdown/commit/f8c4bd26fca4dbf300043a858116197c928bb136\"\u003e\u003ccode\u003ef8c4bd2\u003c/code\u003e\u003c/a\u003e fix(cli): fix cli to work with yargs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/showdownjs/showdown/commit/b3dd26a3a536348bcb65e71edc8df3ddf0a603a0\"\u003e\u003ccode\u003eb3dd26a\u003c/code\u003e\u003c/a\u003e chore: release 2.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/showdownjs/showdown/commit/3871765ac1a35b633b8fa9a431cb73fa06041b6f\"\u003e\u003ccode\u003e3871765\u003c/code\u003e\u003c/a\u003e fix(cli): cli now works properly\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/showdownjs/showdown/commit/612dad0682f7d27d2e19b9857588e8f244f4aebe\"\u003e\u003ccode\u003e612dad0\u003c/code\u003e\u003c/a\u003e chore: build v 2.0.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/showdownjs/showdown/compare/1.9.1...2.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck migration guide in \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/docs\"\u003edocs\u003c/a\u003e for details of all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@octokit/request-error` from 2.1.0 to 5.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/request-error.js/releases\"\u003e@​octokit/request-error's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v5.1.0...v5.1.1\"\u003e5.1.1\u003c/a\u003e (2025-02-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://github.com/octokit/request-error.js/commit/12a14f03dbfbbdc759c1c20a631b277892da09de\"\u003e12a14f0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v5.0.1...v5.1.0\"\u003e5.1.0\u003c/a\u003e (2024-04-05)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade \u003ccode\u003e@octokit/types\u003c/code\u003e to v13 (\u003ca href=\"https://github.com/octokit/request-error.js/commit/3af20bd58fea6cc349bc191c725e78e9cc021da6\"\u003e3af20bd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esecurity:\u003c/strong\u003e Add provenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/416\"\u003e#416\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/94147e8843898e0edd2664d0c46a4f42eb4adaa4\"\u003e94147e8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v5.0.0...v5.0.1\"\u003e5.0.1\u003c/a\u003e (2023-09-23)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v12 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/366\"\u003e#366\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/590fc396a48bb72b4e63f3687f1bdd27fc785a24\"\u003e590fc39\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v4.0.2...v5.0.0\"\u003e5.0.0\u003c/a\u003e (2023-07-07)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v11 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/348\"\u003e#348\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/372097e9b16f70d4ad75089003dc9154e304faa7\"\u003e372097e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e upgrade \u003ccode\u003e@octokit/types\u003c/code\u003e to v11\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/octokit/request-error.js/compare/v4.0.1...v4.0.2\"\u003e4.0.2\u003c/a\u003e (2023-06-16)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v10 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/343\"\u003e#343\u003c/a\u003e) (\u003ca href=\"https://github.com/octokit/request-error.js/commit/28b1958bb96bccd50d44b69a6769e08069dd3922\"\u003e28b1958\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/b51ed2766807a5ca59b5ba477762e84171ccca53\"\u003e\u003ccode\u003eb51ed27\u003c/code\u003e\u003c/a\u003e test: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/12a14f03dbfbbdc759c1c20a631b277892da09de\"\u003e\u003ccode\u003e12a14f0\u003c/code\u003e\u003c/a\u003e fix: ReDos regex vulnerability, reported by \u003ca href=\"https://github.com/dayshift\"\u003e\u003ccode\u003e@​dayshift\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/3af20bd58fea6cc349bc191c725e78e9cc021da6\"\u003e\u003ccode\u003e3af20bd\u003c/code\u003e\u003c/a\u003e fix: upgrade \u003ccode\u003e@octokit/types\u003c/code\u003e to v13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/94147e8843898e0edd2664d0c46a4f42eb4adaa4\"\u003e\u003ccode\u003e94147e8\u003c/code\u003e\u003c/a\u003e feat(security): Add provenance (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/416\"\u003e#416\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/590fc396a48bb72b4e63f3687f1bdd27fc785a24\"\u003e\u003ccode\u003e590fc39\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​octokit/types\u003c/code\u003e to v12 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/4b9c57ea75054f66b093fc547e94f467b824c99e\"\u003e\u003ccode\u003e4b9c57e\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment digest to 46da6c0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/710afc3553d82b0a0dc3c5d6bd5cf4c756131078\"\u003e\u003ccode\u003e710afc3\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment digest to 1f6c514\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/c82c8ce59ef0d28f7e709c886a876316856cbf22\"\u003e\u003ccode\u003ec82c8ce\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment digest to 223779b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/ec24ead3f170bd248cc5b4ac48e5b2307daba68e\"\u003e\u003ccode\u003eec24ead\u003c/code\u003e\u003c/a\u003e ci(action): update peter-evans/create-or-update-comment digest to 46846e5 (\u003ca href=\"https://redirect.github.com/octokit/request-error.js/issues/362\"\u003e#362\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/octokit/request-error.js/commit/365f18db79910407c978767e4ea93c1030ccbac4\"\u003e\u003ccode\u003e365f18d\u003c/code\u003e\u003c/a\u003e ci(action): update actions/checkout action to v4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/octokit/request-error.js/compare/v2.1.0...v5.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack-dev-server` from 4.15.2 to 5.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack-dev-server/releases\"\u003ewebpack-dev-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.2.4\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.3...v5.2.4\"\u003e5.2.4\u003c/a\u003e (2026-05-11)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eset Cross-Origin-Resource-Policy header to prevent source code theft over HTTP\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.3\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.2...v5.2.3\"\u003e5.2.3\u003c/a\u003e (2026-01-12)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003ecause\u003c/code\u003e for \u003ccode\u003eerrorObject\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5518\"\u003e#5518\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/37b033da2c48335178495a1987c469a26ef3de60\"\u003e37b033d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecompatibility with event target and universal target and lazy compilation  (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/574026c44b9c51f0bbd2f5a2836c54607289a071\"\u003e574026c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eoverlay:\u003c/strong\u003e add ESC key to dismiss overlay (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5598\"\u003e#5598\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/f91baa8831e061e2998849966b8002b40b83fb07\"\u003ef91baa8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eprogress indicator styles (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5557\"\u003e#5557\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/41a53a1accdb0a90785d82cbe8a079794eeed3c8\"\u003e41a53a1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade selfsigned to v5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.2\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.1...v5.2.2\"\u003e5.2.2\u003c/a\u003e (2025-06-03)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u0026quot;Overlay enabled\u0026quot; false positive (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/18e72ee3e57a6e7598a6c068c0ff7c7bb6a857f1\"\u003e18e72ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not crush when error is null for runtime errors (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5447\"\u003e#5447\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/309991f947baa0354140b9930a9654ac792e20c4\"\u003e309991f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove unnecessary header \u003ccode\u003eX_TEST\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5451\"\u003e#5451\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/64a6124bf1b4d158bb42a4341dd03121ae3759fa\"\u003e64a6124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erespect the \u003ccode\u003eallowedHosts\u003c/code\u003e option for cross-origin header check (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5510\"\u003e#5510\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/03d12141bf7be09dfb14e91e5c834ee63bd9a9a2\"\u003e03d1214\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.0...v6.0.0\"\u003e5.2.1\u003c/a\u003e (2025-03-26)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecross-origin requests are not allowed unless allowed by \u003ccode\u003eAccess-Control-Allow-Origin\u003c/code\u003e header\u003c/li\u003e\n\u003cli\u003erequests with an IP addresses in the \u003ccode\u003eOrigin\u003c/code\u003e header are not allowed to connect to WebSocket server unless configured by \u003ccode\u003eallowedHosts\u003c/code\u003e or it different from the \u003ccode\u003eHost\u003c/code\u003e header\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe above changes may make the dev server not work if you relied on such behavior, but unfortunately they carry security risks, so they were considered as fixes.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent overlay for errors caught by React error boundaries (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5431\"\u003e#5431\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/...\n\n_Description has been truncated_","html_url":"https://github.com/goodgollyholly/gutenberg/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/goodgollyholly%2Fgutenberg/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"}},{"old_version":"8.18.0","new_version":"8.20.0","update_type":"minor","path":null,"pr_created_at":"2026-06-12T21:37:22.000Z","version_change":"8.18.0 → 8.20.0","issue":{"uuid":"4652773713","node_id":"PR_kwDORhrBm87l73qJ","number":79,"state":"open","title":"deps: Bump the npm-minor-patch group across 1 directory with 37 updates","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-12T21:37:22.000Z","updated_at":"2026-06-12T21:37:23.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps: Bump","group_name":"npm-minor-patch","update_count":37,"packages":[{"name":"express-rate-limit","old_version":"8.3.2","new_version":"8.5.2","repository_url":"https://github.com/express-rate-limit/express-rate-limit"},{"name":"@vitest/coverage-v8","old_version":"4.1.4","new_version":"4.1.8","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"eslint","old_version":"10.2.1","new_version":"10.5.0","repository_url":"https://github.com/eslint/eslint"},{"name":"eslint-plugin-security","old_version":"4.0.0","new_version":"4.0.1","repository_url":"https://github.com/eslint-community/eslint-plugin-security"},{"name":"prettier","old_version":"3.8.3","new_version":"3.8.4","repository_url":"https://github.com/prettier/prettier"},{"name":"typescript-eslint","old_version":"8.58.2","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"ioredis","old_version":"5.10.1","new_version":"5.11.1","repository_url":"https://github.com/luin/ioredis"},{"name":"jose","old_version":"6.2.2","new_version":"6.2.3","repository_url":"https://github.com/panva/jose"},{"name":"helmet","old_version":"8.1.0","new_version":"8.2.0","repository_url":"https://github.com/helmetjs/helmet"},{"name":"tsx","old_version":"4.21.0","new_version":"4.22.4","repository_url":"https://github.com/privatenumber/tsx"},{"name":"@aws-sdk/client-s3","old_version":"3.1032.0","new_version":"3.1068.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@aws-sdk/s3-request-presigner","old_version":"3.1032.0","new_version":"3.1068.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@codemirror/view","old_version":"6.41.1","new_version":"6.43.1","repository_url":"https://github.com/codemirror/view"},{"name":"@tiptap/extension-code-block-lowlight","old_version":"3.22.4","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-image","old_version":"3.22.4","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-link","old_version":"3.22.4","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-placeholder","old_version":"3.22.4","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-task-item","old_version":"3.22.4","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/extension-task-list","old_version":"3.22.4","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/react","old_version":"3.22.4","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"@tiptap/starter-kit","old_version":"3.22.4","new_version":"3.26.1","repository_url":"https://github.com/ueberdosis/tiptap"},{"name":"dompurify","old_version":"3.4.0","new_version":"3.4.10","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"lucide-react","old_version":"1.8.0","new_version":"1.18.0","repository_url":"https://github.com/lucide-icons/lucide"},{"name":"next","old_version":"16.2.6","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"react","old_version":"19.2.5","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"@types/react","old_version":"19.2.14","new_version":"19.2.17","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"react-dom","old_version":"19.2.5","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"tailwind-merge","old_version":"3.5.0","new_version":"3.6.0","repository_url":"https://github.com/dcastil/tailwind-merge"},{"name":"@tailwindcss/postcss","old_version":"4.2.2","new_version":"4.3.1","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@qdrant/js-client-rest","old_version":"1.17.0","new_version":"1.18.0","repository_url":"https://github.com/qdrant/qdrant-js"},{"name":"bullmq","old_version":"5.74.1","new_version":"5.78.0","repository_url":"https://github.com/taskforcesh/bullmq"},{"name":"nodemailer","old_version":"8.0.5","new_version":"8.0.11","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"@types/nodemailer","old_version":"7.0.11","new_version":"8.0.1","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"ajv","old_version":"8.18.0","new_version":"8.20.0","repository_url":"https://github.com/ajv-validator/ajv"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm-minor-patch group with 34 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [express-rate-limit](https://github.com/express-rate-limit/express-rate-limit) | `8.3.2` | `8.5.2` |\n| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.1.4` | `4.1.8` |\n| [eslint](https://github.com/eslint/eslint) | `10.2.1` | `10.5.0` |\n| [eslint-plugin-security](https://github.com/eslint-community/eslint-plugin-security) | `4.0.0` | `4.0.1` |\n| [prettier](https://github.com/prettier/prettier) | `3.8.3` | `3.8.4` |\n| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.58.2` | `8.61.0` |\n| [ioredis](https://github.com/luin/ioredis) | `5.10.1` | `5.11.1` |\n| [jose](https://github.com/panva/jose) | `6.2.2` | `6.2.3` |\n| [helmet](https://github.com/helmetjs/helmet) | `8.1.0` | `8.2.0` |\n| [tsx](https://github.com/privatenumber/tsx) | `4.21.0` | `4.22.4` |\n| [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.1032.0` | `3.1068.0` |\n| [@aws-sdk/s3-request-presigner](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner) | `3.1032.0` | `3.1068.0` |\n| [@codemirror/view](https://github.com/codemirror/view) | `6.41.1` | `6.43.1` |\n| [@tiptap/extension-code-block-lowlight](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-code-block-lowlight) | `3.22.4` | `3.26.1` |\n| [@tiptap/extension-image](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-image) | `3.22.4` | `3.26.1` |\n| [@tiptap/extension-link](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-link) | `3.22.4` | `3.26.1` |\n| [@tiptap/extension-placeholder](https://github.com/ueberdosis/tiptap/tree/HEAD/packages-deprecated/extension-placeholder) | `3.22.4` | `3.26.1` |\n| [@tiptap/extension-task-item](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-task-item) | `3.22.4` | `3.26.1` |\n| [@tiptap/extension-task-list](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/extension-task-list) | `3.22.4` | `3.26.1` |\n| [@tiptap/react](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/react) | `3.22.4` | `3.26.1` |\n| [@tiptap/starter-kit](https://github.com/ueberdosis/tiptap/tree/HEAD/packages/starter-kit) | `3.22.4` | `3.26.1` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.4.0` | `3.4.10` |\n| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.8.0` | `1.18.0` |\n| [next](https://github.com/vercel/next.js) | `16.2.6` | `16.2.9` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.5` | `19.2.7` |\n| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.17` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.5` | `19.2.7` |\n| [tailwind-merge](https://github.com/dcastil/tailwind-merge) | `3.5.0` | `3.6.0` |\n| [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss) | `4.2.2` | `4.3.1` |\n| [@qdrant/js-client-rest](https://github.com/qdrant/qdrant-js/tree/HEAD/packages/js-client-rest) | `1.17.0` | `1.18.0` |\n| [bullmq](https://github.com/taskforcesh/bullmq) | `5.74.1` | `5.78.0` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `8.0.5` | `8.0.11` |\n| [@types/nodemailer](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/nodemailer) | `7.0.11` | `8.0.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.18.0` | `8.20.0` |\n\n\nUpdates `express-rate-limit` from 8.3.2 to 8.5.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/releases\"\u003eexpress-rate-limit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.5.2\u003c/h2\u003e\n\u003cp\u003eYou can view the changelog \u003ca href=\"https://express-rate-limit.mintlify.app/reference/changelog\"\u003ehere\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev8.5.1\u003c/h2\u003e\n\u003cp\u003eYou can view the changelog \u003ca href=\"https://express-rate-limit.mintlify.app/reference/changelog\"\u003ehere\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev8.5.0\u003c/h2\u003e\n\u003cp\u003eYou can view the changelog \u003ca href=\"https://express-rate-limit.mintlify.app/reference/changelog\"\u003ehere\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev8.4.1\u003c/h2\u003e\n\u003cp\u003eYou can view the changelog \u003ca href=\"https://express-rate-limit.mintlify.app/reference/changelog\"\u003ehere\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev8.4.0\u003c/h2\u003e\n\u003cp\u003eYou can view the changelog \u003ca href=\"https://express-rate-limit.mintlify.app/reference/changelog\"\u003ehere\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/commit/97746932253e6c734569140e71357b2633eb1912\"\u003e\u003ccode\u003e9774693\u003c/code\u003e\u003c/a\u003e 8.5.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/commit/0e94cc0176ca0e4960bd6992f1d105766fb9532c\"\u003e\u003ccode\u003e0e94cc0\u003c/code\u003e\u003c/a\u003e v8.5.2 changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/commit/9a583c566aa5aaeb8b94312e9e9dbf711f89e7b3\"\u003e\u003ccode\u003e9a583c5\u003c/code\u003e\u003c/a\u003e feat: simplify IPv6 key generation (\u003ca href=\"https://redirect.github.com/express-rate-limit/express-rate-limit/issues/633\"\u003e#633\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/commit/4f4b3fb78f96ac841a26122be1d82123271d7654\"\u003e\u003ccode\u003e4f4b3fb\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump lint-staged from 16.4.0 to 17.0.4 (\u003ca href=\"https://redirect.github.com/express-rate-limit/express-rate-limit/issues/632\"\u003e#632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/commit/3c1d6c57bddc0d7c9923611fd1ac1e17399a4865\"\u003e\u003ccode\u003e3c1d6c5\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development-dependencies group with 7 updates (\u003ca href=\"https://redirect.github.com/express-rate-limit/express-rate-limit/issues/631\"\u003e#631\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/commit/18884b671441b14dd0e9328a5ebedf51278a16c1\"\u003e\u003ccode\u003e18884b6\u003c/code\u003e\u003c/a\u003e chore(deps): bump basic-ftp from 5.2.0 to 5.3.1 (\u003ca href=\"https://redirect.github.com/express-rate-limit/express-rate-limit/issues/630\"\u003e#630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/commit/dacc9800e640b14c61cd8791ef59d75d0ac037a7\"\u003e\u003ccode\u003edacc980\u003c/code\u003e\u003c/a\u003e chore(deps): bump handlebars from 4.7.8 to 4.7.9 (\u003ca href=\"https://redirect.github.com/express-rate-limit/express-rate-limit/issues/629\"\u003e#629\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/commit/486d0c608a95f344863302bb213fb09ea9ddf5de\"\u003e\u003ccode\u003e486d0c6\u003c/code\u003e\u003c/a\u003e chore(deps): bump follow-redirects from 1.15.11 to 1.16.0 (\u003ca href=\"https://redirect.github.com/express-rate-limit/express-rate-limit/issues/627\"\u003e#627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/commit/50cc3f6345f603ac2fe4eb646edd7338b9a31fbb\"\u003e\u003ccode\u003e50cc3f6\u003c/code\u003e\u003c/a\u003e 8.5.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/commit/92c8e3efd87b9b9f89092b1f9c8c17ac134c1293\"\u003e\u003ccode\u003e92c8e3e\u003c/code\u003e\u003c/a\u003e chore: bump ip-address library to latest (\u003ca href=\"https://redirect.github.com/express-rate-limit/express-rate-limit/issues/626\"\u003e#626\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/express-rate-limit/express-rate-limit/compare/v8.3.2...v8.5.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@vitest/coverage-v8` from 4.1.4 to 4.1.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003e@​vitest/coverage-v8's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.8\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eDisable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v4]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10450\"\u003evitest-dev/vitest#10450\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b1\"\u003e\u003c!-- raw HTML omitted --\u003e(e4067)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove orphaned Playwright route when same module is mocked via multiple ids [backport to v4]  -  by \u003ca href=\"https://github.com/toxik\"\u003e\u003ccode\u003e@​toxik\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Zelys-DFKH\"\u003e\u003ccode\u003e@​Zelys-DFKH\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10474\"\u003evitest-dev/vitest#10474\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/675b4343f\"\u003e\u003c!-- raw HTML omitted --\u003e(675b4)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.7...v4.1.8\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner\u003c/strong\u003e: Limit concurrency per task branch in addition to per leaf callbacks (backport)  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10384\"\u003evitest-dev/vitest#10384\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/4f0f2a1ee\"\u003e\u003c!-- raw HTML omitted --\u003e(4f0f2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.6...v4.1.7\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Provide project reference in \u003ccode\u003eToMatchScreenshotResolvePath\u003c/code\u003e  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10138\"\u003evitest-dev/vitest#10138\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/31882607c\"\u003e\u003c!-- raw HTML omitted --\u003e(31882)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGlobal \u003ccode\u003esequence.concurrent: true\u003c/code\u003e with top-level \u003ccode\u003etest(..., { concurrent: false })\u003c/code\u003e + depreacte \u003ccode\u003esequential\u003c/code\u003e test API and options  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003eCodex\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10196\"\u003evitest-dev/vitest#10196\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/2847dfa2a\"\u003e\u003c!-- raw HTML omitted --\u003e(2847d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Simplify orchestrator otel carrier  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10285\"\u003evitest-dev/vitest#10285\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/18af98cee\"\u003e\u003c!-- raw HTML omitted --\u003e(18af9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🏎 Performance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStringify diff objects only once  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10276\"\u003evitest-dev/vitest#10276\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9f7b1528c\"\u003e\u003c!-- raw HTML omitted --\u003e(9f7b1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.5...v4.1.6\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Experimental Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Istanbul to support \u003ccode\u003einstrumenter\u003c/code\u003e option  -  by \u003ca href=\"https://github.com/BartWaardenburg\"\u003e\u003ccode\u003e@​BartWaardenburg\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10119\"\u003evitest-dev/vitest#10119\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/0e0ff41c7\"\u003e\u003c!-- raw HTML omitted --\u003e(0e0ff)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e--project negation excludes browser instances  -  by \u003ca href=\"https://github.com/felamaslen\"\u003e\u003ccode\u003e@​felamaslen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10131\"\u003evitest-dev/vitest#10131\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9423dc084\"\u003e\u003c!-- raw HTML omitted --\u003e(9423d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProject color label on html reporter  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10142\"\u003evitest-dev/vitest#10142\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/596f73986\"\u003e\u003c!-- raw HTML omitted --\u003e(596f7)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003evi.defineHelper\u003c/code\u003e called as object method  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10163\"\u003evitest-dev/vitest#10163\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/122c25b5b\"\u003e\u003c!-- raw HTML omitted --\u003e(122c2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlias \u003ccode\u003eagent\u003c/code\u003e reporter to \u003ccode\u003eminimal\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10157\"\u003evitest-dev/vitest#10157\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/663b99fe3\"\u003e\u003c!-- raw HTML omitted --\u003e(663b9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions  -  by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003esheremet-va\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedad\"\u003e\u003c!-- raw HTML omitted --\u003e(9787d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions \u0026quot;  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd\"\u003e\u003c!-- raw HTML omitted --\u003e(7dc6d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-collect\u003c/strong\u003e: Recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery  -  by \u003ca href=\"https://github.com/Yejneshwar\"\u003e\u003ccode\u003e@​Yejneshwar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10129\"\u003evitest-dev/vitest#10129\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab2\"\u003e\u003c!-- raw HTML omitted --\u003e(32546)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Descriptive error message when reports directory is removed during test run  -  by \u003ca href=\"https://github.com/DaveT1991\"\u003e\u003ccode\u003e@​DaveT1991\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10117\"\u003evitest-dev/vitest#10117\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1413382e1\"\u003e\u003c!-- raw HTML omitted --\u003e(14133)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esnapshot\u003c/strong\u003e: Increase default snapshot max output length  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10150\"\u003evitest-dev/vitest#10150\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/21e66ff63\"\u003e\u003c!-- raw HTML omitted --\u003e(21e66)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eui\u003c/strong\u003e: Fix jsx/tsx syntax highlight  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10152\"\u003evitest-dev/vitest#10152\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/f1b1f6c7b\"\u003e\u003c!-- raw HTML omitted --\u003e(f1b1f)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eweb-worker\u003c/strong\u003e: Support MessagePort objects referenced inside postMessage data  -  by \u003ca href=\"https://github.com/whitphx\"\u003e\u003ccode\u003e@​whitphx\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eClaude Opus 4.6 (1M context)\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9927\"\u003evitest-dev/vitest#9927\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10124\"\u003evitest-dev/vitest#10124\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7ad7d39af\"\u003e\u003c!-- raw HTML omitted --\u003e(7ad7d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Make test-specification options writable  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10154\"\u003evitest-dev/vitest#10154\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/6abd557b7\"\u003e\u003c!-- raw HTML omitted --\u003e(6abd5)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.4...v4.1.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e61f2dd2a0ba0a266c1c5e0334aad3799fee527f\"\u003e\u003ccode\u003ee61f2dd\u003c/code\u003e\u003c/a\u003e chore: release v4.1.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b150005fd42cf75f994300119245806b9\"\u003e\u003ccode\u003ee4067b3\u003c/code\u003e\u003c/a\u003e fix(browser): disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a09d47236e19fd3151351080c667036ca6164dc4\"\u003e\u003ccode\u003ea09d472\u003c/code\u003e\u003c/a\u003e chore: release v4.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a8fd24c1cad2320b19fcc651413c7d928423bdc1\"\u003e\u003ccode\u003ea8fd24c\u003c/code\u003e\u003c/a\u003e chore: release v4.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e399846850fedf10b8228cbe46a419628998acd9\"\u003e\u003ccode\u003ee399846\u003c/code\u003e\u003c/a\u003e chore: release v4.1.5\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/coverage-v8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eslint` from 10.2.1 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint/eslint/releases\"\u003eeslint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.5.0\u003c/h2\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/5ca8c5278edea1fd84d3ba83d8ea3f52fb3831ad\"\u003e\u003ccode\u003e5ca8c52\u003c/code\u003e\u003c/a\u003e feat: correct stack tracking in max-nested-callbacks (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20973\"\u003e#20973\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b5657837604fa5e8cf1278074782025cadd34b6c\"\u003e\u003ccode\u003eb565783\u003c/code\u003e\u003c/a\u003e feat: report no-with violations at the with keyword (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20971\"\u003e#20971\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/2ce032fbc72a1a80c024c084a4f382fb6dece684\"\u003e\u003ccode\u003e2ce032f\u003c/code\u003e\u003c/a\u003e feat: report max-lines-per-function violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20966\"\u003e#20966\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/732cb3e09d5b8b809b5f461d118a5d9fdcd6427f\"\u003e\u003ccode\u003e732cb3e\u003c/code\u003e\u003c/a\u003e feat: report max-nested-callbacks violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20967\"\u003e#20967\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f9c138a0ba7d8e37aed39aef4a3ff1cae8c669f7\"\u003e\u003ccode\u003ef9c138a\u003c/code\u003e\u003c/a\u003e feat: report max-depth violations on keywords (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20943\"\u003e#20943\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/bdb496cc0d54b6d0a023aef9abd5f040ccff2101\"\u003e\u003ccode\u003ebdb496c\u003c/code\u003e\u003c/a\u003e feat: correct max-depth handling for else-if chains (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20944\"\u003e#20944\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c29687354a7f96093f57f7d73eecb866ad5e2953\"\u003e\u003ccode\u003ec296873\u003c/code\u003e\u003c/a\u003e feat: update error loc in \u003ccode\u003emax-statements\u003c/code\u003e to function header (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20907\"\u003e#20907\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/8ae1b5b856dc031cd6c701d89a4df7da4772cd56\"\u003e\u003ccode\u003e8ae1b5b\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/ca7eb90127dcad917188bb1342623f02a272e781\"\u003e\u003ccode\u003eca7eb90\u003c/code\u003e\u003c/a\u003e docs: update Node.js prerequisites to include ICU support (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20962\"\u003e#20962\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f99b47a6799be25321552402a49303bb06a43fe4\"\u003e\u003ccode\u003ef99b47a\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/acf03d4eed31d259c7dc62af5b9640629784f7cc\"\u003e\u003ccode\u003eacf03d4\u003c/code\u003e\u003c/a\u003e docs: clarify precedence of parserOptions over languageOptions (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20926\"\u003e#20926\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b18bf58c5ac748415ffffdff2d96980fbd6a57e8\"\u003e\u003ccode\u003eb18bf58\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20959\"\u003e#20959\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c2d1444df77cb42e5a0b89ab70496879d180a54d\"\u003e\u003ccode\u003ec2d1444\u003c/code\u003e\u003c/a\u003e refactor: replace areAllSegmentsUnreachable with !isAnySegmentReachable (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20951\"\u003e#20951\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/243b8c56014bbbe63771185b0731d8dd4d1316e9\"\u003e\u003ccode\u003e243b8c5\u003c/code\u003e\u003c/a\u003e chore: enhance config-rule to support oneOf, anyOf, and nested schemas (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20788\"\u003e#20788\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/217b2a91f46137c5ffd693965e71306c4c15ea6b\"\u003e\u003ccode\u003e217b2a9\u003c/code\u003e\u003c/a\u003e test: add unit tests for ParserService (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20949\"\u003e#20949\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/72003e781d76bd4ee0d98a6601730d0b829070f9\"\u003e\u003ccode\u003e72003e7\u003c/code\u003e\u003c/a\u003e test: add location information to error messages in \u003ccode\u003emax-statements\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20945\"\u003e#20945\u003c/a\u003e) (lumir)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/7797c266977b0bc4971aa79721813d480de72cd1\"\u003e\u003ccode\u003e7797c26\u003c/code\u003e\u003c/a\u003e refactor: deduplicate isAnySegmentReachable across rules (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20890\"\u003e#20890\u003c/a\u003e) (Taejin Kim)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/67c46fa6e4f34e88cc6bc82f8a0dcc917c65d257\"\u003e\u003ccode\u003e67c46fa\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20938\"\u003e#20938\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/95d8c7a99f991abd8ab618d0ee2cbd4f58effc29\"\u003e\u003ccode\u003e95d8c7a\u003c/code\u003e\u003c/a\u003e chore: update dependency \u003ccode\u003e@​eslint/json\u003c/code\u003e to v2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20934\"\u003e#20934\u003c/a\u003e) (renovate[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/cf9e496205142cd4971b9f98aed85866d1010b9c\"\u003e\u003ccode\u003ecf9e496\u003c/code\u003e\u003c/a\u003e chore: update \u003ccode\u003e@​arethetypeswrong/cli\u003c/code\u003e to 0.18.3 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20933\"\u003e#20933\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/fb6d3960cacc51fc12383fa5ded2382adbf90c1c\"\u003e\u003ccode\u003efb6d396\u003c/code\u003e\u003c/a\u003e test: run type tests with TypeScript 7 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20868\"\u003e#20868\u003c/a\u003e) (sethamus)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev10.4.1\u003c/h2\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e557467db7496220eebcbe2ac5ea6d38c12bb1ec\"\u003e\u003ccode\u003ee557467\u003c/code\u003e\u003c/a\u003e fix: update \u003ccode\u003e@eslint/plugin-kit\u003c/code\u003e version to 0.7.2 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20930\"\u003e#20930\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/d4ce898796ca22c3b96aa70d3014cb85f4bac1cd\"\u003e\u003ccode\u003ed4ce898\u003c/code\u003e\u003c/a\u003e fix: propagate failures from delegated commands (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20917\"\u003e#20917\u003c/a\u003e) (Minh Vu)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f4f3507460bc016b5be979c05d2969793f570cbf\"\u003e\u003ccode\u003ef4f3507\u003c/code\u003e\u003c/a\u003e fix: prefer-arrow-callback invalid autofix with newline after \u003ccode\u003easync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20916\"\u003e#20916\u003c/a\u003e) (kuldeep kumar)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c5bc78b37e08b9054a11f0cc2d81808bb24acb85\"\u003e\u003ccode\u003ec5bc78b\u003c/code\u003e\u003c/a\u003e fix: false positive for reference in \u003ccode\u003efinally\u003c/code\u003e block (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20655\"\u003e#20655\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/27538c01f5df4e9306f6f4ba867b2dd6307fae59\"\u003e\u003ccode\u003e27538c0\u003c/code\u003e\u003c/a\u003e fix: add missing CodePath and CodePathSegment types (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20853\"\u003e#20853\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/61b0add61ffc52665562be7bb96f526690a78b30\"\u003e\u003ccode\u003e61b0add\u003c/code\u003e\u003c/a\u003e docs: remove deprecated rule from related rules of \u003ccode\u003emax-params\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20921\"\u003e#20921\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/305d5b91aeac24d36fde42f75625a8f183d4ce43\"\u003e\u003ccode\u003e305d5b9\u003c/code\u003e\u003c/a\u003e docs: remove deprecated rules from related rules section (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20911\"\u003e#20911\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/49b0202d01918b8061720d586dffd7c68047090c\"\u003e\u003ccode\u003e49b0202\u003c/code\u003e\u003c/a\u003e docs: fix \u003ccode\u003edisplay: none\u003c/code\u003e of ad (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20901\"\u003e#20901\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/9067f9492ec998afc5b4f057a477ecf6ebd45e44\"\u003e\u003ccode\u003e9067f94\u003c/code\u003e\u003c/a\u003e docs: switch build to Node.js 24 (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20893\"\u003e#20893\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/c91b0417e3420c76807ce1fa2aea76e2de87ab86\"\u003e\u003ccode\u003ec91b041\u003c/code\u003e\u003c/a\u003e docs: Update README (GitHub Actions Bot)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/e349265cb37f3ebc837e178e48a725bb782bd870\"\u003e\u003ccode\u003ee349265\u003c/code\u003e\u003c/a\u003e docs: clarify semver strings in rule deprecation objects (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20885\"\u003e#20885\u003c/a\u003e) (Milos Djermanovic)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b0e466b6ab47bfc7de43d8de0c315d8ee83aa584\"\u003e\u003ccode\u003eb0e466b\u003c/code\u003e\u003c/a\u003e test: add \u003ccode\u003edata\u003c/code\u003e property to invalid tests cases for rules (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20924\"\u003e#20924\u003c/a\u003e) (Tanuj Kanti)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f78838bc4c86d487e1bcc7cede260c4467721c46\"\u003e\u003ccode\u003ef78838b\u003c/code\u003e\u003c/a\u003e test: add CodePath type coverage (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20904\"\u003e#20904\u003c/a\u003e) (Pixel998)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/1daa4bd734b79a62e317d0394394a6b38cff49f9\"\u003e\u003ccode\u003e1daa4bd\u003c/code\u003e\u003c/a\u003e chore: update \u003ccode\u003eeslint-plugin-eslint-comments\u003c/code\u003e test data to latest commit (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20922\"\u003e#20922\u003c/a\u003e) (Francesco Trotta)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/002942ce988ea28b78e0a2f3b074081e638b552c\"\u003e\u003ccode\u003e002942c\u003c/code\u003e\u003c/a\u003e ci: declare contents:read on update-readme workflow (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20919\"\u003e#20919\u003c/a\u003e) (Arpit Jain)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/64bca24e7bed35bc3c864fc625cb2d89eca87d5b\"\u003e\u003ccode\u003e64bca24\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20912\"\u003e#20912\u003c/a\u003e) (ESLint Bot)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/de3b672a267e32607db04176ce4775664acb3145\"\u003e\u003ccode\u003ede3b672\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/362a5185134290db696d39f97c9da609ded54040\"\u003e\u003ccode\u003e362a518\u003c/code\u003e\u003c/a\u003e Build: changelog update for 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/5ca8c5278edea1fd84d3ba83d8ea3f52fb3831ad\"\u003e\u003ccode\u003e5ca8c52\u003c/code\u003e\u003c/a\u003e feat: correct stack tracking in max-nested-callbacks (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20973\"\u003e#20973\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b5657837604fa5e8cf1278074782025cadd34b6c\"\u003e\u003ccode\u003eb565783\u003c/code\u003e\u003c/a\u003e feat: report no-with violations at the with keyword (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20971\"\u003e#20971\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/2ce032fbc72a1a80c024c084a4f382fb6dece684\"\u003e\u003ccode\u003e2ce032f\u003c/code\u003e\u003c/a\u003e feat: report max-lines-per-function violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20966\"\u003e#20966\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/732cb3e09d5b8b809b5f461d118a5d9fdcd6427f\"\u003e\u003ccode\u003e732cb3e\u003c/code\u003e\u003c/a\u003e feat: report max-nested-callbacks violations at function head (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20967\"\u003e#20967\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/f9c138a0ba7d8e37aed39aef4a3ff1cae8c669f7\"\u003e\u003ccode\u003ef9c138a\u003c/code\u003e\u003c/a\u003e feat: report max-depth violations on keywords (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20943\"\u003e#20943\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/8ae1b5b856dc031cd6c701d89a4df7da4772cd56\"\u003e\u003ccode\u003e8ae1b5b\u003c/code\u003e\u003c/a\u003e docs: Update README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/ca7eb90127dcad917188bb1342623f02a272e781\"\u003e\u003ccode\u003eca7eb90\u003c/code\u003e\u003c/a\u003e docs: update Node.js prerequisites to include ICU support (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20962\"\u003e#20962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint/eslint/commit/b18bf58c5ac748415ffffdff2d96980fbd6a57e8\"\u003e\u003ccode\u003eb18bf58\u003c/code\u003e\u003c/a\u003e chore: update ecosystem plugins (\u003ca href=\"https://redirect.github.com/eslint/eslint/issues/20959\"\u003e#20959\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eslint/eslint/compare/v10.2.1...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eslint-plugin-security` from 4.0.0 to 4.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/releases\"\u003eeslint-plugin-security's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eeslint-plugin-security: v4.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/compare/eslint-plugin-security-v4.0.0...eslint-plugin-security-v4.0.1\"\u003e4.0.1\u003c/a\u003e (2026-06-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etreat import.meta.dirname and import.meta.filename as static (\u003ca href=\"https://redirect.github.com/eslint-community/eslint-plugin-security/issues/200\"\u003e#200\u003c/a\u003e) (\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/commit/74c97bb3326a6b4fe4718b2638bb3b0492cb90fd\"\u003e74c97bb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/blob/main/CHANGELOG.md\"\u003eeslint-plugin-security's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/compare/eslint-plugin-security-v4.0.0...eslint-plugin-security-v4.0.1\"\u003e4.0.1\u003c/a\u003e (2026-06-12)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etreat import.meta.dirname and import.meta.filename as static (\u003ca href=\"https://redirect.github.com/eslint-community/eslint-plugin-security/issues/200\"\u003e#200\u003c/a\u003e) (\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/commit/74c97bb3326a6b4fe4718b2638bb3b0492cb90fd\"\u003e74c97bb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/commit/cb8645c3150a52eb400ba08d83fb53528797b652\"\u003e\u003ccode\u003ecb8645c\u003c/code\u003e\u003c/a\u003e chore: release 4.0.1 🚀 (\u003ca href=\"https://redirect.github.com/eslint-community/eslint-plugin-security/issues/204\"\u003e#204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/commit/74c97bb3326a6b4fe4718b2638bb3b0492cb90fd\"\u003e\u003ccode\u003e74c97bb\u003c/code\u003e\u003c/a\u003e fix: treat import.meta.dirname and import.meta.filename as static (\u003ca href=\"https://redirect.github.com/eslint-community/eslint-plugin-security/issues/200\"\u003e#200\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/commit/0b45f8277b8018377c3716358faafaa70b474c2c\"\u003e\u003ccode\u003e0b45f82\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump shell-quote from 1.7.4 to 1.8.4 (\u003ca href=\"https://redirect.github.com/eslint-community/eslint-plugin-security/issues/202\"\u003e#202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/commit/954149ae507c95a1f6d61c43bfd4601143083138\"\u003e\u003ccode\u003e954149a\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump handlebars from 4.7.7 to 4.7.9 (\u003ca href=\"https://redirect.github.com/eslint-community/eslint-plugin-security/issues/198\"\u003e#198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/commit/d5012b6b10419c9a3280d094ce10aa944a2b7812\"\u003e\u003ccode\u003ed5012b6\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump picomatch from 2.3.1 to 2.3.2 (\u003ca href=\"https://redirect.github.com/eslint-community/eslint-plugin-security/issues/197\"\u003e#197\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/commit/b53d8b45ebe16c9ce778c25a8cf68a71749e0a78\"\u003e\u003ccode\u003eb53d8b4\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump flatted from 3.3.1 to 3.4.2 (\u003ca href=\"https://redirect.github.com/eslint-community/eslint-plugin-security/issues/196\"\u003e#196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/commit/7876750bfa33eb29285adb7b0af7e5c70838568e\"\u003e\u003ccode\u003e7876750\u003c/code\u003e\u003c/a\u003e chore(deps): bump minimatch (\u003ca href=\"https://redirect.github.com/eslint-community/eslint-plugin-security/issues/194\"\u003e#194\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/eslint-community/eslint-plugin-security/compare/eslint-plugin-security-v4.0.0...eslint-plugin-security-v4.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `prettier` from 3.8.3 to 3.8.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prettier/prettier/releases\"\u003eprettier's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.8.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMarkdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (\u003ca href=\"https://redirect.github.com/prettier/prettier/pull/17746\"\u003eprettier/prettier#17746\u003c/a\u003e by \u003ca href=\"https://github.com/byplayer\"\u003e\u003ccode\u003e@​byplayer\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e🔗 \u003ca href=\"https://github.com/prettier/prettier/blob/3.8.4/CHANGELOG.md#384\"\u003eChangelog\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prettier/prettier/blob/main/CHANGELOG.md\"\u003eprettier's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e3.8.4\u003c/h1\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/prettier/prettier/compare/3.8.3...3.8.4\"\u003ediff\u003c/a\u003e\u003c/p\u003e\n\u003ch4\u003eMarkdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (\u003ca href=\"https://redirect.github.com/prettier/prettier/pull/17746\"\u003e#17746\u003c/a\u003e by \u003ca href=\"https://github.com/byplayer\"\u003e\u003ccode\u003e@​byplayer\u003c/code\u003e\u003c/a\u003e)\u003c/h4\u003e\n\u003cp\u003ePrettier was removing blank lines between list items and their nested sub-lists, converting loose lists into tight lists and changing their semantic meaning.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cpre lang=\"markdown\"\u003e\u003ccode\u003e\u0026lt;!-- Input --\u0026gt;\n- a\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eb\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ec\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ed\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u0026lt;!-- Prettier 3.8.3 --\u0026gt;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ea\n\u003cul\u003e\n\u003cli\u003eb\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ec\n\u003cul\u003e\n\u003cli\u003ed\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u0026lt;!-- Prettier 3.8.4 --\u0026gt;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ea\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eb\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ec\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ed\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/1c6ba5539141552e0e8e22d401ea620d8fdff468\"\u003e\u003ccode\u003e1c6ba55\u003c/code\u003e\u003c/a\u003e Release 3.8.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/4a673dc9b59ddf7296bbab9822093d2971da84a8\"\u003e\u003ccode\u003e4a673dc\u003c/code\u003e\u003c/a\u003e Fix blank lines between list items and nested sub-lists being removed in Mark...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/074aaedbb052a288e89d15eb0a4214de37a08866\"\u003e\u003ccode\u003e074aaed\u003c/code\u003e\u003c/a\u003e Replace \u003ccode\u003emain\u003c/code\u003e branch in changelog link with tags (\u003ca href=\"https://redirect.github.com/prettier/prettier/issues/19054\"\u003e#19054\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/c22a003ae97917c5043e8685b4fdff0f93e978f9\"\u003e\u003ccode\u003ec22a003\u003c/code\u003e\u003c/a\u003e Bump Prettier dependency to 3.8.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prettier/prettier/commit/07bad1f04536e9799927007baf466e67151576f0\"\u003e\u003ccode\u003e07bad1f\u003c/code\u003e\u003c/a\u003e Clean changelog_unreleased\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/prettier/prettier/compare/3.8.3...3.8.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `typescript-eslint` from 8.58.2 to 8.61.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases\"\u003etypescript-eslint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.61.0\u003c/h2\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e change type of \u003ccode\u003eUnaryExpression.prefix\u003c/code\u003e to always \u003ccode\u003etrue\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12372\"\u003e#12372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-spec:\u003c/strong\u003e tighten types of \u003ccode\u003eArrowFunction\u003c/code\u003e, \u003ccode\u003eYieldExpression\u003c/code\u003e, \u003ccode\u003eTSTypePredicate\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12373\"\u003e#12373\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erule-schema-to-typescript-types:\u003c/strong\u003e respect ECMAScript line terminators (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12374\"\u003e#12374\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elumir\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003ev8.60.1\u003c/h2\u003e\n\u003ch2\u003e8.60.1 (2026-06-01)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eeslint-plugin:\u003c/strong\u003e respect ECMAScript line terminators in ts-comment rules (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12352\"\u003e#12352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eeslint-plugin:\u003c/strong\u003e [no-shadow] correct rule to match ESLint v10 handling (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12182\"\u003e#12182\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003elumir\u003c/li\u003e\n\u003cli\u003eNevette Bailey \u003ca href=\"https://github.com/nevette-bailey\"\u003e\u003ccode\u003e@​nevette-bailey\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.1\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003ev8.60.0\u003c/h2\u003e\n\u003ch2\u003e8.60.0 (2026-05-25)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erule-tester:\u003c/strong\u003e added updates of RuleTester from upstream (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12291\"\u003e#12291\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eplayground TS version selector is not working (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12326\"\u003e#12326\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/issues/12325\"\u003e#12325\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md\"\u003etypescript-eslint's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.61.0 (2026-06-08)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.60.1 (2026-06-01)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.1\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.60.0 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.0\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.59.4 (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript-eslint:\u003c/strong\u003e export Compatible* types from typescript-eslint to resolve pnpm TS error (\u003ca href=\"https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12340\"\u003e#12340\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKirk Waiblinger \u003ca href=\"https://github.com/kirkwaiblinger\"\u003e\u003ccode\u003e@​kirkwaiblinger\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.4\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.59.3 (2026-05-11)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.3\"\u003eGitHub Releases\u003c/a\u003e for more information.\u003c/p\u003e\n\u003cp\u003eYou can read about our \u003ca href=\"https://typescript-eslint.io/users/versioning\"\u003eversioning strategy\u003c/a\u003e and \u003ca href=\"https://typescript-eslint.io/users/releases\"\u003ereleases\u003c/a\u003e on our website.\u003c/p\u003e\n\u003ch2\u003e8.59.2 (2026-05-04)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for typescript-eslint to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/16a5b247affc32af21b695cf96dfd75d7ded50a3\"\u003e\u003ccode\u003e16a5b24\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.61.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/4f84a697aedc436559c3ae09b5b357d98b448d68\"\u003e\u003ccode\u003e4f84a69\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.60.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/1849b530c254fb4f89d7270160f3a998e4acd964\"\u003e\u003ccode\u003e1849b53\u003c/code\u003e\u003c/a\u003e chore: typecheck using tsgo (\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/12139\"\u003e#12139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/f891c29de5f3e23f3d8c59cc599d3196e54e9b58\"\u003e\u003ccode\u003ef891c29\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.60.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/ca6ca1431b6d18235297a7e29feb5d98f012dff2\"\u003e\u003ccode\u003eca6ca14\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/4b927c607755b2648d5854b9e928c1dbb2b8e088\"\u003e\u003ccode\u003e4b927c6\u003c/code\u003e\u003c/a\u003e fix(typescript-eslint): export Compatible* types from typescript-eslint to re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/48e13c0261e3cb1bf4f4dfaa462cdb3a56ef7383\"\u003e\u003ccode\u003e48e13c0\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/44f9625336841a8ee3eb01a9e02e49b1d7b12648\"\u003e\u003ccode\u003e44f9625\u003c/code\u003e\u003c/a\u003e chore(deps): update vitest monorepo to v4.1.5 (\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/12307\"\u003e#12307\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/2ec35f1760aade4df4c631d76d78c7ed5e136333\"\u003e\u003ccode\u003e2ec35f1\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commit/52457932e5507b5ca01e720a541f3f8d01e09b9d\"\u003e\u003ccode\u003e5245793\u003c/code\u003e\u003c/a\u003e chore(release): publish 8.59.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/typescript-eslint/typescript-eslint/commits/v8.61.0/packages/typescript-eslint\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 4.1.4 to 4.1.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.8\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eDisable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v4]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10450\"\u003evitest-dev/vitest#10450\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b1\"\u003e\u003c!-- raw HTML omitted --\u003e(e4067)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove orphaned Playwright route when same module is mocked via multiple ids [backport to v4]  -  by \u003ca href=\"https://github.com/toxik\"\u003e\u003ccode\u003e@​toxik\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Zelys-DFKH\"\u003e\u003ccode\u003e@​Zelys-DFKH\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10474\"\u003evitest-dev/vitest#10474\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/675b4343f\"\u003e\u003c!-- raw HTML omitted --\u003e(675b4)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.7...v4.1.8\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner\u003c/strong\u003e: Limit concurrency per task branch in addition to per leaf callbacks (backport)  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10384\"\u003evitest-dev/vitest#10384\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/4f0f2a1ee\"\u003e\u003c!-- raw HTML omitted --\u003e(4f0f2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.6...v4.1.7\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Provide project reference in \u003ccode\u003eToMatchScreenshotResolvePath\u003c/code\u003e  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10138\"\u003evitest-dev/vitest#10138\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/31882607c\"\u003e\u003c!-- raw HTML omitted --\u003e(31882)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGlobal \u003ccode\u003esequence.concurrent: true\u003c/code\u003e with top-level \u003ccode\u003etest(..., { concurrent: false })\u003c/code\u003e + depreacte \u003ccode\u003esequential\u003c/code\u003e test API and options  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003eCodex\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10196\"\u003evitest-dev/vitest#10196\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/2847dfa2a\"\u003e\u003c!-- raw HTML omitted --\u003e(2847d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Simplify orchestrator otel carrier  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10285\"\u003evitest-dev/vitest#10285\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/18af98cee\"\u003e\u003c!-- raw HTML omitted --\u003e(18af9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🏎 Performance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStringify diff objects only once  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10276\"\u003evitest-dev/vitest#10276\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9f7b1528c\"\u003e\u003c!-- raw HTML omitted --\u003e(9f7b1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.5...v4.1.6\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Experimental Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Istanbul to support \u003ccode\u003einstrumenter\u003c/code\u003e option  -  by \u003ca href=\"https://github.com/BartWaardenburg\"\u003e\u003ccode\u003e@​BartWaardenburg\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10119\"\u003evitest-dev/vitest#10119\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/0e0ff41c7\"\u003e\u003c!-- raw HTML omitted --\u003e(0e0ff)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e--project negation excludes browser instances  -  by \u003ca href=\"https://github.com/felamaslen\"\u003e\u003ccode\u003e@​felamaslen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10131\"\u003evitest-dev/vitest#10131\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9423dc084\"\u003e\u003c!-- raw HTML omitted --\u003e(9423d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProject color label on html reporter  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10142\"\u003evitest-dev/vitest#10142\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/596f73986\"\u003e\u003c!-- raw HTML omitted --\u003e(596f7)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003evi.defineHelper\u003c/code\u003e called as object method  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10163\"\u003evitest-dev/vitest#10163\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/122c25b5b\"\u003e\u003c!-- raw HTML omitted --\u003e(122c2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlias \u003ccode\u003eagent\u003c/code\u003e reporter to \u003ccode\u003eminimal\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10157\"\u003evitest-dev/vitest#10157\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/663b99fe3\"\u003e\u003c!-- raw HTML omitted --\u003e(663b9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions  -  by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003esheremet-va\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedad\"\u003e\u003c!-- raw HTML omitted --\u003e(9787d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions \u0026quot;  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd\"\u003e\u003c!-- raw HTML omitted --\u003e(7dc6d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-collect\u003c/strong\u003e: Recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery  -  by \u003ca href=\"https://github.com/Yejneshwar\"\u003e\u003ccode\u003e@​Yejneshwar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10129\"\u003evitest-dev/vitest#10129\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab2\"\u003e\u003c!-- raw HTML omitted --\u003e(32546)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Descriptive error message when reports directory is removed during test run  -  by \u003ca href=\"https://github.com/DaveT1991\"\u003e\u003ccode\u003e@​DaveT1991\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10117\"\u003evitest-dev/vitest#10117\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1413382e1\"\u003e\u003c!-- raw HTML omitted --\u003e(14133)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esnapshot\u003c/strong\u003e: Increase default snapshot max output length  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10150\"\u003evitest-dev/vitest#10150\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/21e66ff63\"\u003e\u003c!-- raw HTML omitted --\u003e(21e66)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eui\u003c/strong\u003e: Fix jsx/tsx syntax highlight  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10152\"\u003evitest-dev/vitest#10152\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/f1b1f6c7b\"\u003e\u003c!-- raw HTML omitted --\u003e(f1b1f)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eweb-worker\u003c/strong\u003e: Support MessagePort objects referenced inside postMessage data  -  by \u003ca href=\"https://github.com/whitphx\"\u003e\u003ccode\u003e@​whitphx\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eClaude Opus 4.6 (1M context)\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9927\"\u003evitest-dev/vitest#9927\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10124\"\u003evitest-dev/vitest#10124\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7ad7d39af\"\u003e\u003c!-- raw HTML omitted --\u003e(7ad7d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Make test-specification options writable  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10154\"\u003evitest-dev/vitest#10154\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/6abd557b7\"\u003e\u003c!-- raw HTML omitted --\u003e(6abd5)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.4...v4.1.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e61f2dd2a0ba0a266c1c5e0334aad3799fee527f\"\u003e\u003ccode\u003ee61f2dd\u003c/code\u003e\u003c/a\u003e chore: release v4.1.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b150005fd42cf75f994300119245806b9\"\u003e\u003ccode\u003ee4067b3\u003c/code\u003e\u003c/a\u003e fix(browser): disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a09d47236e19fd3151351080c667036ca6164dc4\"\u003e\u003ccode\u003ea09d472\u003c/code\u003e\u003c/a\u003e chore: release v4.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a8fd24c1cad2320b19fcc651413c7d928423bdc1\"\u003e\u003ccode\u003ea8fd24c\u003c/code\u003e\u003c/a\u003e chore: release v4.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/18af98cee1830604d57f6a02bf28f8067cdffc06\"\u003e\u003ccode\u003e18af98c\u003c/code\u003e\u003c/a\u003e fix(browser): simplify orchestrator otel carrier (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10285\"\u003e#10285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/31882607cc67c7bf52ead13a606321ffdb06a857\"\u003e\u003ccode\u003e3188260\u003c/code\u003e\u003c/a\u003e feat(browser): provide project reference in \u003ccode\u003eToMatchScreenshotResolvePath\u003c/code\u003e (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e399846850fedf10b8228cbe46a419628998acd9\"\u003e\u003ccode\u003ee399846\u003c/code\u003e\u003c/a\u003e chore: release v4.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd9dda0fe6fee2fb6451d0611a9ecb6e7\"\u003e\u003ccode\u003e7dc6d54\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;fix: respect diff config options in soft assertions (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696\"\u003e#8696\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedade9896a6d3eeed7739177d6c583a68a7\"\u003e\u003ccode\u003e9787ded\u003c/code\u003e\u003c/a\u003e fix: respect diff config options in soft assertions (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696\"\u003e#8696\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab292c45c3ef27aa21ec7da380c307052c\"\u003e\u003ccode\u003e325463a\u003c/code\u003e\u003c/a\u003e fix(ast-collect): recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ioredis` from 5.10.1 to 5.11.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/luin/ioredis/releases\"\u003eioredis's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.11.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/luin/ioredis/compare/v5.11.0...v5.11.1\"\u003e5.11.1\u003c/a\u003e (2026-06-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecluster:\u003c/strong\u003e reconnect to nodes that restart without slot changes (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2096\"\u003e#2096\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/c84b2ee97fd7b25d8f6ef8b509c228a602f47cca\"\u003ec84b2ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eparse protocol-relative Redis URLs as TCP connections (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2125\"\u003e#2125\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/131ee24173380b986e62ecc428ddde82be12bc40\"\u003e131ee24\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.11.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/luin/ioredis/compare/v5.10.1...v5.11.0\"\u003e5.11.0\u003c/a\u003e (2026-05-26)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent RangeError from string accumulation in pipeline (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2088\"\u003e#2088\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/defc07716a9ef10c2077ec4e23ea48cb9ea731fc\"\u003edefc077\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ereplace deprecated url.parse() with WHATWG URL API (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2081\"\u003e#2081\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/0021a4590e286aabbf27f4e2fc18f9d2de829ef0\"\u003e0021a45\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/redis/ioredis/issues/1747\"\u003eredis/ioredis#1747\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd array commands, typings and tests (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2114\"\u003e#2114\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/baf68d6d89553672cfac3e08543467b910b561c5\"\u003ebaf68d6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd increx command (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2115\"\u003e#2115\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/37d0695b212d865ef24132acff85420ae51dde50\"\u003e37d0695\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd Redis MSETEX support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2111\"\u003e#2111\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/04a4615e8e96b9c58d017e360b5eaafede8973d0\"\u003e04a4615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd typed GCRA command support and functional tests (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2094\"\u003e#2094\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/468a8023cd2c8f342ec7c55a01bf0c8d17e4b877\"\u003e468a802\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd vector set command support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2116\"\u003e#2116\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/b7b3defbd119d07fb86d071d5eefc255db4920c2\"\u003eb7b3def\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd xnack command (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2103\"\u003e#2103\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/187d29b45000ee46a4baa8ce91eacfa04675aee8\"\u003e187d29b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd zinter zunion count (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2104\"\u003e#2104\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/0d510bbc1cfc8b01d862b76c408f6687f6e77809\"\u003e0d510bb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImplement \u003ccode\u003eTracingChannel\u003c/code\u003e support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2089\"\u003e#2089\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/4760e0a19c194f29f4feb703003dcf046e4509cd\"\u003e4760e0a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/redis/ioredis/blob/main/CHANGELOG.md\"\u003eioredis's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/luin/ioredis/compare/v5.11.0...v5.11.1\"\u003e5.11.1\u003c/a\u003e (2026-06-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecluster:\u003c/strong\u003e reconnect to nodes that restart without slot changes (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2096\"\u003e#2096\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/c84b2ee97fd7b25d8f6ef8b509c228a602f47cca\"\u003ec84b2ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eparse protocol-relative Redis URLs as TCP connections (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2125\"\u003e#2125\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/131ee24173380b986e62ecc428ddde82be12bc40\"\u003e131ee24\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/luin/ioredis/compare/v5.10.1...v5.11.0\"\u003e5.11.0\u003c/a\u003e (2026-05-26)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent RangeError from string accumulation in pipeline (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2088\"\u003e#2088\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/defc07716a9ef10c2077ec4e23ea48cb9ea731fc\"\u003edefc077\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ereplace deprecated url.parse() with WHATWG URL API (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2081\"\u003e#2081\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/0021a4590e286aabbf27f4e2fc18f9d2de829ef0\"\u003e0021a45\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/redis/ioredis/issues/1747\"\u003eredis/ioredis#1747\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd array commands, typings and tests (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2114\"\u003e#2114\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/baf68d6d89553672cfac3e08543467b910b561c5\"\u003ebaf68d6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd increx command (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2115\"\u003e#2115\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/37d0695b212d865ef24132acff85420ae51dde50\"\u003e37d0695\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd Redis MSETEX support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2111\"\u003e#2111\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/04a4615e8e96b9c58d017e360b5eaafede8973d0\"\u003e04a4615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd typed GCRA command support and functional tests (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2094\"\u003e#2094\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/468a8023cd2c8f342ec7c55a01bf0c8d17e4b877\"\u003e468a802\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd vector set command support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2116\"\u003e#2116\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/b7b3defbd119d07fb86d071d5eefc255db4920c2\"\u003eb7b3def\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd xnack command (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2103\"\u003e#2103\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/187d29b45000ee46a4baa8ce91eacfa04675aee8\"\u003e187d29b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd zinter zunion count (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2104\"\u003e#2104\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/0d510bbc1cfc8b01d862b76c408f6687f6e77809\"\u003e0d510bb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImplement \u003ccode\u003eTracingChannel\u003c/code\u003e support (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2089\"\u003e#2089\u003c/a\u003e) (\u003ca href=\"https://github.com/luin/ioredis/commit/4760e0a19c194f29f4feb703003dcf046e4509cd\"\u003e4760e0a\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/fb224a7609b6d25959e06e31fdab2460d1f75691\"\u003e\u003ccode\u003efb224a7\u003c/code\u003e\u003c/a\u003e chore(release): 5.11.1 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/131ee24173380b986e62ecc428ddde82be12bc40\"\u003e\u003ccode\u003e131ee24\u003c/code\u003e\u003c/a\u003e fix: parse protocol-relative Redis URLs as TCP connections (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2125\"\u003e#2125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/c84b2ee97fd7b25d8f6ef8b509c228a602f47cca\"\u003e\u003ccode\u003ec84b2ee\u003c/code\u003e\u003c/a\u003e fix(cluster): reconnect to nodes that restart without slot changes (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2096\"\u003e#2096\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/14904327fc212d1f592172d776ebe45178fb7ee7\"\u003e\u003ccode\u003e1490432\u003c/code\u003e\u003c/a\u003e chore(release): 5.11.0 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/5359d4d090c17f2ca1e86d92b139cd935ba4643d\"\u003e\u003ccode\u003e5359d4d\u003c/code\u003e\u003c/a\u003e refactor(utils): inline defaults and isArguments helpers (\u003ca href=\"https://redirect.github.com/luin/ioredis/issues/2107\"\u003e#2107\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/redis/ioredis/commit/b...\n\n_Description has been truncated_","html_url":"https://github.com/xaverric/atlas-lab/pull/79","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/xaverric%2Fatlas-lab/issues/79","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/79/packages"}},{"old_version":"6.12.6","new_version":"6.15.0","update_type":"minor","path":"/panel","pr_created_at":"2026-06-12T00:20:25.000Z","version_change":"6.12.6 → 6.15.0","issue":{"uuid":"4645178374","node_id":"PR_kwDOQlGdBs7ljOgl","number":118,"state":"closed","title":"chore(deps): bump the dependencies group in /panel with 215 updates","user":"dependabot[bot]","labels":["dependencies","area: panel","javascript"],"assignees":[],"locked":true,"comments_count":2,"pull_request":true,"closed_at":"2026-06-15T00:41:33.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-12T00:20:25.000Z","updated_at":"2026-06-15T00:41:43.000Z","time_to_close":260468,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"dependencies","update_count":215,"packages":[{"name":"@hookform/resolvers","old_version":"5.2.2","new_version":"5.4.0","repository_url":"https://github.com/react-hook-form/resolvers"},{"name":"@radix-ui/react-alert-dialog","old_version":"1.1.15","new_version":"1.1.16","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-avatar","old_version":"1.1.11","new_version":"1.1.12","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-checkbox","old_version":"1.3.3","new_version":"1.3.4","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-collapsible","old_version":"1.1.12","new_version":"1.1.13","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-dialog","old_version":"1.1.15","new_version":"1.1.16","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-dropdown-menu","old_version":"2.1.16","new_version":"2.1.17","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-label","old_version":"2.1.8","new_version":"2.1.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-popover","old_version":"1.1.15","new_version":"1.1.16","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-progress","old_version":"1.1.8","new_version":"1.1.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-scroll-area","old_version":"1.2.10","new_version":"1.2.11","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-select","old_version":"2.2.6","new_version":"2.3.0","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-separator","old_version":"1.1.8","new_version":"1.1.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-slot","old_version":"1.2.4","new_version":"1.2.5","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-switch","old_version":"1.2.6","new_version":"1.3.0","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-tabs","old_version":"1.1.13","new_version":"1.1.14","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-tooltip","old_version":"1.2.8","new_version":"1.2.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@tailwindcss/typography","old_version":"0.5.19","new_version":"0.5.20","repository_url":"https://github.com/tailwindlabs/tailwindcss-typography"},{"name":"@tanstack/react-query","old_version":"5.90.16","new_version":"5.101.0","repository_url":"https://github.com/TanStack/query"},{"name":"axios","old_version":"1.13.2","new_version":"1.17.0","repository_url":"https://github.com/axios/axios"},{"name":"date-fns","old_version":"4.1.0","new_version":"4.4.0","repository_url":"https://github.com/date-fns/date-fns"},{"name":"lucide-react","old_version":"0.562.0","new_version":"1.17.0","repository_url":"https://github.com/lucide-icons/lucide"},{"name":"next","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"react","old_version":"19.2.3","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"@types/react","old_version":"19.2.8","new_version":"19.2.17","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"react-dom","old_version":"19.2.3","new_version":"19.2.7","repository_url":"https://github.com/facebook/react"},{"name":"react-hook-form","old_version":"7.71.0","new_version":"7.78.0","repository_url":"https://github.com/react-hook-form/react-hook-form"},{"name":"tailwind-merge","old_version":"3.4.0","new_version":"3.6.0","repository_url":"https://github.com/dcastil/tailwind-merge"},{"name":"zod","old_version":"4.3.5","new_version":"4.4.3","repository_url":"https://github.com/colinhacks/zod"},{"name":"zustand","old_version":"5.0.10","new_version":"5.0.14","repository_url":"https://github.com/pmndrs/zustand"},{"name":"@tailwindcss/postcss","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tanstack/react-query-devtools","old_version":"5.91.2","new_version":"5.101.0","repository_url":"https://github.com/TanStack/query"},{"name":"@types/node","old_version":"25.0.8","new_version":"25.9.3","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"eslint","old_version":"9.39.2","new_version":"10.4.1","repository_url":"https://github.com/eslint/eslint"},{"name":"eslint-config-next","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"tailwindcss","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"typescript","old_version":"5.9.3","new_version":"6.0.3","repository_url":"https://github.com/microsoft/TypeScript"},{"name":"@babel/code-frame","old_version":"7.27.1","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/compat-data","old_version":"7.28.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/core","old_version":"7.28.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/generator","old_version":"7.28.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/helper-compilation-targets","old_version":"7.27.2","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/helper-globals","old_version":"7.28.0","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/helper-module-imports","old_version":"7.27.1","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/helper-module-transforms","old_version":"7.28.3","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/helper-string-parser","old_version":"7.27.1","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/helper-validator-identifier","old_version":"7.28.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/helper-validator-option","old_version":"7.27.1","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/helpers","old_version":"7.28.4","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/parser","old_version":"7.28.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/template","old_version":"7.27.2","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/traverse","old_version":"7.28.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/types","old_version":"7.28.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@emnapi/core","old_version":"1.7.1","new_version":"1.10.0","repository_url":"https://github.com/toyobayashi/emnapi"},{"name":"@emnapi/runtime","old_version":"1.7.1","new_version":"1.10.0","repository_url":"https://github.com/toyobayashi/emnapi"},{"name":"@emnapi/wasi-threads","old_version":"1.1.0","new_version":"1.2.1","repository_url":"https://github.com/toyobayashi/emnapi"},{"name":"@eslint-community/eslint-utils","old_version":"4.9.0","new_version":"4.9.1","repository_url":"https://github.com/eslint-community/eslint-utils"},{"name":"@eslint/config-array","old_version":"0.21.1","new_version":"0.23.5","repository_url":"https://github.com/eslint/rewrite"},{"name":"@eslint/config-helpers","old_version":"0.4.2","new_version":"0.6.0","repository_url":"https://github.com/eslint/rewrite"},{"name":"@eslint/core","old_version":"0.17.0","new_version":"1.2.1","repository_url":"https://github.com/eslint/rewrite"},{"name":"@eslint/object-schema","old_version":"2.1.7","new_version":"3.0.5","repository_url":"https://github.com/eslint/rewrite"},{"name":"@eslint/plugin-kit","old_version":"0.4.1","new_version":"0.7.2","repository_url":"https://github.com/eslint/rewrite"},{"name":"@floating-ui/core","old_version":"1.7.3","new_version":"1.7.5","repository_url":"https://github.com/floating-ui/floating-ui"},{"name":"@floating-ui/dom","old_version":"1.7.4","new_version":"1.7.6","repository_url":"https://github.com/floating-ui/floating-ui"},{"name":"@floating-ui/react-dom","old_version":"2.1.6","new_version":"2.1.8","repository_url":"https://github.com/floating-ui/floating-ui"},{"name":"@floating-ui/utils","old_version":"0.2.10","new_version":"0.2.11","repository_url":"https://github.com/floating-ui/floating-ui"},{"name":"@humanfs/core","old_version":"0.19.1","new_version":"0.19.2","repository_url":"https://github.com/humanwhocodes/humanfs"},{"name":"@humanfs/node","old_version":"0.16.7","new_version":"0.16.8","repository_url":"https://github.com/humanwhocodes/humanfs"},{"name":"@img/colour","old_version":"1.0.0","new_version":"1.1.0","repository_url":"https://github.com/lovell/colour"},{"name":"@napi-rs/wasm-runtime","old_version":"0.2.12","new_version":"1.1.5","repository_url":"https://github.com/napi-rs/napi-rs"},{"name":"@next/env","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"@next/eslint-plugin-next","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"@next/swc-darwin-arm64","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"@next/swc-darwin-x64","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"@next/swc-linux-arm64-gnu","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"@next/swc-linux-arm64-musl","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"@next/swc-linux-x64-gnu","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"@next/swc-linux-x64-musl","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"@next/swc-win32-arm64-msvc","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"@next/swc-win32-x64-msvc","old_version":"16.1.1","new_version":"16.2.9","repository_url":"https://github.com/vercel/next.js"},{"name":"@radix-ui/number","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/primitive","old_version":"1.1.3","new_version":"1.1.4","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-arrow","old_version":"1.1.7","new_version":"1.1.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-collection","old_version":"1.1.7","new_version":"1.1.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-compose-refs","old_version":"1.1.2","new_version":"1.1.3","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-context","old_version":"1.1.2","new_version":"1.1.4","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-direction","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-dismissable-layer","old_version":"1.1.11","new_version":"1.1.12","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-focus-guards","old_version":"1.1.3","new_version":"1.1.4","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-focus-scope","old_version":"1.1.7","new_version":"1.1.9","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-id","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-menu","old_version":"2.1.16","new_version":"2.1.17","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-popper","old_version":"1.2.8","new_version":"1.3.0","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-portal","old_version":"1.1.9","new_version":"1.1.11","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-presence","old_version":"1.1.5","new_version":"1.1.6","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-primitive","old_version":"2.1.3","new_version":"2.1.5","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-roving-focus","old_version":"1.1.11","new_version":"1.1.12","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-use-callback-ref","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-use-controllable-state","old_version":"1.2.2","new_version":"1.2.3","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-use-effect-event","old_version":"0.0.2","new_version":"0.0.3","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-use-escape-keydown","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-use-is-hydrated","old_version":"0.1.0","new_version":"0.1.1","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-use-layout-effect","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-use-previous","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-use-rect","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-use-size","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/react-visually-hidden","old_version":"1.2.3","new_version":"1.2.5","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@radix-ui/rect","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/radix-ui/primitives"},{"name":"@tailwindcss/node","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-android-arm64","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-darwin-arm64","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-darwin-x64","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-freebsd-x64","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-linux-arm-gnueabihf","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-linux-arm64-gnu","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-linux-arm64-musl","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-linux-x64-gnu","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-linux-x64-musl","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-wasm32-wasi","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-win32-arm64-msvc","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide-win32-x64-msvc","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tailwindcss/oxide","old_version":"4.1.18","new_version":"4.3.0","repository_url":"https://github.com/tailwindlabs/tailwindcss"},{"name":"@tanstack/query-core","old_version":"5.90.16","new_version":"5.101.0","repository_url":"https://github.com/TanStack/query"},{"name":"@tanstack/query-devtools","old_version":"5.92.0","new_version":"5.101.0","repository_url":"https://github.com/TanStack/query"},{"name":"@tybys/wasm-util","old_version":"0.10.1","new_version":"0.10.2","repository_url":"https://github.com/toyobayashi/wasm-util"},{"name":"@types/estree","old_version":"1.0.8","new_version":"1.0.9","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"@typescript-eslint/eslint-plugin","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/parser","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/project-service","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/scope-manager","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/tsconfig-utils","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/type-utils","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/types","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/typescript-estree","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/utils","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@typescript-eslint/visitor-keys","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"@unrs/resolver-binding-android-arm-eabi","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-android-arm64","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-darwin-arm64","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-darwin-x64","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-freebsd-x64","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-linux-arm-gnueabihf","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-linux-arm-musleabihf","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-linux-arm64-gnu","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-linux-arm64-musl","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-linux-ppc64-gnu","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-linux-riscv64-gnu","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-linux-riscv64-musl","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-linux-s390x-gnu","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-linux-x64-gnu","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-linux-x64-musl","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-wasm32-wasi","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-win32-arm64-msvc","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-win32-ia32-msvc","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"@unrs/resolver-binding-win32-x64-msvc","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"acorn","old_version":"8.15.0","new_version":"8.17.0","repository_url":"https://github.com/acornjs/acorn"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"axe-core","old_version":"4.11.0","new_version":"4.12.1","repository_url":"https://github.com/dequelabs/axe-core"},{"name":"baseline-browser-mapping","old_version":"2.9.7","new_version":"2.10.36","repository_url":"https://github.com/web-platform-dx/baseline-browser-mapping"},{"name":"brace-expansion","old_version":"1.1.12","new_version":"1.1.15","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"browserslist","old_version":"4.28.1","new_version":"4.28.2","repository_url":"https://github.com/browserslist/browserslist"},{"name":"call-bind","old_version":"1.0.8","new_version":"1.0.9","repository_url":"https://github.com/ljharb/call-bind"},{"name":"caniuse-lite","old_version":"1.0.30001760","new_version":"1.0.30001799","repository_url":"https://github.com/browserslist/caniuse-lite"},{"name":"electron-to-chromium","old_version":"1.5.267","new_version":"1.5.371","repository_url":"https://github.com/Kilian/electron-to-chromium"},{"name":"enhanced-resolve","old_version":"5.18.4","new_version":"5.24.0","repository_url":"https://github.com/webpack/enhanced-resolve"},{"name":"es-abstract","old_version":"1.24.1","new_version":"1.24.2","repository_url":"https://github.com/ljharb/es-abstract"},{"name":"es-iterator-helpers","old_version":"1.2.2","new_version":"1.3.3","repository_url":"https://github.com/es-shims/iterator-helpers"},{"name":"es-object-atoms","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/ljharb/es-object-atoms"},{"name":"eslint-import-resolver-node","old_version":"0.3.9","new_version":"0.3.10","repository_url":"https://github.com/import-js/eslint-plugin-import"},{"name":"eslint-module-utils","old_version":"2.12.1","new_version":"2.13.0","repository_url":"https://github.com/import-js/eslint-plugin-import"},{"name":"eslint-plugin-react-hooks","old_version":"7.0.1","new_version":"7.1.1","repository_url":"https://github.com/facebook/react"},{"name":"eslint-scope","old_version":"8.4.0","new_version":"9.1.2","repository_url":"https://github.com/eslint/js"},{"name":"espree","old_version":"10.4.0","new_version":"11.2.0","repository_url":"https://github.com/eslint/js"},{"name":"esquery","old_version":"1.6.0","new_version":"1.7.0","repository_url":"https://github.com/estools/esquery"},{"name":"fastq","old_version":"1.19.1","new_version":"1.20.1","repository_url":"https://github.com/mcollina/fastq"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.15.11","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"function.prototype.name","old_version":"1.1.8","new_version":"1.2.0","repository_url":"https://github.com/es-shims/Function.prototype.name"},{"name":"get-tsconfig","old_version":"4.13.0","new_version":"4.14.0","repository_url":"https://github.com/privatenumber/get-tsconfig"},{"name":"globals","old_version":"14.0.0","new_version":"16.4.0","repository_url":"https://github.com/sindresorhus/globals"},{"name":"hasown","old_version":"2.0.2","new_version":"2.0.4","repository_url":"https://github.com/inspect-js/hasOwn"},{"name":"is-core-module","old_version":"2.16.1","new_version":"2.16.2","repository_url":"https://github.com/inspect-js/is-core-module"},{"name":"jiti","old_version":"2.6.1","new_version":"2.7.0","repository_url":"https://github.com/unjs/jiti"},{"name":"lightningcss-android-arm64","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss-darwin-arm64","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss-darwin-x64","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss-freebsd-x64","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss-linux-arm-gnueabihf","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss-linux-arm64-gnu","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss-linux-arm64-musl","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss-linux-x64-gnu","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss-linux-x64-musl","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss-win32-arm64-msvc","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss-win32-x64-msvc","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"lightningcss","old_version":"1.30.2","new_version":"1.32.0","repository_url":"https://github.com/parcel-bundler/lightningcss"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"nanoid","old_version":"3.3.11","new_version":"3.3.12","repository_url":"https://github.com/ai/nanoid"},{"name":"node-releases","old_version":"2.0.27","new_version":"2.0.47","repository_url":"https://github.com/chicoxyzzy/node-releases"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"proxy-from-env","old_version":"1.1.0","new_version":"2.1.0","repository_url":"https://github.com/Rob--W/proxy-from-env"},{"name":"resolve","old_version":"1.22.11","new_version":"2.0.0-next.7","repository_url":"https://github.com/browserify/resolve"},{"name":"safe-array-concat","old_version":"1.1.3","new_version":"1.1.4","repository_url":"https://github.com/ljharb/safe-array-concat"},{"name":"side-channel-list","old_version":"1.0.0","new_version":"1.0.1","repository_url":"https://github.com/ljharb/side-channel-list"},{"name":"side-channel","old_version":"1.1.0","new_version":"1.1.1","repository_url":"https://github.com/ljharb/side-channel"},{"name":"string.prototype.trim","old_version":"1.2.10","new_version":"1.2.11","repository_url":"https://github.com/es-shims/String.prototype.trim"},{"name":"string.prototype.trimend","old_version":"1.0.9","new_version":"1.0.10","repository_url":"https://github.com/es-shims/String.prototype.trimEnd"},{"name":"tapable","old_version":"2.3.0","new_version":"2.3.3","repository_url":"https://github.com/webpack/tapable"},{"name":"tinyglobby","old_version":"0.2.15","new_version":"0.2.17","repository_url":"https://github.com/SuperchupuDev/tinyglobby"},{"name":"ts-api-utils","old_version":"2.1.0","new_version":"2.5.0","repository_url":"https://github.com/JoshuaKGoldberg/ts-api-utils"},{"name":"typed-array-length","old_version":"1.0.7","new_version":"1.0.8","repository_url":"https://github.com/inspect-js/typed-array-length"},{"name":"typescript-eslint","old_version":"8.49.0","new_version":"8.61.0","repository_url":"https://github.com/typescript-eslint/typescript-eslint"},{"name":"undici-types","old_version":"7.16.0","new_version":"7.24.6","repository_url":"https://github.com/nodejs/undici"},{"name":"unrs-resolver","old_version":"1.11.1","new_version":"1.12.2","repository_url":"https://github.com/unrs/unrs-resolver"},{"name":"update-browserslist-db","old_version":"1.2.2","new_version":"1.2.3","repository_url":"https://github.com/browserslist/update-db"},{"name":"which-typed-array","old_version":"1.1.19","new_version":"1.1.22","repository_url":"https://github.com/inspect-js/which-typed-array"}],"path":"/panel","ecosystem":"npm"},"body":"Bumps the dependencies group in /panel with 215 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@hookform/resolvers](https://github.com/react-hook-form/resolvers) | `5.2.2` | `5.4.0` |\n| [@radix-ui/react-alert-dialog](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/alert-dialog) | `1.1.15` | `1.1.16` |\n| [@radix-ui/react-avatar](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/avatar) | `1.1.11` | `1.1.12` |\n| [@radix-ui/react-checkbox](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/checkbox) | `1.3.3` | `1.3.4` |\n| [@radix-ui/react-collapsible](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/collapsible) | `1.1.12` | `1.1.13` |\n| [@radix-ui/react-dialog](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dialog) | `1.1.15` | `1.1.16` |\n| [@radix-ui/react-dropdown-menu](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dropdown-menu) | `2.1.16` | `2.1.17` |\n| [@radix-ui/react-label](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/label) | `2.1.8` | `2.1.9` |\n| [@radix-ui/react-popover](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/popover) | `1.1.15` | `1.1.16` |\n| [@radix-ui/react-progress](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/progress) | `1.1.8` | `1.1.9` |\n| [@radix-ui/react-scroll-area](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/scroll-area) | `1.2.10` | `1.2.11` |\n| [@radix-ui/react-select](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/select) | `2.2.6` | `2.3.0` |\n| [@radix-ui/react-separator](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/separator) | `1.1.8` | `1.1.9` |\n| [@radix-ui/react-slot](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/slot) | `1.2.4` | `1.2.5` |\n| [@radix-ui/react-switch](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/switch) | `1.2.6` | `1.3.0` |\n| [@radix-ui/react-tabs](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/tabs) | `1.1.13` | `1.1.14` |\n| [@radix-ui/react-tooltip](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/tooltip) | `1.2.8` | `1.2.9` |\n| [@tailwindcss/typography](https://github.com/tailwindlabs/tailwindcss-typography) | `0.5.19` | `0.5.20` |\n| [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.90.16` | `5.101.0` |\n| [axios](https://github.com/axios/axios) | `1.13.2` | `1.17.0` |\n| [date-fns](https://github.com/date-fns/date-fns) | `4.1.0` | `4.4.0` |\n| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `0.562.0` | `1.17.0` |\n| [next](https://github.com/vercel/next.js) | `16.1.1` | `16.2.9` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.3` | `19.2.7` |\n| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.8` | `19.2.17` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.3` | `19.2.7` |\n| [react-hook-form](https://github.com/react-hook-form/react-hook-form) | `7.71.0` | `7.78.0` |\n| [tailwind-merge](https://github.com/dcastil/tailwind-merge) | `3.4.0` | `3.6.0` |\n| [zod](https://github.com/colinhacks/zod) | `4.3.5` | `4.4.3` |\n| [zustand](https://github.com/pmndrs/zustand) | `5.0.10` | `5.0.14` |\n| [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss) | `4.1.18` | `4.3.0` |\n| [@tanstack/react-query-devtools](https://github.com/TanStack/query/tree/HEAD/packages/react-query-devtools) | `5.91.2` | `5.101.0` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.0.8` | `25.9.3` |\n| [eslint](https://github.com/eslint/eslint) | `9.39.2` | `10.4.1` |\n| [eslint-config-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next) | `16.1.1` | `16.2.9` |\n| [tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss) | `4.1.18` | `4.3.0` |\n| [typescript](https://github.com/microsoft/TypeScript) | `5.9.3` | `6.0.3` |\n| [@babel/code-frame](https://github.com/babel/babel/tree/HEAD/packages/babel-code-frame) | `7.27.1` | `7.29.7` |\n| [@babel/compat-data](https://github.com/babel/babel/tree/HEAD/packages/babel-compat-data) | `7.28.5` | `7.29.7` |\n| [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) | `7.28.5` | `7.29.7` |\n| [@babel/generator](https://github.com/babel/babel/tree/HEAD/packages/babel-generator) | `7.28.5` | `7.29.7` |\n| [@babel/helper-compilation-targets](https://github.com/babel/babel/tree/HEAD/packages/babel-helper-compilation-targets) | `7.27.2` | `7.29.7` |\n| [@babel/helper-globals](https://github.com/babel/babel/tree/HEAD/packages/babel-helper-globals) | `7.28.0` | `7.29.7` |\n| [@babel/helper-module-imports](https://github.com/babel/babel/tree/HEAD/packages/babel-helper-module-imports) | `7.27.1` | `7.29.7` |\n| [@babel/helper-module-transforms](https://github.com/babel/babel/tree/HEAD/packages/babel-helper-module-transforms) | `7.28.3` | `7.29.7` |\n| [@babel/helper-string-parser](https://github.com/babel/babel/tree/HEAD/packages/babel-helper-string-parser) | `7.27.1` | `7.29.7` |\n| [@babel/helper-validator-identifier](https://github.com/babel/babel/tree/HEAD/packages/babel-helper-validator-identifier) | `7.28.5` | `7.29.7` |\n| [@babel/helper-validator-option](https://github.com/babel/babel/tree/HEAD/packages/babel-helper-validator-option) | `7.27.1` | `7.29.7` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.28.4` | `7.29.7` |\n| [@babel/parser](https://github.com/babel/babel/tree/HEAD/packages/babel-parser) | `7.28.5` | `7.29.7` |\n| [@babel/template](https://github.com/babel/babel/tree/HEAD/packages/babel-template) | `7.27.2` | `7.29.7` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.28.5` | `7.29.7` |\n| [@babel/types](https://github.com/babel/babel/tree/HEAD/packages/babel-types) | `7.28.5` | `7.29.7` |\n| [@emnapi/core](https://github.com/toyobayashi/emnapi) | `1.7.1` | `1.10.0` |\n| [@emnapi/runtime](https://github.com/toyobayashi/emnapi) | `1.7.1` | `1.10.0` |\n| [@emnapi/wasi-threads](https://github.com/toyobayashi/emnapi) | `1.1.0` | `1.2.1` |\n| [@eslint-community/eslint-utils](https://github.com/eslint-community/eslint-utils) | `4.9.0` | `4.9.1` |\n| [@eslint/config-array](https://github.com/eslint/rewrite/tree/HEAD/packages/config-array) | `0.21.1` | `0.23.5` |\n| [@eslint/config-helpers](https://github.com/eslint/rewrite/tree/HEAD/packages/config-helpers) | `0.4.2` | `0.6.0` |\n| [@eslint/core](https://github.com/eslint/rewrite/tree/HEAD/packages/core) | `0.17.0` | `1.2.1` |\n| [@eslint/object-schema](https://github.com/eslint/rewrite/tree/HEAD/packages/object-schema) | `2.1.7` | `3.0.5` |\n| [@eslint/plugin-kit](https://github.com/eslint/rewrite/tree/HEAD/packages/plugin-kit) | `0.4.1` | `0.7.2` |\n| [@floating-ui/core](https://github.com/floating-ui/floating-ui/tree/HEAD/packages/core) | `1.7.3` | `1.7.5` |\n| [@floating-ui/dom](https://github.com/floating-ui/floating-ui/tree/HEAD/packages/dom) | `1.7.4` | `1.7.6` |\n| [@floating-ui/react-dom](https://github.com/floating-ui/floating-ui/tree/HEAD/packages/react-dom) | `2.1.6` | `2.1.8` |\n| [@floating-ui/utils](https://github.com/floating-ui/floating-ui/tree/HEAD/packages/utils) | `0.2.10` | `0.2.11` |\n| [@humanfs/core](https://github.com/humanwhocodes/humanfs) | `0.19.1` | `0.19.2` |\n| [@humanfs/node](https://github.com/humanwhocodes/humanfs/tree/HEAD/packages/node) | `0.16.7` | `0.16.8` |\n| [@img/colour](https://github.com/lovell/colour) | `1.0.0` | `1.1.0` |\n| [@napi-rs/wasm-runtime](https://github.com/napi-rs/napi-rs/tree/HEAD/wasm-runtime) | `0.2.12` | `1.1.5` |\n| [@next/env](https://github.com/vercel/next.js/tree/HEAD/packages/next-env) | `16.1.1` | `16.2.9` |\n| [@next/eslint-plugin-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-plugin-next) | `16.1.1` | `16.2.9` |\n| [@next/swc-darwin-arm64](https://github.com/vercel/next.js/tree/HEAD/crates/next-napi-bindings/npm/darwin-arm64) | `16.1.1` | `16.2.9` |\n| [@next/swc-darwin-x64](https://github.com/vercel/next.js/tree/HEAD/crates/next-napi-bindings/npm/darwin-x64) | `16.1.1` | `16.2.9` |\n| [@next/swc-linux-arm64-gnu](https://github.com/vercel/next.js/tree/HEAD/crates/next-napi-bindings/npm/linux-arm64-gnu) | `16.1.1` | `16.2.9` |\n| [@next/swc-linux-arm64-musl](https://github.com/vercel/next.js/tree/HEAD/crates/next-napi-bindings/npm/linux-arm64-musl) | `16.1.1` | `16.2.9` |\n| [@next/swc-linux-x64-gnu](https://github.com/vercel/next.js/tree/HEAD/crates/next-napi-bindings/npm/linux-x64-gnu) | `16.1.1` | `16.2.9` |\n| [@next/swc-linux-x64-musl](https://github.com/vercel/next.js/tree/HEAD/crates/next-napi-bindings/npm/linux-x64-musl) | `16.1.1` | `16.2.9` |\n| [@next/swc-win32-arm64-msvc](https://github.com/vercel/next.js/tree/HEAD/crates/next-napi-bindings/npm/win32-arm64-msvc) | `16.1.1` | `16.2.9` |\n| [@next/swc-win32-x64-msvc](https://github.com/vercel/next.js/tree/HEAD/crates/next-napi-bindings/npm/win32-x64-msvc) | `16.1.1` | `16.2.9` |\n| [@radix-ui/number](https://github.com/radix-ui/primitives/tree/HEAD/packages/core/number) | `1.1.1` | `1.1.2` |\n| [@radix-ui/primitive](https://github.com/radix-ui/primitives/tree/HEAD/packages/core/primitive) | `1.1.3` | `1.1.4` |\n| [@radix-ui/react-arrow](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/arrow) | `1.1.7` | `1.1.9` |\n| [@radix-ui/react-collection](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/collection) | `1.1.7` | `1.1.9` |\n| [@radix-ui/react-compose-refs](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/compose-refs) | `1.1.2` | `1.1.3` |\n| [@radix-ui/react-context](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/context) | `1.1.2` | `1.1.4` |\n| [@radix-ui/react-direction](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/direction) | `1.1.1` | `1.1.2` |\n| [@radix-ui/react-dismissable-layer](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dismissable-layer) | `1.1.11` | `1.1.12` |\n| [@radix-ui/react-focus-guards](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/focus-guards) | `1.1.3` | `1.1.4` |\n| [@radix-ui/react-focus-scope](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/focus-scope) | `1.1.7` | `1.1.9` |\n| [@radix-ui/react-id](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/id) | `1.1.1` | `1.1.2` |\n| [@radix-ui/react-menu](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/menu) | `2.1.16` | `2.1.17` |\n| [@radix-ui/react-popper](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/popper) | `1.2.8` | `1.3.0` |\n| [@radix-ui/react-portal](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/portal) | `1.1.9` | `1.1.11` |\n| [@radix-ui/react-presence](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/presence) | `1.1.5` | `1.1.6` |\n| [@radix-ui/react-primitive](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/primitive) | `2.1.3` | `2.1.5` |\n| [@radix-ui/react-roving-focus](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/roving-focus) | `1.1.11` | `1.1.12` |\n| [@radix-ui/react-use-callback-ref](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/use-callback-ref) | `1.1.1` | `1.1.2` |\n| [@radix-ui/react-use-controllable-state](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/use-controllable-state) | `1.2.2` | `1.2.3` |\n| [@radix-ui/react-use-effect-event](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/use-effect-event) | `0.0.2` | `0.0.3` |\n| [@radix-ui/react-use-escape-keydown](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/use-escape-keydown) | `1.1.1` | `1.1.2` |\n| [@radix-ui/react-use-is-hydrated](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/use-is-hydrated) | `0.1.0` | `0.1.1` |\n| [@radix-ui/react-use-layout-effect](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/use-layout-effect) | `1.1.1` | `1.1.2` |\n| [@radix-ui/react-use-previous](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/use-previous) | `1.1.1` | `1.1.2` |\n| [@radix-ui/react-use-rect](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/use-rect) | `1.1.1` | `1.1.2` |\n| [@radix-ui/react-use-size](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/use-size) | `1.1.1` | `1.1.2` |\n| [@radix-ui/react-visually-hidden](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/visually-hidden) | `1.2.3` | `1.2.5` |\n| [@radix-ui/rect](https://github.com/radix-ui/primitives/tree/HEAD/packages/core/rect) | `1.1.1` | `1.1.2` |\n| [@tailwindcss/node](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-node) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-android-arm64](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/android-arm64) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-darwin-arm64](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/darwin-arm64) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-darwin-x64](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/darwin-x64) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-freebsd-x64](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/freebsd-x64) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-linux-arm-gnueabihf](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/linux-arm-gnueabihf) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-linux-arm64-gnu](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/linux-arm64-gnu) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-linux-arm64-musl](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/linux-arm64-musl) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-linux-x64-gnu](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/linux-x64-gnu) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-linux-x64-musl](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/linux-x64-musl) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-wasm32-wasi](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-win32-arm64-msvc](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/win32-arm64-msvc) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide-win32-x64-msvc](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node/npm/win32-x64-msvc) | `4.1.18` | `4.3.0` |\n| [@tailwindcss/oxide](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/crates/node) | `4.1.18` | `4.3.0` |\n| [@tanstack/query-core](https://github.com/TanStack/query/tree/HEAD/packages/query-core) | `5.90.16` | `5.101.0` |\n| [@tanstack/query-devtools](https://github.com/TanStack/query/tree/HEAD/packages/query-devtools) | `5.92.0` | `5.101.0` |\n| [@tybys/wasm-util](https://github.com/toyobayashi/wasm-util) | `0.10.1` | `0.10.2` |\n| [@types/estree](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/estree) | `1.0.8` | `1.0.9` |\n| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.49.0` | `8.61.0` |\n| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.49.0` | `8.61.0` |\n| [@typescript-eslint/project-service](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/project-service) | `8.49.0` | `8.61.0` |\n| [@typescript-eslint/scope-manager](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/scope-manager) | `8.49.0` | `8.61.0` |\n| [@typescript-eslint/tsconfig-utils](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/tsconfig-utils) | `8.49.0` | `8.61.0` |\n| [@typescript-eslint/type-utils](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/type-utils) | `8.49.0` | `8.61.0` |\n| [@typescript-eslint/types](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/types) | `8.49.0` | `8.61.0` |\n| [@typescript-eslint/typescript-estree](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-estree) | `8.49.0` | `8.61.0` |\n| [@typescript-eslint/utils](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/utils) | `8.49.0` | `8.61.0` |\n| [@typescript-eslint/visitor-keys](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/visitor-keys) | `8.49.0` | `8.61.0` |\n| [@unrs/resolver-binding-android-arm-eabi](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-android-arm64](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-darwin-arm64](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-darwin-x64](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-freebsd-x64](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-linux-arm-gnueabihf](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-linux-arm-musleabihf](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-linux-arm64-gnu](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-linux-arm64-musl](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-linux-ppc64-gnu](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-linux-riscv64-gnu](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-linux-riscv64-musl](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-linux-s390x-gnu](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-linux-x64-gnu](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-linux-x64-musl](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-wasm32-wasi](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-win32-arm64-msvc](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-win32-ia32-msvc](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [@unrs/resolver-binding-win32-x64-msvc](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [acorn](https://github.com/acornjs/acorn) | `8.15.0` | `8.17.0` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [axe-core](https://github.com/dequelabs/axe-core) | `4.11.0` | `4.12.1` |\n| [baseline-browser-mapping](https://github.com/web-platform-dx/baseline-browser-mapping) | `2.9.7` | `2.10.36` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.15` |\n| [browserslist](https://github.com/browserslist/browserslist) | `4.28.1` | `4.28.2` |\n| [call-bind](https://github.com/ljharb/call-bind) | `1.0.8` | `1.0.9` |\n| [caniuse-lite](https://github.com/browserslist/caniuse-lite) | `1.0.30001760` | `1.0.30001799` |\n| [electron-to-chromium](https://github.com/Kilian/electron-to-chromium) | `1.5.267` | `1.5.371` |\n| [enhanced-resolve](https://github.com/webpack/enhanced-resolve) | `5.18.4` | `5.24.0` |\n| [es-abstract](https://github.com/ljharb/es-abstract) | `1.24.1` | `1.24.2` |\n| [es-iterator-helpers](https://github.com/es-shims/iterator-helpers) | `1.2.2` | `1.3.3` |\n| [es-object-atoms](https://github.com/ljharb/es-object-atoms) | `1.1.1` | `1.1.2` |\n| [eslint-import-resolver-node](https://github.com/import-js/eslint-plugin-import/tree/HEAD/resolvers/node) | `0.3.9` | `0.3.10` |\n| [eslint-module-utils](https://github.com/import-js/eslint-plugin-import/tree/HEAD/utils) | `2.12.1` | `2.13.0` |\n| [eslint-plugin-react-hooks](https://github.com/facebook/react/tree/HEAD/packages/eslint-plugin-react-hooks) | `7.0.1` | `7.1.1` |\n| [eslint-scope](https://github.com/eslint/js/tree/HEAD/packages/eslint-scope) | `8.4.0` | `9.1.2` |\n| [espree](https://github.com/eslint/js/tree/HEAD/packages/espree) | `10.4.0` | `11.2.0` |\n| [esquery](https://github.com/estools/esquery) | `1.6.0` | `1.7.0` |\n| [fastq](https://github.com/mcollina/fastq) | `1.19.1` | `1.20.1` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.11` | `1.16.0` |\n| [function.prototype.name](https://github.com/es-shims/Function.prototype.name) | `1.1.8` | `1.2.0` |\n| [get-tsconfig](https://github.com/privatenumber/get-tsconfig) | `4.13.0` | `4.14.0` |\n| [globals](https://github.com/sindresorhus/globals) | `14.0.0` | `16.4.0` |\n| [hasown](https://github.com/inspect-js/hasOwn) | `2.0.2` | `2.0.4` |\n| [is-core-module](https://github.com/inspect-js/is-core-module) | `2.16.1` | `2.16.2` |\n| [jiti](https://github.com/unjs/jiti) | `2.6.1` | `2.7.0` |\n| [lightningcss-android-arm64](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss-darwin-arm64](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss-darwin-x64](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss-freebsd-x64](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss-linux-arm-gnueabihf](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss-linux-arm64-gnu](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss-linux-arm64-musl](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss-linux-x64-gnu](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss-linux-x64-musl](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss-win32-arm64-msvc](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss-win32-x64-msvc](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [lightningcss](https://github.com/parcel-bundler/lightningcss) | `1.30.2` | `1.32.0` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.11` | `3.3.12` |\n| [node-releases](https://github.com/chicoxyzzy/node-releases) | `2.0.27` | `2.0.47` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [proxy-from-env](https://github.com/Rob--W/proxy-from-env) | `1.1.0` | `2.1.0` |\n| [resolve](https://github.com/browserify/resolve) | `1.22.11` | `2.0.0-next.7` |\n| [safe-array-concat](https://github.com/ljharb/safe-array-concat) | `1.1.3` | `1.1.4` |\n| [side-channel-list](https://github.com/ljharb/side-channel-list) | `1.0.0` | `1.0.1` |\n| [side-channel](https://github.com/ljharb/side-channel) | `1.1.0` | `1.1.1` |\n| [string.prototype.trim](https://github.com/es-shims/String.prototype.trim) | `1.2.10` | `1.2.11` |\n| [string.prototype.trimend](https://github.com/es-shims/String.prototype.trimEnd) | `1.0.9` | `1.0.10` |\n| [tapable](https://github.com/webpack/tapable) | `2.3.0` | `2.3.3` |\n| [tinyglobby](https://github.com/SuperchupuDev/tinyglobby) | `0.2.15` | `0.2.17` |\n| [ts-api-utils](https://github.com/JoshuaKGoldberg/ts-api-utils) | `2.1.0` | `2.5.0` |\n| [typed-array-length](https://github.com/inspect-js/typed-array-length) | `1.0.7` | `1.0.8` |\n| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.49.0` | `8.61.0` |\n| [undici-types](https://github.com/nodejs/undici) | `7.16.0` | `7.24.6` |\n| [unrs-resolver](https://github.com/unrs/unrs-resolver) | `1.11.1` | `1.12.2` |\n| [update-browserslist-db](https://github.com/browserslist/update-db) | `1.2.2` | `1.2.3` |\n| [which-typed-array](https://github.com/inspect-js/which-typed-array) | `1.1.19` | `1.1.22` |\n\nUpdates `@hookform/resolvers` from 5.2.2 to 5.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/react-hook-form/resolvers/releases\"\u003e@​hookform/resolvers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.4.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v5.3.0...v5.4.0\"\u003e5.4.0\u003c/a\u003e (2026-05-21)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add ata-validator resolver (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/845\"\u003e#845\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix issue with toNestErrors.ts (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/848\"\u003e#848\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eadd guidance on passing context to \u003ccode\u003eyupResolver\u003c/code\u003e (useForm context) (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/835\"\u003e#835\u003c/a\u003e)  (\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/3d2992472adf5735b46b175e22bea82fddf13854\"\u003e3d29924\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/3d2992472adf5735b46b175e22bea82fddf13854\"\u003e\u003ccode\u003e3d29924\u003c/code\u003e\u003c/a\u003e feat: add guidance on passing context to \u003ccode\u003eyupResolver\u003c/code\u003e (useForm context) (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/835\"\u003e#835\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/56b68f3798612601190a533887847d8fef2c94af\"\u003e\u003ccode\u003e56b68f3\u003c/code\u003e\u003c/a\u003e feat: 5.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/cf8562d88ce3a1658676b2ef996347f29e05b3ee\"\u003e\u003ccode\u003ecf8562d\u003c/code\u003e\u003c/a\u003e update readme on ata-validator\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/5e5b6103692fa599ddacca39a03bf707e73a5012\"\u003e\u003ccode\u003e5e5b610\u003c/code\u003e\u003c/a\u003e fix issue with toNestErrors.ts (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/848\"\u003e#848\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/72aacf8604d697a29a1859f8bffccf18adb86add\"\u003e\u003ccode\u003e72aacf8\u003c/code\u003e\u003c/a\u003e Revise supported versions in SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/ad89a20d869f2dc21b905168c5578b3522c01b64\"\u003e\u003ccode\u003ead89a20\u003c/code\u003e\u003c/a\u003e feat: add ata-validator resolver (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/845\"\u003e#845\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/02286db88310fd23e1de61ad880c23e210801813\"\u003e\u003ccode\u003e02286db\u003c/code\u003e\u003c/a\u003e ci: updated publish workflow to use node 24 (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/838\"\u003e#838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/2e9bc7c7d02506d336e20d8c0bae0c479f3662ec\"\u003e\u003ccode\u003e2e9bc7c\u003c/code\u003e\u003c/a\u003e Fix(zodResolver): error paths in complex unions \u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/787\"\u003e#787\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/819\"\u003e#819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v5.2.2...v5.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-alert-dialog` from 1.1.15 to 1.1.16\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/alert-dialog/CHANGELOG.md\"\u003e@​radix-ui/react-alert-dialog's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-dialog@1.1.16\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/alert-dialog\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-alert-dialog\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-avatar` from 1.1.11 to 1.1.12\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/avatar/CHANGELOG.md\"\u003e@​radix-ui/react-avatar's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-callback-ref@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-is-hydrated@0.1.1\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-layout-effect@1.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/avatar\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-avatar\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-checkbox` from 1.3.3 to 1.3.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/checkbox/CHANGELOG.md\"\u003e@​radix-ui/react-checkbox's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.3.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-previous@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-size@1.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/checkbox\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-checkbox\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-collapsible` from 1.1.12 to 1.1.13\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/collapsible/CHANGELOG.md\"\u003e@​radix-ui/react-collapsible's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed triggers referencing a non-existent element via \u003ccode\u003earia-controls\u003c/code\u003e when their content is removed from the DOM (credit to \u003ca href=\"https://github.com/dodomorandi\"\u003e\u003ccode\u003e@​dodomorandi\u003c/code\u003e\u003c/a\u003e for the \u003ca href=\"https://redirect.github.com/radix-ui/primitives/pull/3243\"\u003eoriginal PR\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-layout-effect@1.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/collapsible\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-collapsible\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-dialog` from 1.1.15 to 1.1.16\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/dialog/CHANGELOG.md\"\u003e@​radix-ui/react-dialog's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed disabled pointer events in closed dialogs\u003c/li\u003e\n\u003cli\u003eFixed a bug where iOS text selection and editing on HTML inputs within \u003ccode\u003ereact-dialog\u003c/code\u003e were broken\u003c/li\u003e\n\u003cli\u003eFixed triggers referencing a non-existent element via \u003ccode\u003earia-controls\u003c/code\u003e when their content is removed from the DOM (credit to \u003ca href=\"https://github.com/dodomorandi\"\u003e\u003ccode\u003e@​dodomorandi\u003c/code\u003e\u003c/a\u003e for the \u003ca href=\"https://redirect.github.com/radix-ui/primitives/pull/3243\"\u003eoriginal PR\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-guards@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/dialog\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-dialog\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-dropdown-menu` from 2.1.16 to 2.1.17\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/dropdown-menu/CHANGELOG.md\"\u003e@​radix-ui/react-dropdown-menu's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.1.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-menu@2.1.17\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/dropdown-menu\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-dropdown-menu\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-label` from 2.1.8 to 2.1.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/label/CHANGELOG.md\"\u003e@​radix-ui/react-label's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/label\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-label\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-popover` from 1.1.15 to 1.1.16\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/popover/CHANGELOG.md\"\u003e@​radix-ui/react-popover's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug where iOS text selection and editing on HTML inputs within \u003ccode\u003ereact-dialog\u003c/code\u003e were broken\u003c/li\u003e\n\u003cli\u003eFixed triggers referencing a non-existent element via \u003ccode\u003earia-controls\u003c/code\u003e when their content is removed from the DOM (credit to \u003ca href=\"https://github.com/dodomorandi\"\u003e\u003ccode\u003e@​dodomorandi\u003c/code\u003e\u003c/a\u003e for the \u003ca href=\"https://redirect.github.com/radix-ui/primitives/pull/3243\"\u003eoriginal PR\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.3.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-guards@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/popover\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-popover\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-progress` from 1.1.8 to 1.1.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/progress/CHANGELOG.md\"\u003e@​radix-ui/react-progress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/progress\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-progress\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-scroll-area` from 1.2.10 to 1.2.11\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/scroll-area/CHANGELOG.md\"\u003e@​radix-ui/react-scroll-area's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.2.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed missing \u003ccode\u003edata-state\u003c/code\u003e attribute for Scroll Area scrollbars\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-direction@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/number@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-callback-ref@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-layout-effect@1.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/scroll-area\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-scroll-area\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-select` from 2.2.6 to 2.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/select/CHANGELOG.md\"\u003e@​radix-ui/react-select's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded unstable \u003ccode\u003eProvider\u003c/code\u003e and \u003ccode\u003eBubbleInput\u003c/code\u003e parts to Select. \u003ccode\u003eSelect.unstable_Provider\u003c/code\u003e sets up Select's context and state without implicitly rendering the hidden native \u003ccode\u003eselect\u003c/code\u003e, and \u003ccode\u003eSelect.unstable_BubbleInput\u003c/code\u003e exposes that previously internal native \u003ccode\u003eselect\u003c/code\u003e so consumers can recompose it explicitly. \u003ccode\u003eSelect\u003c/code\u003e continues to render both by default.\u003c/li\u003e\n\u003cli\u003eAdded support for presence-based exit animations in Select\u003c/li\u003e\n\u003cli\u003eFixed Select hidden input so it submits empty string when no value is selected\u003c/li\u003e\n\u003cli\u003eFixed placeholder rendering when a controlled Select is reset to an empty value\u003c/li\u003e\n\u003cli\u003eAdded missing \u003ccode\u003e__selectScope\u003c/code\u003e prop to \u003ccode\u003ePopperContent\u003c/code\u003e component\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eSelect\u003c/code\u003e closing unexpectedly after touch-scrolling its content when rendered inside an open shadow DOM\u003c/li\u003e\n\u003cli\u003eFixed a bug where iOS text selection and editing on HTML inputs within \u003ccode\u003ereact-dialog\u003c/code\u003e were broken\u003c/li\u003e\n\u003cli\u003eFixed triggers referencing a non-existent element via \u003ccode\u003earia-controls\u003c/code\u003e when their content is removed from the DOM (credit to \u003ca href=\"https://github.com/dodomorandi\"\u003e\u003ccode\u003e@​dodomorandi\u003c/code\u003e\u003c/a\u003e for the \u003ca href=\"https://redirect.github.com/radix-ui/primitives/pull/3243\"\u003eoriginal PR\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eSelectValue\u003c/code\u003e logging invalid prop errors when used with both \u003ccode\u003easChild\u003c/code\u003e and a placeholder\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.3.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-guards@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-collection@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-direction@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/number@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-focus-scope@1.1.9\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-callback-ref@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-layout-effect@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-previous@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-visually-hidden@1.2.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/select\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-select\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-separator` from 1.1.8 to 1.1.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/separator/CHANGELOG.md\"\u003e@​radix-ui/react-separator's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/separator\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-separator\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-slot` from 1.2.4 to 1.2.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/slot/CHANGELOG.md\"\u003e@​radix-ui/react-slot's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.2.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed infinite re-render loop in React 19 caused by \u003ccode\u003eSlot\u003c/code\u003e creating a new ref callback on every render\u003c/li\u003e\n\u003cli\u003eAdded support for nested \u003ccode\u003eSlottable\u003c/code\u003e via a render prop, so a slotted element can be wrapped while still merging Slot props and refs onto it\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eImproved error messages for invalid slot children\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/slot\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-slot\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-switch` from 1.2.6 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/switch/CHANGELOG.md\"\u003e@​radix-ui/react-switch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded unstable \u003ccode\u003eProvider\u003c/code\u003e, \u003ccode\u003eTrigger\u003c/code\u003e and \u003ccode\u003eBubbleInput\u003c/code\u003e parts to Switch. These expose the previously internal composition (context provider, the interactive control, and the hidden form input) so consumers can directly access and recompose them. The \u003ccode\u003eSwitch\u003c/code\u003e component continues to render them by default.\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-previous@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-size@1.1.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/switch\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-switch\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-tabs` from 1.1.13 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/tabs/CHANGELOG.md\"\u003e@​radix-ui/react-tabs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed triggers referencing a non-existent element via \u003ccode\u003earia-controls\u003c/code\u003e when their content is removed from the DOM (credit to \u003ca href=\"https://github.com/dodomorandi\"\u003e\u003ccode\u003e@​dodomorandi\u003c/code\u003e\u003c/a\u003e for the \u003ca href=\"https://redirect.github.com/radix-ui/primitives/pull/3243\"\u003eoriginal PR\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-direction@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-roving-focus@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/tabs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-tabs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@radix-ui/react-tooltip` from 1.2.8 to 1.2.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/radix-ui/primitives/blob/main/packages/react/tooltip/CHANGELOG.md\"\u003e@​radix-ui/react-tooltip's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.2.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed runtime error when event target is non-Node\u003c/li\u003e\n\u003cli\u003eFixed a Tooltip bug so that \u003ccode\u003eskipDelayDuration={0}\u003c/code\u003e works as expected. Previously, the open delay could still be skipped when moving between triggers.\u003c/li\u003e\n\u003cli\u003eAdded repository.directory to all package.json files\u003c/li\u003e\n\u003cli\u003eUpdated dependencies: \u003ccode\u003e@radix-ui/react-presence@1.1.6\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-popper@1.3.0\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-slot@1.2.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-dismissable-layer@1.1.12\u003c/code\u003e, \u003ccode\u003e@radix-ui/primitive@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-compose-refs@1.1.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-context@1.1.4\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-id@1.1.2\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-portal@1.1.11\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-primitive@2.1.5\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-use-controllable-state@1.2.3\u003c/code\u003e, \u003ccode\u003e@radix-ui/react-visually-hidden@1.2.5\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/radix-ui/primitives/commits/HEAD/packages/react/tooltip\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​radix-ui/react-tooltip\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tailwindcss/typography` from 0.5.19 to 0.5.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tailwindlabs/tailwindcss-typography/releases\"\u003e@​tailwindcss/typography's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.5.20\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport installing with stable versions of Tailwind CSS v4 (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss-typography/pull/424\"\u003e#424\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tailwindlabs/tailwindcss-typography/blob/main/CHANGELOG.md\"\u003e@​tailwindcss/typography's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[0.5.20] - 2026-06-08\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport installing with stable versions of Tailwind CSS v4 (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss-typography/pull/424\"\u003e#424\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss-typography/commit/e3714a3fe55551ce9d51eec4721183ed6b1d5cd1\"\u003e\u003ccode\u003ee3714a3\u003c/code\u003e\u003c/a\u003e 0.5.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss-typography/commit/f34283d2961e18dd0dc2a849702e0dfd45fc80cb\"\u003e\u003ccode\u003ef34283d\u003c/code\u003e\u003c/a\u003e Update tailwindcss peer dependency version (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss-typography/issues/424\"\u003e#424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss-typography/commit/543de4274390e90c4aab5d216729b46a3ba5541b\"\u003e\u003ccode\u003e543de42\u003c/code\u003e\u003c/a\u003e bump Node.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss-typography/commit/881b0488df9fd05e5361276b66a9ee8e7f39a3a7\"\u003e\u003ccode\u003e881b048\u003c/code\u003e\u003c/a\u003e Setup OIDC (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss-typography/issues/423\"\u003e#423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss-typography/commit/74a3da779bb43e4e68f446395224c768704c1fb6\"\u003e\u003ccode\u003e74a3da7\u003c/code\u003e\u003c/a\u003e Fix typo in README.md (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss-typography/issues/413\"\u003e#413\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss-typography/commit/3963dfede4845f46451db1863fd5321f4cdea03b\"\u003e\u003ccode\u003e3963dfe\u003c/code\u003e\u003c/a\u003e Bump js-yaml from 3.14.1 to 3.14.2 (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss-typography/issues/410\"\u003e#410\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tailwindlabs/tailwindcss-typography/commit/abf85cc6e1b4f9b914b0f66453e5a97a9899a15c\"\u003e\u003ccode\u003eabf85cc\u003c/code\u003e\u003c/a\u003e className instead of classname (\u003ca href=\"https://redirect.github.com/tailwindlabs/tailwindcss-typography/issues/406\"\u003e#406\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/tailwindlabs/tailwindcss-typography/compare/v0.5.19...v0.5.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​tailwindcss/typography\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tanstack/react-query` from 5.90.16 to 5.101.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TanStack/query/releases\"\u003e@​tanstack/react-query's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/3042860e3c8731c94ca4dec0e277e415d0484fce\"\u003e\u003ccode\u003e3042860\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/TanStack/query/commit/e631dc3fa17bff71f413246b7a770a730016d346\"\u003e\u003ccode\u003ee631dc3\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-next-experimental\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/TanStack/query/pull/10857\"\u003e#10857\u003c/a\u003e \u003ca href=\"https://github.com/TanStack/query/commit/7cf5923308fb91f3eff0fe952d8c64676e2bdad7\"\u003e\u003ccode\u003e7cf5923\u003c/code\u003e\u003c/a\u003e - fix(react-query-next-experimental): replace deprecated 'isServer' with 'environmentManager.isServer()'\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies []:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-persist-client\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-persist-client-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-next-experimental\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-persist-client\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-persist-client-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md\"\u003e@​tanstack/react-query's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.101.0\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.101.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix(react-query): do not go into optimistic fetching state when not subscribed (\u003ca href=\"https://redirect.github.com/TanStack/query/pull/10759\"\u003e#10759\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies []:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/d423168f6261a5cb3d353e53b27c8150cc271151\"\u003e\u003ccode\u003ed423168\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.12\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.12\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.11\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.11\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.10\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.10\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.9\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/fcee7bdc429385ae8ffa224fa8a7a9ec7b8ee380\"\u003e\u003ccode\u003efcee7bd\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.9\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/f3d8d2abbf15bf81ff7575d3be9845d7b402f25a\"\u003e\u003ccode\u003ef3d8d2a\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10774\"\u003e#10774\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/532bb298fba15e945e69c6ee4edc0c759ff21324\"\u003e\u003ccode\u003e532bb29\u003c/code\u003e\u003c/a\u003e fix(tests): disable local coverage instrumentation (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10776\"\u003e#10776\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/ba6e7beebd50143408f01fcf5d9aee2ec1486f60\"\u003e\u003ccode\u003eba6e7be\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e fix(react): do not go into optimistic fetching state when not subscribed (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/05cf2bc0a4eae64959dc8a40152e2878190c971b\"\u003e\u003ccode\u003e05cf2bc\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10758\"\u003e#10758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/d423168f6261a5cb3d353e53b27c8150cc271151\"\u003e\u003ccode\u003ed423168\u003c/code\u003e\u003c/a\u003e fix(query-core): use built-in NoInfer for generic indexed-access types (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10593\"\u003e#10593\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/5ff4f6936bb66a64267eb4413430f956eecf7248\"\u003e\u003ccode\u003e5ff4f69\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10755\"\u003e#10755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/3e85350749751eef055fffb65f6838dfafa74891\"\u003e\u003ccode\u003e3e85350\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10706\"\u003e#10706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/9d2692cec4d538c2f96489027ba546f11638dfb1\"\u003e\u003ccode\u003e9d2692c\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10695\"\u003e#10695\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/74fa05eb1b16f40ea7068afd0e5e082687d22338\"\u003e\u003ccode\u003e74fa05e\u003c/code\u003e\u003c/a\u003e chore(tsconfig.json): narrow 'include' pattern to prevent TS6053 race conditi...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/TanStack/query/commits/@tanstack/react-query@5.101.0/packages/react-query\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.2 to 1.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.17.0 — June 1, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eConfig Hardening:\u003c/strong\u003e Guarded \u003ccode\u003esocketPath\u003c/code\u003e, \u003ccode\u003eparams\u003c/code\u003e, and \u003ccode\u003eparamsSerializer\u003c/code\u003e reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10901\"\u003e#10901\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10922\"\u003e#10922\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRelease Publishing:\u003c/strong\u003e Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10926\"\u003e#10926\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP Compression:\u003c/strong\u003e Added Node HTTP adapter support for zstd response decompression, with \u003ccode\u003etransitional.advertiseZstdAcceptEncoding\u003c/code\u003e controlling whether \u003ccode\u003ezstd\u003c/code\u003e is advertised in \u003ccode\u003eAccept-Encoding\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/6792\"\u003e#6792\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10920\"\u003e#10920\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eAuthentication Handling:\u003c/strong\u003e Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10929\"\u003e#10929\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10896\"\u003e#10896\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy TLS:\u003c/strong\u003e Preserved user \u003ccode\u003ehttpsAgent\u003c/code\u003e TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10957\"\u003e#10957\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native FormData:\u003c/strong\u003e Cleared default \u003ccode\u003eContent-Type\u003c/code\u003e for React Native \u003ccode\u003eFormData\u003c/code\u003e so multipart boundaries can be generated correctly. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10898\"\u003e#10898\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10875\"\u003e#10875\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cl...\n\n_Description has been truncated_","html_url":"https://github.com/rennf93/roboco/pull/118","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/rennf93%2Froboco/issues/118","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/118/packages"}},{"old_version":"8.17.1","new_version":"8.18.0","update_type":"minor","path":null,"pr_created_at":"2026-06-11T15:32:56.000Z","version_change":"8.17.1 → 8.18.0","issue":{"uuid":"4641959790","node_id":"PR_kwDOQBu2287lYxPv","number":13,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 24 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-06-14T02:39:15.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-11T15:32:56.000Z","updated_at":"2026-06-14T02:39:17.000Z","time_to_close":212779,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":24,"packages":[{"name":"simple-git","old_version":"3.28.0","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"glob","old_version":"10.4.5","new_version":"13.0.6","repository_url":"https://github.com/isaacs/node-glob"},{"name":"glob","old_version":"11.0.3","new_version":"11.1.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"vitest","old_version":"3.2.4","new_version":"4.1.8","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"tar","old_version":"7.5.1","new_version":"7.5.16","repository_url":"https://github.com/isaacs/node-tar"},{"name":"uuid","old_version":"11.1.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"@modelcontextprotocol/sdk","old_version":"1.15.1","new_version":"1.29.0","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"diff","old_version":"7.0.0","new_version":"9.0.0","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"shell-quote","old_version":"1.8.3","new_version":"1.8.4","repository_url":"https://github.com/ljharb/shell-quote"},{"name":"undici","old_version":"7.15.0","new_version":"7.27.2","repository_url":"https://github.com/nodejs/undici"},{"name":"ajv","old_version":"8.17.1","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"fast-uri","old_version":"3.0.6","new_version":"3.1.2","repository_url":"https://github.com/fastify/fast-uri"},{"name":"picomatch","old_version":"4.0.3","new_version":"4.0.4","repository_url":"https://github.com/micromatch/picomatch"},{"name":"ws","old_version":"8.18.3","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"fast-xml-parser","old_version":"4.5.3","new_version":"5.8.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"jws","old_version":"4.0.0","new_version":"4.0.1","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"jws","old_version":"3.2.2","new_version":"3.2.3","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"tmp","old_version":"0.2.5","new_version":"0.2.7","repository_url":"https://github.com/raszi/node-tmp"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 19 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.28.0` | `3.36.0` |\n| [glob](https://github.com/isaacs/node-glob) | `10.4.5` | `13.0.6` |\n| [glob](https://github.com/isaacs/node-glob) | `11.0.3` | `11.1.0` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `3.2.4` | `4.1.8` |\n| [tar](https://github.com/isaacs/node-tar) | `7.5.1` | `7.5.16` |\n| [uuid](https://github.com/uuidjs/uuid) | `11.1.0` | `14.0.0` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.15.1` | `1.29.0` |\n| [diff](https://github.com/kpdecker/jsdiff) | `7.0.0` | `9.0.0` |\n| [shell-quote](https://github.com/ljharb/shell-quote) | `1.8.3` | `1.8.4` |\n| [undici](https://github.com/nodejs/undici) | `7.15.0` | `7.27.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.17.1` | `8.18.0` |\n| [fast-uri](https://github.com/fastify/fast-uri) | `3.0.6` | `3.1.2` |\n| [picomatch](https://github.com/micromatch/picomatch) | `4.0.3` | `4.0.4` |\n| [ws](https://github.com/websockets/ws) | `8.18.3` | `8.20.1` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.3` | `5.8.0` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [jws](https://github.com/brianloveswords/node-jws) | `4.0.0` | `4.0.1` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [tmp](https://github.com/raszi/node-tmp) | `0.2.5` | `0.2.7` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/core directory: [diff](https://github.com/kpdecker/jsdiff).\n\nUpdates `simple-git` from 3.28.0 to 3.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/releases\"\u003esimple-git's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esimple-git@3.36.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e89a2294: Extend known exploitable configuration keys and per-task environment variables.\u003c/p\u003e\n\u003cp\u003eNote - \u003ccode\u003eParsedVulnerabilities\u003c/code\u003e from \u003ccode\u003eargv-parser\u003c/code\u003e is removed in favour of a readonly array of \u003ccode\u003eVulnerability\u003c/code\u003e to match usage in \u003ccode\u003esimple-git\u003c/code\u003e, rolled into the new \u003ccode\u003evulnerabilityCheck\u003c/code\u003e for simpler access to the identified issues.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/zebbern\"\u003e\u003ccode\u003e@​zebbern\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003ecore.fsmonitor\u003c/code\u003e.\nThanks to \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003eGIT_CONFIG_COUNT\u003c/code\u003e environment variables and \u003ccode\u003e--template\u003c/code\u003e / \u003ccode\u003emerge\u003c/code\u003e related config.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1ad57e8: Remove conflicting node:buffer import\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [89a2294]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [675570a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.35.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0cf9d8c: Improvements for mono-repo publishing pipeline\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0cf9d8c]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.35.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0de400e: Update monorepo version handling during publish\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0de400e]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.33.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea263635: Use \u003ccode\u003epathspec\u003c/code\u003e wrappers for remote and local paths when running either \u003ccode\u003egit.clone\u003c/code\u003e or \u003ccode\u003egit.mirror\u003c/code\u003e to\navoid leaving them less open for unexpected outcomes when passing unsanitised data into these tasks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ee253a0d: Enhanced \u003ccode\u003egit -c\u003c/code\u003e checks in \u003ccode\u003eunsafe\u003c/code\u003e plugin.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JohannesLks\"\u003e\u003ccode\u003e@​JohannesLks\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md\"\u003esimple-git's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.36.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e89a2294: Extend known exploitable configuration keys and per-task environment variables.\u003c/p\u003e\n\u003cp\u003eNote - \u003ccode\u003eParsedVulnerabilities\u003c/code\u003e from \u003ccode\u003eargv-parser\u003c/code\u003e is removed in favour of a readonly array of \u003ccode\u003eVulnerability\u003c/code\u003e to match usage in \u003ccode\u003esimple-git\u003c/code\u003e, rolled into the new \u003ccode\u003evulnerabilityCheck\u003c/code\u003e for simpler access to the identified issues.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/zebbern\"\u003e\u003ccode\u003e@​zebbern\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003ecore.fsmonitor\u003c/code\u003e.\nThanks to \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003eGIT_CONFIG_COUNT\u003c/code\u003e environment variables and \u003ccode\u003e--template\u003c/code\u003e / \u003ccode\u003emerge\u003c/code\u003e related config.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1ad57e8: Remove conflicting node:buffer import\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [89a2294]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [675570a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0cf9d8c: Improvements for mono-repo publishing pipeline\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0cf9d8c]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0de400e: Update monorepo version handling during publish\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0de400e]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.35.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e3d8708b: Updating publish config\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [3d8708b]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.34.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/7dc1a532a9ec92fb08c93202954be73175b07d83\"\u003e\u003ccode\u003e7dc1a53\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/76f5376bd418cb8baf5ec32757af442d47128e22\"\u003e\u003ccode\u003e76f5376\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1061\"\u003e#1061\u003c/a\u003e from Vinzent03/fix/buffer-import\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/89a2294febed5dfe737c4c735d936bb6018746a8\"\u003e\u003ccode\u003e89a2294\u003c/code\u003e\u003c/a\u003e Environment Parsing (\u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1156\"\u003e#1156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/1b91b762f047777ca6686f34ac3f7b8a543a4780\"\u003e\u003ccode\u003e1b91b76\u003c/code\u003e\u003c/a\u003e fix: remove explicit node:buffer import\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/e390685960a3461875dce89d87ab80e3143d79fe\"\u003e\u003ccode\u003ee390685\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/3c9e4b8309667d0cb4102cda770f92075fc781dd\"\u003e\u003ccode\u003e3c9e4b8\u003c/code\u003e\u003c/a\u003e Pin version of \u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/94ee21fd5a2a6182fbf0f218a5efca2057b567cd\"\u003e\u003ccode\u003e94ee21f\u003c/code\u003e\u003c/a\u003e Export \u003ccode\u003epathspec\u003c/code\u003e types through \u003ccode\u003esimple-git\u003c/code\u003e for backward compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/6d7cb5174273aa33d131172d3770cb386e795171\"\u003e\u003ccode\u003e6d7cb51\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/0de400e7b014a48113acf673b3409a95b9c87a15\"\u003e\u003ccode\u003e0de400e\u003c/code\u003e\u003c/a\u003e Switch to semver from workspace revisions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/2264722abcb637042dd4cc50d903d69e4ee14b38\"\u003e\u003ccode\u003e2264722\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/steveukx/git-js/commits/simple-git@3.36.0/simple-git\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for simple-git since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.4.5 to 13.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/e80cb38ae60d6cbff9e75f39032a994858994d35\"\u003e\u003ccode\u003ee80cb38\u003c/code\u003e\u003c/a\u003e 13.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/9cdbbfff75c64fb158c8842d4d0eb3e908676a41\"\u003e\u003ccode\u003e9cdbbff\u003c/code\u003e\u003c/a\u003e revert tsgo, not ready for test coverage correctness yet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/89c99ba8e276438b8e31ce878b63186e2cd375b4\"\u003e\u003ccode\u003e89c99ba\u003c/code\u003e\u003c/a\u003e use tsgo compiler\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/b7275d54f294174607f544acf07cc7ec526b7878\"\u003e\u003ccode\u003eb7275d5\u003c/code\u003e\u003c/a\u003e update deps, expand engines to include node 18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/942e360a669e0c378c0abd261e7d329ca2cee661\"\u003e\u003ccode\u003e942e360\u003c/code\u003e\u003c/a\u003e update workflows, pull taprc out of package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/4a0d53c7531f3f0df97f9e4d26c78489e7f6d7ef\"\u003e\u003ccode\u003e4a0d53c\u003c/code\u003e\u003c/a\u003e update tap for mockImport bugfix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/ef94ad2696c12129628208cf4e38575e7240c1c4\"\u003e\u003ccode\u003eef94ad2\u003c/code\u003e\u003c/a\u003e update tap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/180c2d43cb135f134c0c5446408dc107c79a5a9b\"\u003e\u003ccode\u003e180c2d4\u003c/code\u003e\u003c/a\u003e update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/37993c86faddcb780458b2d7ae3c2ead7a84bf31\"\u003e\u003ccode\u003e37993c8\u003c/code\u003e\u003c/a\u003e remove stray console.error in test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/03ae4c244cac6331817158b0bc12effd30deeb43\"\u003e\u003ccode\u003e03ae4c2\u003c/code\u003e\u003c/a\u003e 13.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.4.5...v13.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 11.0.3 to 11.1.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/e80cb38ae60d6cbff9e75f39032a994858994d35\"\u003e\u003ccode\u003ee80cb38\u003c/code\u003e\u003c/a\u003e 13.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/9cdbbfff75c64fb158c8842d4d0eb3e908676a41\"\u003e\u003ccode\u003e9cdbbff\u003c/code\u003e\u003c/a\u003e revert tsgo, not ready for test coverage correctness yet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/89c99ba8e276438b8e31ce878b63186e2cd375b4\"\u003e\u003ccode\u003e89c99ba\u003c/code\u003e\u003c/a\u003e use tsgo compiler\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/b7275d54f294174607f544acf07cc7ec526b7878\"\u003e\u003ccode\u003eb7275d5\u003c/code\u003e\u003c/a\u003e update deps, expand engines to include node 18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/942e360a669e0c378c0abd261e7d329ca2cee661\"\u003e\u003ccode\u003e942e360\u003c/code\u003e\u003c/a\u003e update workflows, pull taprc out of package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/4a0d53c7531f3f0df97f9e4d26c78489e7f6d7ef\"\u003e\u003ccode\u003e4a0d53c\u003c/code\u003e\u003c/a\u003e update tap for mockImport bugfix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/ef94ad2696c12129628208cf4e38575e7240c1c4\"\u003e\u003ccode\u003eef94ad2\u003c/code\u003e\u003c/a\u003e update tap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/180c2d43cb135f134c0c5446408dc107c79a5a9b\"\u003e\u003ccode\u003e180c2d4\u003c/code\u003e\u003c/a\u003e update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/37993c86faddcb780458b2d7ae3c2ead7a84bf31\"\u003e\u003ccode\u003e37993c8\u003c/code\u003e\u003c/a\u003e remove stray console.error in test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/03ae4c244cac6331817158b0bc12effd30deeb43\"\u003e\u003ccode\u003e03ae4c2\u003c/code\u003e\u003c/a\u003e 13.0.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.4.5...v13.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 3.2.4 to 4.1.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.8\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e:\n\u003cul\u003e\n\u003cli\u003eDisable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v4]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10450\"\u003evitest-dev/vitest#10450\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b1\"\u003e\u003c!-- raw HTML omitted --\u003e(e4067)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove orphaned Playwright route when same module is mocked via multiple ids [backport to v4]  -  by \u003ca href=\"https://github.com/toxik\"\u003e\u003ccode\u003e@​toxik\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/Zelys-DFKH\"\u003e\u003ccode\u003e@​Zelys-DFKH\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10474\"\u003evitest-dev/vitest#10474\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/675b4343f\"\u003e\u003c!-- raw HTML omitted --\u003e(675b4)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.7...v4.1.8\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner\u003c/strong\u003e: Limit concurrency per task branch in addition to per leaf callbacks (backport)  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10384\"\u003evitest-dev/vitest#10384\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/4f0f2a1ee\"\u003e\u003c!-- raw HTML omitted --\u003e(4f0f2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.6...v4.1.7\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Provide project reference in \u003ccode\u003eToMatchScreenshotResolvePath\u003c/code\u003e  -  by \u003ca href=\"https://github.com/macarie\"\u003e\u003ccode\u003e@​macarie\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10138\"\u003evitest-dev/vitest#10138\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/31882607c\"\u003e\u003c!-- raw HTML omitted --\u003e(31882)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGlobal \u003ccode\u003esequence.concurrent: true\u003c/code\u003e with top-level \u003ccode\u003etest(..., { concurrent: false })\u003c/code\u003e + depreacte \u003ccode\u003esequential\u003c/code\u003e test API and options  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003eCodex\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10196\"\u003evitest-dev/vitest#10196\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/2847dfa2a\"\u003e\u003c!-- raw HTML omitted --\u003e(2847d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Simplify orchestrator otel carrier  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10285\"\u003evitest-dev/vitest#10285\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/18af98cee\"\u003e\u003c!-- raw HTML omitted --\u003e(18af9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🏎 Performance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStringify diff objects only once  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10276\"\u003evitest-dev/vitest#10276\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9f7b1528c\"\u003e\u003c!-- raw HTML omitted --\u003e(9f7b1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.5...v4.1.6\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev4.1.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Experimental Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Istanbul to support \u003ccode\u003einstrumenter\u003c/code\u003e option  -  by \u003ca href=\"https://github.com/BartWaardenburg\"\u003e\u003ccode\u003e@​BartWaardenburg\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10119\"\u003evitest-dev/vitest#10119\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/0e0ff41c7\"\u003e\u003c!-- raw HTML omitted --\u003e(0e0ff)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e--project negation excludes browser instances  -  by \u003ca href=\"https://github.com/felamaslen\"\u003e\u003ccode\u003e@​felamaslen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10131\"\u003evitest-dev/vitest#10131\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9423dc084\"\u003e\u003c!-- raw HTML omitted --\u003e(9423d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProject color label on html reporter  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10142\"\u003evitest-dev/vitest#10142\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/596f73986\"\u003e\u003c!-- raw HTML omitted --\u003e(596f7)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003evi.defineHelper\u003c/code\u003e called as object method  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10163\"\u003evitest-dev/vitest#10163\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/122c25b5b\"\u003e\u003c!-- raw HTML omitted --\u003e(122c2)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlias \u003ccode\u003eagent\u003c/code\u003e reporter to \u003ccode\u003eminimal\u003c/code\u003e  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10157\"\u003evitest-dev/vitest#10157\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/663b99fe3\"\u003e\u003c!-- raw HTML omitted --\u003e(663b9)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions  -  by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e, \u003cstrong\u003esheremet-va\u003c/strong\u003e and \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedad\"\u003e\u003c!-- raw HTML omitted --\u003e(9787d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect diff config options in soft assertions \u0026quot;  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/8696\"\u003evitest-dev/vitest#8696\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd\"\u003e\u003c!-- raw HTML omitted --\u003e(7dc6d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003east-collect\u003c/strong\u003e: Recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery  -  by \u003ca href=\"https://github.com/Yejneshwar\"\u003e\u003ccode\u003e@​Yejneshwar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10129\"\u003evitest-dev/vitest#10129\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab2\"\u003e\u003c!-- raw HTML omitted --\u003e(32546)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecoverage\u003c/strong\u003e: Descriptive error message when reports directory is removed during test run  -  by \u003ca href=\"https://github.com/DaveT1991\"\u003e\u003ccode\u003e@​DaveT1991\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/AriPerkkio\"\u003e\u003ccode\u003e@​AriPerkkio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10117\"\u003evitest-dev/vitest#10117\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/1413382e1\"\u003e\u003c!-- raw HTML omitted --\u003e(14133)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esnapshot\u003c/strong\u003e: Increase default snapshot max output length  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10150\"\u003evitest-dev/vitest#10150\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/21e66ff63\"\u003e\u003c!-- raw HTML omitted --\u003e(21e66)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eui\u003c/strong\u003e: Fix jsx/tsx syntax highlight  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10152\"\u003evitest-dev/vitest#10152\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/f1b1f6c7b\"\u003e\u003c!-- raw HTML omitted --\u003e(f1b1f)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eweb-worker\u003c/strong\u003e: Support MessagePort objects referenced inside postMessage data  -  by \u003ca href=\"https://github.com/whitphx\"\u003e\u003ccode\u003e@​whitphx\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eClaude Opus 4.6 (1M context)\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/9927\"\u003evitest-dev/vitest#9927\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10124\"\u003evitest-dev/vitest#10124\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/7ad7d39af\"\u003e\u003c!-- raw HTML omitted --\u003e(7ad7d)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Make test-specification options writable  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10154\"\u003evitest-dev/vitest#10154\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/6abd557b7\"\u003e\u003c!-- raw HTML omitted --\u003e(6abd5)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v4.1.4...v4.1.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e61f2dd2a0ba0a266c1c5e0334aad3799fee527f\"\u003e\u003ccode\u003ee61f2dd\u003c/code\u003e\u003c/a\u003e chore: release v4.1.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e4067b3b150005fd42cf75f994300119245806b9\"\u003e\u003ccode\u003ee4067b3\u003c/code\u003e\u003c/a\u003e fix(browser): disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a09d47236e19fd3151351080c667036ca6164dc4\"\u003e\u003ccode\u003ea09d472\u003c/code\u003e\u003c/a\u003e chore: release v4.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/a8fd24c1cad2320b19fcc651413c7d928423bdc1\"\u003e\u003ccode\u003ea8fd24c\u003c/code\u003e\u003c/a\u003e chore: release v4.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/18af98cee1830604d57f6a02bf28f8067cdffc06\"\u003e\u003ccode\u003e18af98c\u003c/code\u003e\u003c/a\u003e fix(browser): simplify orchestrator otel carrier (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10285\"\u003e#10285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/31882607cc67c7bf52ead13a606321ffdb06a857\"\u003e\u003ccode\u003e3188260\u003c/code\u003e\u003c/a\u003e feat(browser): provide project reference in \u003ccode\u003eToMatchScreenshotResolvePath\u003c/code\u003e (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/e399846850fedf10b8228cbe46a419628998acd9\"\u003e\u003ccode\u003ee399846\u003c/code\u003e\u003c/a\u003e chore: release v4.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/7dc6d54fd9dda0fe6fee2fb6451d0611a9ecb6e7\"\u003e\u003ccode\u003e7dc6d54\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;fix: respect diff config options in soft assertions (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696\"\u003e#8696\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/9787dedade9896a6d3eeed7739177d6c583a68a7\"\u003e\u003ccode\u003e9787ded\u003c/code\u003e\u003c/a\u003e fix: respect diff config options in soft assertions (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696\"\u003e#8696\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/325463ab292c45c3ef27aa21ec7da380c307052c\"\u003e\u003ccode\u003e325463a\u003c/code\u003e\u003c/a\u003e fix(ast-collect): recognize _\u003cem\u003evi_import\u003c/em\u003e prefix in static test discovery (\u003ca href=\"https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for vitest since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.5.1 to 7.5.16\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/cf213384ac558b539c07c830ed7cca5ffc9e8550\"\u003e\u003ccode\u003ecf21338\u003c/code\u003e\u003c/a\u003e 7.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/21a822027658c8063542be330530bbecdf0dbbfe\"\u003e\u003ccode\u003e21a8220\u003c/code\u003e\u003c/a\u003e do not apply PAX header fields to meta entries\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/52632cf38fdbdbbc7ab86184d68a85b11fdb0970\"\u003e\u003ccode\u003e52632cf\u003c/code\u003e\u003c/a\u003e update project deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/302f51ff3f8eefeccc06be4caf7d0de9b7c321d7\"\u003e\u003ccode\u003e302f51f\u003c/code\u003e\u003c/a\u003e fix inconsequential typo in PENDINGLINKS symbol name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/55dbb99b27640bb12b2ac059b26883c23523b3e3\"\u003e\u003ccode\u003e55dbb99\u003c/code\u003e\u003c/a\u003e remove some uses of mutate-fs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/87cc309f13c21d598b0b833235d387a252455058\"\u003e\u003ccode\u003e87cc309\u003c/code\u003e\u003c/a\u003e 7.5.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7aef486f0d21c10fd7790b16b1b28f04648cf334\"\u003e\u003ccode\u003e7aef486\u003c/code\u003e\u003c/a\u003e fix: regression in pending links detection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6244eb33846bbd407443f5d0e339bd8c91663cd6\"\u003e\u003ccode\u003e6244eb3\u003c/code\u003e\u003c/a\u003e 7.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/9704d8c6f639573775133cbbd541aba83cb46c9c\"\u003e\u003ccode\u003e9704d8c\u003c/code\u003e\u003c/a\u003e stricter protection against hardlinks preempting their targets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/700734f9aeb113bcc5f1400d81b8be7d499e54a2\"\u003e\u003ccode\u003e700734f\u003c/code\u003e\u003c/a\u003e update workflows and deps\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.5.1...v7.5.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 11.1.0 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.15.1 to 1.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e@​modelcontextprotocol/sdk's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.29.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: treat v1.x as primary branch for npm latest tag (backport \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1577\"\u003e#1577\u003c/a\u003e) by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1749\"\u003emodelcontextprotocol/typescript-sdk#1749\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] fix: disallow null (infinite) requested TTL by \u003ca href=\"https://github.com/LucaButBoring\"\u003e\u003ccode\u003e@​LucaButBoring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1339\"\u003emodelcontextprotocol/typescript-sdk#1339\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] fix: add missing size field to ResourceSchema by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1575\"\u003emodelcontextprotocol/typescript-sdk#1575\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd typings exports by \u003ca href=\"https://github.com/tdraier\"\u003e\u003ccode\u003e@​tdraier\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1623\"\u003emodelcontextprotocol/typescript-sdk#1623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev1.x npm audit fix by \u003ca href=\"https://github.com/KKonstantinov\"\u003e\u003ccode\u003e@​KKonstantinov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1780\"\u003emodelcontextprotocol/typescript-sdk#1780\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev1.x \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1623\"\u003e#1623\u003c/a\u003e follow up -add missing types to package.json by \u003ca href=\"https://github.com/KKonstantinov\"\u003e\u003ccode\u003e@​KKonstantinov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1773\"\u003emodelcontextprotocol/typescript-sdk#1773\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x backport] Allow servers / clients to advertise extensions in the capability object by \u003ca href=\"https://github.com/localden\"\u003e\u003ccode\u003e@​localden\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1811\"\u003emodelcontextprotocol/typescript-sdk#1811\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(stdio): always set windowsHide on Windows, not just in Electron by \u003ca href=\"https://github.com/jnMetaCode\"\u003e\u003ccode\u003e@​jnMetaCode\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1640\"\u003emodelcontextprotocol/typescript-sdk#1640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.29.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1820\"\u003emodelcontextprotocol/typescript-sdk#1820\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tdraier\"\u003e\u003ccode\u003e@​tdraier\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1623\"\u003emodelcontextprotocol/typescript-sdk#1623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnMetaCode\"\u003e\u003ccode\u003e@​jnMetaCode\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1640\"\u003emodelcontextprotocol/typescript-sdk#1640\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.28.0...v1.29.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.28.0...v1.29.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.28.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: use scopes_supported from resource metadata by default (fixes \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/580\"\u003e#580\u003c/a\u003e) by \u003ca href=\"https://github.com/antogyn\"\u003e\u003ccode\u003e@​antogyn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/757\"\u003emodelcontextprotocol/typescript-sdk#757\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x backport] Default to client_secret_basic when server omits token_endpoint_auth_methods_supported by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1611\"\u003emodelcontextprotocol/typescript-sdk#1611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: reject plain JSON Schema objects passed as inputSchema by \u003ca href=\"https://github.com/tiluckdave\"\u003e\u003ccode\u003e@​tiluckdave\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1596\"\u003emodelcontextprotocol/typescript-sdk#1596\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: clear _timeoutInfo in _onclose() and scope .finally() abort controller cleanup by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1462\"\u003emodelcontextprotocol/typescript-sdk#1462\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(server/auth): RFC 8252 loopback port relaxation by \u003ca href=\"https://github.com/poteat\"\u003e\u003ccode\u003e@​poteat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1738\"\u003emodelcontextprotocol/typescript-sdk#1738\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.28.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1746\"\u003emodelcontextprotocol/typescript-sdk#1746\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/antogyn\"\u003e\u003ccode\u003e@​antogyn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/757\"\u003emodelcontextprotocol/typescript-sdk#757\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tiluckdave\"\u003e\u003ccode\u003e@​tiluckdave\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1596\"\u003emodelcontextprotocol/typescript-sdk#1596\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/poteat\"\u003e\u003ccode\u003e@​poteat\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1738\"\u003emodelcontextprotocol/typescript-sdk#1738\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.1...v1.28.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.1...v1.28.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: implement auth/pre-registration conformance scenario by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1545\"\u003emodelcontextprotocol/typescript-sdk#1545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add governance documentation for SEP-1730 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1547\"\u003emodelcontextprotocol/typescript-sdk#1547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: comprehensive feature documentation for SEP-1730 Tier 1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1548\"\u003emodelcontextprotocol/typescript-sdk#1548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent command injection in example URL opening (v1.x backport) by \u003ca href=\"https://github.com/maxisbey\"\u003e\u003ccode\u003e@​maxisbey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1579\"\u003emodelcontextprotocol/typescript-sdk#1579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: call onerror for silently swallowed transport errors by \u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.27.1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1581\"\u003emodelcontextprotocol/typescript-sdk#1581\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/e12cbd7078db388152f6e839abdbe09ba01f3f32\"\u003e\u003ccode\u003ee12cbd7\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.29.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1820\"\u003e#1820\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/3913fd4443a86536155e3ebef9edd2045c372c1e\"\u003e\u003ccode\u003e3913fd4\u003c/code\u003e\u003c/a\u003e fix(stdio): always set windowsHide on Windows, not just in Electron (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1640\"\u003e#1640\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/5608e78dd0d4ca6cd7dd03278419578f1780365a\"\u003e\u003ccode\u003e5608e78\u003c/code\u003e\u003c/a\u003e [v1.x backport] Allow servers / clients to advertise extensions in the capabi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/7213816788e634ffb9d09affe50f0295093bfb73\"\u003e\u003ccode\u003e7213816\u003c/code\u003e\u003c/a\u003e v1.x \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1623\"\u003e#1623\u003c/a\u003e follow up -add missing types to package.json (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1773\"\u003e#1773\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/364f38ca2d8895aed7c37b7a0a1031bb7ae4841c\"\u003e\u003ccode\u003e364f38c\u003c/code\u003e\u003c/a\u003e v1.x npm audit fix (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1780\"\u003e#1780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/c95cc0943b045517e4cc414baf1f168b216c3142\"\u003e\u003ccode\u003ec95cc09\u003c/code\u003e\u003c/a\u003e Add typings exports (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1623\"\u003e#1623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/ddadaa6cc633fb5db0c094bf031b15b68a357820\"\u003e\u003ccode\u003eddadaa6\u003c/code\u003e\u003c/a\u003e [v1.x] fix: add missing size field to ResourceSchema (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1575\"\u003e#1575\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/2a158513028d9f862c4188b6957e78cd5663f26b\"\u003e\u003ccode\u003e2a15851\u003c/code\u003e\u003c/a\u003e [v1.x] fix: disallow null (infinite) requested TTL (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1339\"\u003e#1339\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/13e30f1d36de8442417fec695983bdb155c00768\"\u003e\u003ccode\u003e13e30f1\u003c/code\u003e\u003c/a\u003e fix: treat v1.x as primary branch for npm latest tag (backport \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1577\"\u003e#1577\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1749\"\u003e#1749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/a0565695218544fc53e99bf5b544a887d373cefa\"\u003e\u003ccode\u003ea056569\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.28.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1746\"\u003e#1746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.15.1...v1.29.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~pcarleton\"\u003epcarleton\u003c/a\u003e, a new releaser for \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 7.0.0 to 9.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e9.0.0\u003c/h2\u003e\n\u003cp\u003e(All changes part of PR \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/672\"\u003e#672\u003c/a\u003e.)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eES5 support is dropped\u003c/strong\u003e. \u003ccode\u003eparsePatch\u003c/code\u003e now uses \u003ccode\u003eTextDecoder\u003c/code\u003e and \u003ccode\u003eUint8Array\u003c/code\u003e, which are not available in ES5, and TypeScript is now compiled with the \u0026quot;es6\u0026quot; \u003ccode\u003etarget\u003c/code\u003e. From now on, I intend to freely use any features that are deemed \u0026quot;Widely available\u0026quot; by \u003ca href=\"https://web.dev/baseline\"\u003eBaseline\u003c/a\u003e. Users who need ES5 support should stick to version 8.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eC-style quoted strings in filename headers are now properly supported\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eWhen the name of either the old or new file in a patch contains \u0026quot;special characters\u0026quot;, both GNU \u003ccode\u003ediff\u003c/code\u003e and Git quote the filename in the patch's headers and escape special characters using the same escape sequences that are used in string literals in C, including octal escapes for all non-ASCII characters. Previously, jsdiff had very little support for this; \u003ccode\u003eparsePatch\u003c/code\u003e would remove the quotes, and unescape any escaped backslashes, but would not unescape other escape sequences. \u003ccode\u003eformatPatch\u003c/code\u003e, meanwhile, did not quote or escape special characters at all.\u003c/p\u003e\n\u003cp\u003eNow, \u003ccode\u003eparsePatch\u003c/code\u003e parses all the possible escape sequences that GNU diff (or Git) ever output, and \u003ccode\u003eformatPatch\u003c/code\u003e quotes and escapes filenames containing special characters in the same way GNU diff does.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e now omits file headers when \u003ccode\u003eoldFileName\u003c/code\u003e or \u003ccode\u003enewFileName\u003c/code\u003e in the provided patch object are \u003ccode\u003eundefined\u003c/code\u003e\u003c/strong\u003e, regardless of the \u003ccode\u003eheaderOptions\u003c/code\u003e parameter. (Previously, it would treat the absence of \u003ccode\u003eoldFileName\u003c/code\u003e or \u003ccode\u003enewFileName\u003c/code\u003e as indicating the filename was the word \u0026quot;undefined\u0026quot; and emit headers \u003ccode\u003e--- undefined\u003c/code\u003e / \u003ccode\u003e+++ undefined\u003c/code\u003e.)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e no longer outputs trailing tab characters at the end of \u003ccode\u003e---\u003c/code\u003e/\u003ccode\u003e+++\u003c/code\u003e headers.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003ePreviously, if \u003ccode\u003eformatPatch\u003c/code\u003e was passed a patch object to serialize that had empty strings for the \u003ccode\u003eoldHeader\u003c/code\u003e or \u003ccode\u003enewHeader\u003c/code\u003e property, it would include a trailing tab character after the filename in the \u003ccode\u003e---\u003c/code\u003e and/or \u003ccode\u003e+++\u003c/code\u003e file header. Now, this scenario is treated the same as when \u003ccode\u003eoldHeader\u003c/code\u003e/\u003ccode\u003enewHeader\u003c/code\u003e is \u003ccode\u003eundefined\u003c/code\u003e - i.e. the trailing tab is omitted.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e no longer mutates its input\u003c/strong\u003e when serializing a patch containing a hunk where either the old or new content contained zero lines. (Such a hunk occurs only when the hunk has no context lines and represents a pure insertion or pure deletion, which for instance will occur whenever one of the two files being diffed is completely empty.) Previously \u003ccode\u003eformatPatch\u003c/code\u003e would provide the correct output but also mutate the \u003ccode\u003eoldLines\u003c/code\u003e or \u003ccode\u003enewLines\u003c/code\u003e property on the hunk, changing the meaning of the underlying patch.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eGit-style patches are now supported by \u003ccode\u003eparsePatch\u003c/code\u003e, \u003ccode\u003eformatPatch\u003c/code\u003e, and \u003ccode\u003ereversePatch\u003c/code\u003e\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003ePatches output by \u003ccode\u003egit diff\u003c/code\u003e can include some features that are unlike those output by GNU \u003ccode\u003ediff\u003c/code\u003e, and therefore not handled by an ordinary unified diff format parser. An ordinary diff simply describes the differences between the \u003cem\u003econtent\u003c/em\u003e of two files, but Git diffs can also indicate, via \u0026quot;extended headers\u0026quot;, the creation or deletion of (potentially empty) files, indicate that a file was renamed, and contain information about file mode changes. Furthermore, when these changes appear in a diff in the absence of a content change (e.g. when an empty file is created, or a file is renamed without content changes), the patch will contain no associated \u003ccode\u003e---\u003c/code\u003e/\u003ccode\u003e+++\u003c/code\u003e file headers nor any hunks.\u003c/p\u003e\n\u003cp\u003ejsdiff previously did not support parsing Git's extended headers, nor hunkless patches. Now \u003ccode\u003eparsePatch\u003c/code\u003e parses some of the extended headers, parses hunkless Git patches, and can determine filenames (e.g. from the extended headers) when parsing a patch that includes no \u003ccode\u003e---\u003c/code\u003e or \u003ccode\u003e+++\u003c/code\u003e file headers. The additional information conveyed by the extended headers we support is recorded on new fields on the result object returned by \u003ccode\u003eparsePatch\u003c/code\u003e. See \u003ccode\u003eisGit\u003c/code\u003e and subsequent properties in the docs in the README.md file.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003eformatPatch\u003c/code\u003e now outputs extended headers based on these new Git-specific properties, and \u003ccode\u003ereversePatch\u003c/code\u003e respects them as far as possible (with one unavoidable caveat noted in the README.md file).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eUnpaired file headers now cause \u003ccode\u003eparsePatch\u003c/code\u003e to throw\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eIt remains acceptable to have a patch with no file headers whatsoever (e.g. one that begins with a \u003ccode\u003e@@\u003c/code\u003e hunk header on the very first line), but a patch with \u003cem\u003eonly\u003c/em\u003e a \u003ccode\u003e---\u003c/code\u003e header or only a \u003ccode\u003e+++\u003c/code\u003e header is now considered an error.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eparsePatch\u003c/code\u003e is now more tolerant of \u0026quot;trailing garbage\u0026quot;\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThat is: after a patch, or between files/indexes in a patch, it is now acceptable to have arbitrary lines of \u0026quot;garbage\u0026quot; (so long as they unambiguously have no syntactic meaning - e.g. trailing garbage that leads with a \u003ccode\u003e+\u003c/code\u003e, \u003ccode\u003e-\u003c/code\u003e, or \u003ccode\u003e \u003c/code\u003e and thus is interpretable as part of a hunk still triggers a throw).\u003c/p\u003e\n\u003cp\u003eThis means we no longer reject patches output by tools that include extra data in \u0026quot;garbage\u0026quot; lines not understood by generic unified diff parsers. (For example, SVN patches can include \u0026quot;Property changes on:\u0026quot; lines that generic unified diff parsers should discard as garbage; jsdiff previously threw errors when encountering them.)\u003c/p\u003e\n\u003cp\u003eThis change brings jsdiff's behaviour more in line with GNU \u003ccode\u003epatch\u003c/code\u003e, which is highly permissive of \u0026quot;garbage\u0026quot;.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThe \u003ccode\u003eoldFileName\u003c/code\u003e and \u003ccode\u003enewFileName\u003c/code\u003e fields of \u003ccode\u003eStructuredPatch\u003c/code\u003e are now typed as \u003ccode\u003estring | undefined\u003c/code\u003e instead of \u003ccode\u003estring\u003c/code\u003e\u003c/strong\u003e. This type change reflects the (pre-existing) reality that \u003ccode\u003eparsePatch\u003c/code\u003e can produce patches without filenames (e.g. when parsing a patch that simply contains hunks with no file headers).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/667\"\u003e#667\u003c/a\u003e - \u003cstrong\u003efix another bug in \u003ccode\u003ediffWords\u003c/code\u003e when used with an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e\u003c/strong\u003e. If the text to be diffed included a combining mark after a whitespace character (i.e. roughly speaking, an accented space), \u003ccode\u003ediffWords\u003c/code\u003e would previously crash. Now this case is handled correctly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/631\"\u003e#631\u003c/a\u003e - \u003cstrong\u003efix support for using an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e with \u003ccode\u003ediffWords\u003c/code\u003e\u003c/strong\u003e. This has been almost completely broken since the feature was added in v6.0.0, since it would outright crash on any text that featured two consecutive newlines between a pair of words (a very common case).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/635\"\u003e#635\u003c/a\u003e - \u003cstrong\u003esmall tweaks to tokenization behaviour of \u003ccode\u003ediffWords\u003c/code\u003e\u003c/strong\u003e when used \u003cem\u003ewithout\u003c/em\u003e an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e. Specifically, the soft hyphen (U+00AD) is no longer considered to be a word break, and the multiplication and division signs (\u003ccode\u003e×\u003c/code\u003e and \u003ccode\u003e÷\u003c/code\u003e) are now treated as punctuation instead of as letters / word characters.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/ed13aca03aa25735fafc0645d1185e7a1c68fd8c\"\u003e\u003ccode\u003eed13aca\u003c/code\u003e\u003c/a\u003e Update version in package.json and in release notes (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/683\"\u003e#683\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/7a49317b503a932b88fc72ad9c57a481df038e24\"\u003e\u003ccode\u003e7a49317\u003c/code\u003e\u003c/a\u003e Bump dependencies again (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/682\"\u003e#682\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/afe5aecad189c9f5941ad3feb3c94c46b32ecb0a\"\u003e\u003ccode\u003eafe5aec\u003c/code\u003e\u003c/a\u003e Add Git support, and otherwise variously improve \u0026amp; fix parsePatch (and other ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/2e46779d8866ce7da1303a03db33ed038590c6f6\"\u003e\u003ccode\u003e2e46779\u003c/code\u003e\u003c/a\u003e Fix a typo (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/679\"\u003e#679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/dd2f99497703a1540b2ae406b51c49b74b5fc1a1\"\u003e\u003ccode\u003edd2f994\u003c/code\u003e\u003c/a\u003e 8.0.4 release (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/3cc438434db53c5d1c40412b727ea7650f6f145a\"\u003e\u003ccode\u003e3cc4384\u003c/code\u003e\u003c/a\u003e Update docs on releasing to reflect migration to yarn berry (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/6fc2aa6b7672af08774b50aae00d97b99c5b5715\"\u003e\u003ccode\u003e6fc2aa6\u003c/code\u003e\u003c/a\u003e yarn up '*' \u0026amp;\u0026amp; yarn up -R '**' (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/676\"\u003e#676\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/af7393ac3404565dc8da655c2e7aeeed28c01ff7\"\u003e\u003ccode\u003eaf7393a\u003c/code\u003e\u003c/a\u003e yarn up '*' \u0026amp;\u0026amp; yarn up -R '**' (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4b5d1800370bf29b61a3378fb8086aeb231d3ef7\"\u003e\u003ccode\u003e4b5d180\u003c/code\u003e\u003c/a\u003e Fix another bug in diffWords's \u0026quot;intlSegmenter\u0026quot; mode (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/667\"\u003e#667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/10da50c466709e7bd4b192dac96af0af46f8b7bd\"\u003e\u003ccode\u003e10da50c\u003c/code\u003e\u003c/a\u003e yarn up '*' \u0026amp;\u0026amp; yarn up -R '**' (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/666\"\u003e#666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/7.0.0...v9.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `shell-quote` from 1.8.3 to 1.8.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md\"\u003eshell-quote's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/ljharb/shell-quote/compare/v1.8.3...v1.8.4\"\u003ev1.8.4\u003c/a\u003e - 2026-05-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003equote\u003c/code\u003e: validate object-token shapes \u003ca href=\"https://github.com/ljharb/shell-quote/commit/4378a6e613db5948168684864e49b42b83134d2d\"\u003e\u003ccode\u003e4378a6e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/ljharb/shell-quote/commit/22ebec04349065a45ad8afc8cc8d53c4624634a6\"\u003e\u003ccode\u003e22ebec0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage \u003ca href=\"https://github.com/ljharb/shell-quote/commit/9f3caa31900cc6ee64858b31134144c648ce206d\"\u003e\u003ccode\u003e9f3caa3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge \u003ca href=\"https://github.com/ljharb/shell-quote/commit/3344a047dd1e95f71c4ca27522cbfd05c56277e0\"\u003e\u003ccode\u003e3344a04\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/ljharb/shell-quote/commit/699c5113d135f4d4591574bebf173334ffa453d4\"\u003e\u003ccode\u003e699c511\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/shell-quote/commit/ff166e2b63eb5f932bd131a8886a99e9afdf45ae\"\u003e\u003ccode\u003eff166e2\u003c/code\u003e\u003c/a\u003e v1.8.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github....\n\n_Description has been truncated_","html_url":"https://github.com/HarleyCoops/gemini-cli/pull/13","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HarleyCoops%2Fgemini-cli/issues/13","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/13/packages"}},{"old_version":"6.12.6","new_version":"6.15.0","update_type":"minor","path":null,"pr_created_at":"2026-06-10T15:34:51.000Z","version_change":"6.12.6 → 6.15.0","issue":{"uuid":"4632678706","node_id":"PR_kwDOQIL6Ks7k7Ec0","number":1,"state":"closed","title":"build(deps): bump the npm_and_yarn group across 1 directory with 16 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-11T01:25:38.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-10T15:34:51.000Z","updated_at":"2026-06-11T01:25:40.000Z","time_to_close":35447,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"npm_and_yarn","update_count":16,"packages":[{"name":"@babel/runtime","old_version":"7.17.8","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"base-x","old_version":"3.0.9","new_version":"3.0.11","repository_url":"https://github.com/cryptocoinjs/base-x"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.15","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"cross-spawn","old_version":"7.0.3","new_version":"7.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"follow-redirects","old_version":"1.14.9","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.6","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"protocol-buffers-schema","old_version":"3.6.0","new_version":"3.6.1","repository_url":"https://github.com/mafintosh/protocol-buffers-schema"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar-fs","old_version":"1.16.3","new_version":"1.16.6","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tmp","old_version":"0.2.1","new_version":"0.2.7","repository_url":"https://github.com/raszi/node-tmp"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 16 updates in the /subgraphs/yeti-finance directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.17.8` | `7.29.7` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [base-x](https://github.com/cryptocoinjs/base-x) | `3.0.9` | `3.0.11` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.15` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.9` | `1.16.0` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.6` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [protocol-buffers-schema](https://github.com/mafintosh/protocol-buffers-schema) | `3.6.0` | `3.6.1` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `1.16.3` | `1.16.6` |\n| [tmp](https://github.com/raszi/node-tmp) | `0.2.1` | `0.2.7` |\n\n\nUpdates `@babel/runtime` from 7.17.8 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/runtime's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6\"\u003e\u003ccode\u003ecac0ff4\u003c/code\u003e\u003c/a\u003e v7.28.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/f68ac511f091f6d1f698e8ce59cd668d3bfc6102\"\u003e\u003ccode\u003ef68ac51\u003c/code\u003e\u003c/a\u003e chore: Avoid CITGM errors (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17382\"\u003e#17382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/baa4cb8b9f8a551d7dae9042b19ea2f74df6b110\"\u003e\u003ccode\u003ebaa4cb8\u003c/code\u003e\u003c/a\u003e v7.27.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/7d069309fdfcedda2928a043f6f7c98135c1242a\"\u003e\u003ccode\u003e7d06930\u003c/code\u003e\u003c/a\u003e v7.27.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/5b9468d9bf1ab4f427241673e9f03593da115a69\"\u003e\u003ccode\u003e5b9468d\u003c/code\u003e\u003c/a\u003e Reduce \u003ccode\u003eregenerator\u003c/code\u003e size more (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17287\"\u003e#17287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-runtime\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/runtime\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `base-x` from 3.0.9 to 3.0.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/043a888a9bae09bc4b40500e37792e2c6398e9f2\"\u003e\u003ccode\u003e043a888\u003c/code\u003e\u003c/a\u003e 3.0.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/2705dddd2565b455641985974b534291d8defb31\"\u003e\u003ccode\u003e2705ddd\u003c/code\u003e\u003c/a\u003e [backport 3.x] Prohibit char codes that would overflow the \u003ccode\u003eBASE_MAP\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/3d43c0e16bfbc045a0a8bb6423e6e336df81b512\"\u003e\u003ccode\u003e3d43c0e\u003c/code\u003e\u003c/a\u003e 3.0.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/0a3544695fa6800649a8b78ed46cece61bcdbbe5\"\u003e\u003ccode\u003e0a35446\u003c/code\u003e\u003c/a\u003e Improve decoding performance\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cryptocoinjs/base-x/compare/v3.0.9...v3.0.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `braces` from 3.0.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/74b2db2938fad48a2ea54a9c8bf27a37a62c350d\"\u003e\u003ccode\u003e74b2db2\u003c/code\u003e\u003c/a\u003e 3.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/88f1429a0f47e1dd3813de35211fc97ffda27f9e\"\u003e\u003ccode\u003e88f1429\u003c/code\u003e\u003c/a\u003e update eslint. lint, fix unit tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff\"\u003e\u003ccode\u003e415d660\u003c/code\u003e\u003c/a\u003e Snyk js braces 6838727 (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/190510f79db1adf21d92798b0bb6fccc1f72c9d6\"\u003e\u003ccode\u003e190510f\u003c/code\u003e\u003c/a\u003e fix tests, skip 1 test in test/braces.expand\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/716eb9f12d820b145a831ad678618731927e8856\"\u003e\u003ccode\u003e716eb9f\u003c/code\u003e\u003c/a\u003e readme bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/a5851e57f45c3431a94d83fc565754bc10f5bbc3\"\u003e\u003ccode\u003ea5851e5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/braces/issues/37\"\u003e#37\u003c/a\u003e from coderaiser/fix/vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/2092bd1fb108d2c59bd62e243b70ad98db961538\"\u003e\u003ccode\u003e2092bd1\u003c/code\u003e\u003c/a\u003e feature: braces: add maxSymbols (\u003ca href=\"https://github.com/micromatch/braces/issues/\"\u003ehttps://github.com/micromatch/braces/issues/\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/9f5b4cf47329351bcb64287223ffb6ecc9a5e6d3\"\u003e\u003ccode\u003e9f5b4cf\u003c/code\u003e\u003c/a\u003e fix: vulnerability (\u003ca href=\"https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\"\u003ehttps://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/98414f9f1fabe021736e26836d8306d5de747e0d\"\u003e\u003ccode\u003e98414f9\u003c/code\u003e\u003c/a\u003e remove funding file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/665ab5d561c017a38ba7aafd92cc6655b91d8c14\"\u003e\u003ccode\u003e665ab5d\u003c/code\u003e\u003c/a\u003e update keepEscaping doc (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/27\"\u003e#27\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/braces/compare/3.0.2...3.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 7.0.3 to 7.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.5...v7.0.6\"\u003e7.0.6\u003c/a\u003e (2024-11-18)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate cross-spawn version to 7.0.5 in package-lock.json (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003ef700743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.4...v7.0.5\"\u003e7.0.5\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix escaping bug introduced by backtracking (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e640d391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.4\"\u003e7.0.4\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e5ff3a07\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/77cd97f3ca7b62c904a63a698fc4a79bf41977d0\"\u003e\u003ccode\u003e77cd97f\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/6717de49ff1e5de49622488dcb9c33fb25370c85\"\u003e\u003ccode\u003e6717de4\u003c/code\u003e\u003c/a\u003e chore: upgrade standard-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003e\u003ccode\u003ef700743\u003c/code\u003e\u003c/a\u003e fix: update cross-spawn version to 7.0.5 in package-lock.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9a7e3b2165917367f74b8365faad9873b30d7263\"\u003e\u003ccode\u003e9a7e3b2\u003c/code\u003e\u003c/a\u003e chore: fix build status badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/085268352dcbcad8064c64c5efb25268b4023184\"\u003e\u003ccode\u003e0852683\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e\u003ccode\u003e640d391\u003c/code\u003e\u003c/a\u003e fix: fix escaping bug introduced by backtracking\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/bff0c87c8b627c4e6d04ec2449e733048bebb464\"\u003e\u003ccode\u003ebff0c87\u003c/code\u003e\u003c/a\u003e chore: remove codecov\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/a7c6abc6fee79641d45b452fe6217deaa1bd0973\"\u003e\u003ccode\u003ea7c6abc\u003c/code\u003e\u003c/a\u003e chore: replace travis with github workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9b9246e0969e86656d7ccd527716bc3c18842a19\"\u003e\u003ccode\u003e9b9246e\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e\u003ccode\u003e5ff3a07\u003c/code\u003e\u003c/a\u003e fix: disable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.14.9 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.14.9...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pbkdf2` from 3.1.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md\"\u003epbkdf2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.5...v3.1.6\"\u003ev3.1.6\u003c/a\u003e - 2026-05-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[New] add TypeScript type declarations \u003ca href=\"https://github.com/browserify/pbkdf2/commit/fb1f74746f8f1ab171d7d43ede48eeca9e694ce3\"\u003e\u003ccode\u003efb1f747\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] coerce \u003ccode\u003e-0\u003c/code\u003e keylen to \u003ccode\u003e+0\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7c4a4959142269cbfae8b1448e3a5848b84ac2f4\"\u003e\u003ccode\u003e7c4a495\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3cce1691f5021a70673ecb8833f729c1840cd38\"\u003e\u003ccode\u003ee3cce16\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix an error \u003ca href=\"https://github.com/browserify/pbkdf2/commit/f6b0e424257980e3331da18bd7d1ed3232d17afd\"\u003e\u003ccode\u003ef6b0e42\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix \u003ccode\u003enpm run postlint\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/b729629ca1ced08e42ecd5419a7971f20307ebb5\"\u003e\u003ccode\u003eb729629\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/5e0cf517d1124dd42df315b0cc5cc6219426350b\"\u003e\u003ccode\u003e5e0cf51\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/1c3b1f526b052a29b3b42120c9821895772df7e8\"\u003e\u003ccode\u003e1c3b1f5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge \u003ca href=\"https://github.com/browserify/pbkdf2/commit/528bd3861dda05e2d7e1ef7cbb724baca43766e3\"\u003e\u003ccode\u003e528bd38\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.4...v3.1.5\"\u003ev3.1.5\u003c/a\u003e - 2025-09-23\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] only allow finite iterations \u003ca href=\"https://github.com/browserify/pbkdf2/commit/67bd94dbbf21b93f5e282ee910728945c8ef2827\"\u003e\u003ccode\u003e67bd94d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] restore node 0.10 support \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8f59d962f71dcb2cc14067d7f514ff96e3406f81\"\u003e\u003ccode\u003e8f59d96\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] check parameters before the \u0026quot;no Promise\u0026quot; bailout \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d2dc5f052cacadf3d4a09d87164158da875ca740\"\u003e\u003ccode\u003ed2dc5f0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.3...v3.1.4\"\u003ev3.1.4\u003c/a\u003e - 2025-09-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ecreate-hash\u003c/code\u003e, \u003ccode\u003eripemd160\u003c/code\u003e, \u003ccode\u003esha.js\u003c/code\u003e, \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8dbf49b38235066c565a92eaf3722720a1333a2d\"\u003e\u003ccode\u003e8dbf49b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] update repo URLs \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d15bc351de0edbed394d2a6189176960aaa0d050\"\u003e\u003ccode\u003ed15bc35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/aaf870b1d1855e6a381af05021f304294a79f7c9\"\u003e\u003ccode\u003eaaf870b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.2...v3.1.3\"\u003ev3.1.3\u003c/a\u003e - 2025-06-20\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8b067308eedcc3b7da3e06202d437ff532de75bd\"\u003e\u003ccode\u003e8b06730\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix whitespace \u003ca href=\"https://github.com/browserify/pbkdf2/commit/9a76e2f37ef4541aeff92d97b7335b7fa6e989a8\"\u003e\u003ccode\u003e9a76e2f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix parens/curlies/semis/etc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/6fd84bf64a423d207d9e665f3e9fd88b148c4480\"\u003e\u003ccode\u003e6fd84bf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/796c38d428ed9546e7ddfbb38322faa99921d716\"\u003e\u003ccode\u003e796c38d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node 17 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/3661fb0156177bfe380c7bcc133917e7ee501bc7\"\u003e\u003ccode\u003e3661fb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;[Tests] fix tests in node \u0026lt; 3\u0026quot; \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7431b5766805cbf880c1b3d0f38d484357844ff7\"\u003e\u003ccode\u003e7431b57\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node \u0026lt; 3 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/eb9f97a66ed83836bebc4ff563a1588248708501\"\u003e\u003ccode\u003eeb9f97a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] ensure unknown algorithms throw + known ones match node \u003ca href=\"https://github.com/browserify/pbkdf2/commit/26d4fd391e00ed806840ea1ef7341937985f4ba8\"\u003e\u003ccode\u003e26d4fd3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add GHA, always run nyc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/513906a735e80a0e125e1a3363c5dbe90bb34bb7\"\u003e\u003ccode\u003e513906a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix a few more rules \u003ca href=\"https://github.com/browserify/pbkdf2/commit/ab04da834a0342cb3779486314fa67ebc1e3f035\"\u003e\u003ccode\u003eab04da8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] switch to eslint \u003ca href=\"https://github.com/browserify/pbkdf2/commit/89694cf7e4062a8c924fbe74ad2b2d3cf78f1715\"\u003e\u003ccode\u003e89694cf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add coverage \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d0d534bfdc4db6d6ea9f719606ad18a78db6c124\"\u003e\u003ccode\u003ed0d534b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb\"\u003e\u003ccode\u003ee3102a8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] improve badges \u003ca href=\"https://github.com/browserify/pbkdf2/commit/fca0c9d4c5b053d911315a3607367d1db9f9f605\"\u003e\u003ccode\u003efca0c9d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] remove unused travis file \u003ca href=\"https://github.com/browserify/pbkdf2/commit/a2c7d93bbcad73c49dad0c18fef6b8a4af8c3310\"\u003e\u003ccode\u003ea2c7d93\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] switch from \u003ccode\u003efiles\u003c/code\u003e to \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7f31fbca528fa5af3b7d3910daf09a7e5ed8adb4\"\u003e\u003ccode\u003e7f31fbc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] use .nycrc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8d628e8d5559b4acd4d4a714afb04a2990f901b7\"\u003e\u003ccode\u003e8d628e8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/ea4768bd09be327904b4ac075d9328c7c7ee2404\"\u003e\u003ccode\u003eea4768b\u003c/code\u003e\u003c/a\u003e v3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/b729629ca1ced08e42ecd5419a7971f20307ebb5\"\u003e\u003ccode\u003eb729629\u003c/code\u003e\u003c/a\u003e [Tests] fix \u003ccode\u003enpm run postlint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/7c4a4959142269cbfae8b1448e3a5848b84ac2f4\"\u003e\u003ccode\u003e7c4a495\u003c/code\u003e\u003c/a\u003e [Fix] coerce \u003ccode\u003e-0\u003c/code\u003e keylen to \u003ccode\u003e+0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/5e0cf517d1124dd42df315b0cc5cc6219426350b\"\u003e\u003ccode\u003e5e0cf51\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/1c3b1f526b052a29b3b42120c9821895772df7e8\"\u003e\u003ccode\u003e1c3b1f5\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3cce1691f5021a70673ecb8833f729c1840cd38\"\u003e\u003ccode\u003ee3cce16\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/f6b0e424257980e3331da18bd7d1ed3232d17afd\"\u003e\u003ccode\u003ef6b0e42\u003c/code\u003e\u003c/a\u003e [eslint] fix an error\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/fb1f74746f8f1ab171d7d43ede48eeca9e694ce3\"\u003e\u003ccode\u003efb1f747\u003c/code\u003e\u003c/a\u003e [New] add TypeScript type declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/528bd3861dda05e2d7e1ef7cbb724baca43766e3\"\u003e\u003ccode\u003e528bd38\u003c/code\u003e\u003c/a\u003e [readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/36879052911703147a6dfa5e97422126bf3cda5b\"\u003e\u003ccode\u003e3687905\u003c/code\u003e\u003c/a\u003e v3.1.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.2...v3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for pbkdf2 since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protocol-buffers-schema` from 3.6.0 to 3.6.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/protocol-buffers-schema/commit/46c34bd3199aa1e32374a1af59d02413b9ea197a\"\u003e\u003ccode\u003e46c34bd\u003c/code\u003e\u003c/a\u003e 3.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/protocol-buffers-schema/commit/2351031dd6f1d58930b8e46548e91b1e96f7c20c\"\u003e\u003ccode\u003e2351031\u003c/code\u003e\u003c/a\u003e Fixed parse.js to prevent Prototype Pollution (\u003ca href=\"https://redirect.github.com/mafintosh/protocol-buffers-schema/issues/70\"\u003e#70\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mafintosh/protocol-buffers-schema/compare/v3.6.0...v3.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sha.js` from 2.4.11 to 2.4.12\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/sha.js/blob/master/CHANGELOG.md\"\u003esha.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/sha.js/compare/v2.4.11...v2.4.12\"\u003ev2.4.12\u003c/a\u003e - 2025-07-01\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] switch to eslint \u003ca href=\"https://github.com/browserify/sha.js/commit/7acadfbd3abb558880212b20669fcb09e1aa1c58\"\u003e\u003ccode\u003e7acadfb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/b46e7116ebeaa82f34bbf2d7494fff7ef46eab3e\"\u003e\u003ccode\u003eb46e711\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix package.json indentation \u003ca href=\"https://github.com/browserify/sha.js/commit/df9d521e16ddf55dc877c43c05706d43c057fad4\"\u003e\u003ccode\u003edf9d521\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/sha.js/commit/c43c64adc6d3607d470538df72338fc02e63bc24\"\u003e\u003ccode\u003ec43c64a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] support multi-byte wide typed arrays \u003ca href=\"https://github.com/browserify/sha.js/commit/f2a258e9f2d0fcd113bfbaa49706e1ac0d979ba5\"\u003e\u003ccode\u003ef2a258e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] reorder package.json \u003ca href=\"https://github.com/browserify/sha.js/commit/d8d77c0a729c99593e304047f9d4335b498fd9ed\"\u003e\u003ccode\u003ed8d77c0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/35aec35c667b606b2495be3e4186bbe977b9e087\"\u003e\u003ccode\u003e35aec35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] avoid console logs \u003ca href=\"https://github.com/browserify/sha.js/commit/73e33ae0ca6bca232627cac7473028e1d218f67e\"\u003e\u003ccode\u003e73e33ae\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests run in batch \u003ca href=\"https://github.com/browserify/sha.js/commit/262913006e94616c8cd245ef6bd61bc4410b29e3\"\u003e\u003ccode\u003e2629130\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] drop node requirement to 0.10 \u003ca href=\"https://github.com/browserify/sha.js/commit/00c7f234aa3bdbd427ffeb929bacbb05334eb3e9\"\u003e\u003ccode\u003e00c7f23\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ebuffer\u003c/code\u003e, \u003ccode\u003ehash-test-vectors\u003c/code\u003e, \u003ccode\u003estandard\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypedarray\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/92b5de5f67472d9f18413d38ad5b9aba29ff4c22\"\u003e\u003ccode\u003e92b5de5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] drop node requirement to v3 \u003ca href=\"https://github.com/browserify/sha.js/commit/9b5eca80fd9bb21cf05bdf43ce42661f1bbafeaa\"\u003e\u003ccode\u003e9b5eca8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] set engines to \u003ccode\u003e\u0026amp;gt;= 4\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/807084c5c0f943459e89838252cafbd175b549b7\"\u003e\u003ccode\u003e807084c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/sha.js/commit/c72789c7a129cf453d44008ba27a88b90ac7989b\"\u003e\u003ccode\u003ec72789c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/5428cfc6f7177ad1a41c837b9387308848db96de\"\u003e\u003ccode\u003e5428cfc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/2dbe0aab419e90add5032c70c9663b8fc562adb8\"\u003e\u003ccode\u003e2dbe0aa\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate README to reflect LICENSE \u003ca href=\"https://github.com/browserify/sha.js/commit/8938256dbb2241a7c749e4a399dbaff48cbe8e95\"\u003e\u003ccode\u003e8938256\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/sha.js/commit/d52889688ce524e63570f35e448635a29e6dd791\"\u003e\u003ccode\u003ed528896\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused \u003ccode\u003ebuffer\u003c/code\u003e dep \u003ca href=\"https://github.com/browserify/sha.js/commit/94ca7247f467ef045f41d534708bf7c700e03828\"\u003e\u003ccode\u003e94ca724\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/eb4ea2fd3da93d41e250f9ac8a1a133ce450e0a2\"\u003e\u003ccode\u003eeb4ea2f\u003c/code\u003e\u003c/a\u003e v2.4.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/d8d77c0a729c99593e304047f9d4335b498fd9ed\"\u003e\u003ccode\u003ed8d77c0\u003c/code\u003e\u003c/a\u003e [meta] reorder package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/df9d521e16ddf55dc877c43c05706d43c057fad4\"\u003e\u003ccode\u003edf9d521\u003c/code\u003e\u003c/a\u003e [eslint] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/35aec35c667b606b2495be3e4186bbe977b9e087\"\u003e\u003ccode\u003e35aec35\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/d52889688ce524e63570f35e448635a29e6dd791\"\u003e\u003ccode\u003ed528896\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing peer dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/b46e7116ebeaa82f34bbf2d7494fff7ef46eab3e\"\u003e\u003ccode\u003eb46e711\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/94ca7247f467ef045f41d534708bf7c700e03828\"\u003e\u003ccode\u003e94ca724\u003c/code\u003e\u003c/a\u003e [Dev Deps] remove unused \u003ccode\u003ebuffer\u003c/code\u003e dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/2dbe0aab419e90add5032c70c9663b8fc562adb8\"\u003e\u003ccode\u003e2dbe0aa\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/73e33ae0ca6bca232627cac7473028e1d218f67e\"\u003e\u003ccode\u003e73e33ae\u003c/code\u003e\u003c/a\u003e [Tests] avoid console logs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/f2a258e9f2d0fcd113bfbaa49706e1ac0d979ba5\"\u003e\u003ccode\u003ef2a258e\u003c/code\u003e\u003c/a\u003e [Fix] support multi-byte wide typed arrays\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/sha.js/compare/v2.4.11...v2.4.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for sha.js since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar-fs` from 1.16.3 to 1.16.6\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/6c89b946d0f0043f94a7deb8820f7c3922bc2568\"\u003e\u003ccode\u003e6c89b94\u003c/code\u003e\u003c/a\u003e 1.16.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/4884466fee755d3e462ea9390748a1bf802cdfde\"\u003e\u003ccode\u003e4884466\u003c/code\u003e\u003c/a\u003e refactor to same pattern as v3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/3c6eddb6008d14f4ca83a439dd432263d29ecb0f\"\u003e\u003ccode\u003e3c6eddb\u003c/code\u003e\u003c/a\u003e 1.16.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/c5e7d961a50aaa9614fba3019516227756ea63b6\"\u003e\u003ccode\u003ec5e7d96\u003c/code\u003e\u003c/a\u003e hardlink tweak from main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/ff6510d7ba63b6ee200442b80f4326f369e7d4bd\"\u003e\u003ccode\u003eff6510d\u003c/code\u003e\u003c/a\u003e 1.16.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/df4bca54402e1f03bcbee0bb8ccbe3c4ca84636e\"\u003e\u003ccode\u003edf4bca5\u003c/code\u003e\u003c/a\u003e port fix from main\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mafintosh/tar-fs/compare/v1.16.3...v1.16.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tmp` from 0.2.1 to 0.2.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md\"\u003etmp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.2 (2024-02-28)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/raszi/node-tmp/pull/278\"\u003e#278\u003c/a\u003e Closes \u003ca href=\"https://redirect.github.com/raszi/node-tmp/issues/268\"\u003e#268\u003c/a\u003e: Revert \u0026quot;fix \u003ca href=\"https://redirect.github.com/raszi/node-tmp/issues/246\"\u003e#246\u003c/a\u003e: remove any double quotes or single quotes… (\u003ca href=\"https://github.com/mbargiel\"\u003e\u003ccode\u003e@​mbargiel\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:memo: Documentation\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/raszi/node-tmp/pull/279\"\u003e#279\u003c/a\u003e Closes \u003ca href=\"https://redirect.github.com/raszi/node-tmp/issues/266\"\u003e#266\u003c/a\u003e: move paragraph on graceful cleanup to the head of the documentation (\u003ca href=\"https://github.com/silkentrance\"\u003e\u003ccode\u003e@​silkentrance\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 5\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCarsten Klein (\u003ca href=\"https://github.com/silkentrance\"\u003e\u003ccode\u003e@​silkentrance\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDave Nicolson (\u003ca href=\"https://github.com/dnicolson\"\u003e\u003ccode\u003e@​dnicolson\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKARASZI István (\u003ca href=\"https://github.com/raszi\"\u003e\u003ccode\u003e@​raszi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMaxime Bargiel (\u003ca href=\"https://github.com/mbargiel\"\u003e\u003ccode\u003e@​mbargiel\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robertoaceves\"\u003e\u003ccode\u003e@​robertoaceves\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/8ea1f37d75c67569e0f151448330d52f7babf211\"\u003e\u003ccode\u003e8ea1f37\u003c/code\u003e\u003c/a\u003e Bump up the version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/8f24f788a356b5d45c9bec894632bd4931338153\"\u003e\u003ccode\u003e8f24f78\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/ce787f37aaacccad921ae90990c9da33481fe59c\"\u003e\u003ccode\u003ece787f3\u003c/code\u003e\u003c/a\u003e Reject non-string prefix, postfix, template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/41f71598d03f104a67e0448a7cb9bd4efcdd5980\"\u003e\u003ccode\u003e41f7159\u003c/code\u003e\u003c/a\u003e Bump up the version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/efa4a06f24374797ae32ab2b6ae39b7a611ae429\"\u003e\u003ccode\u003eefa4a06\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/7ef2728ce0211b8110b2033dfe62eaf030341acf\"\u003e\u003ccode\u003e7ef2728\u003c/code\u003e\u003c/a\u003e Check for relative values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/3d2fe387f3f91b13830b9182faa02c3231ea8258\"\u003e\u003ccode\u003e3d2fe38\u003c/code\u003e\u003c/a\u003e Bump up the version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/e16282879e5d0554fe824e1ab3df724847e91183\"\u003e\u003ccode\u003ee162828\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/raszi/node-tmp/issues/309\"\u003e#309\u003c/a\u003e from fflorent/fix-tmp-dir-with-dir\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/b847d2f1a42b625c26149f4a2029ed00a1edf90b\"\u003e\u003ccode\u003eb847d2f\u003c/code\u003e\u003c/a\u003e Fix use of tmp.dir() with \u003ccode\u003edir\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/08fa3abac32b621506512724b28b56b9c4a95846\"\u003e\u003ccode\u003e08fa3ab\u003c/code\u003e\u003c/a\u003e Update version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/raszi/node-tmp/compare/v0.2.1...v0.2.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Domimueller85/subgraphs/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Domimueller85/subgraphs/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Domimueller85%2Fsubgraphs/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"6.12.6","new_version":"6.15.0","update_type":"minor","path":null,"pr_created_at":"2026-06-10T02:25:38.000Z","version_change":"6.12.6 → 6.15.0","issue":{"uuid":"4627363898","node_id":"PR_kwDOGb1TMc7kppNR","number":1,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-10T02:25:38.000Z","updated_at":"2026-06-10T02:26:49.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"next","old_version":"12.0.4","new_version":"15.5.18","repository_url":"https://github.com/vercel/next.js"},{"name":"apollo-server","old_version":"3.5.0","new_version":"3.13.0","repository_url":"https://github.com/apollographql/apollo-server"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.14.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@protobufjs/utf8","old_version":"1.1.0","new_version":"1.1.1","repository_url":"https://github.com/dcodeIO/protobuf.js"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"bn.js","old_version":"4.12.0","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"express","old_version":"4.17.1","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"flatted","old_version":"3.2.0","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.14.1","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.6","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.3.0","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar","old_version":"6.1.11","new_version":"6.2.1","repository_url":"https://github.com/isaacs/node-tar"},{"name":"yaml","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 17 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [next](https://github.com/vercel/next.js) | `12.0.4` | `15.5.18` |\n| [apollo-server](https://github.com/apollographql/apollo-server/tree/HEAD/packages/apollo-server) | `3.5.0` | `3.13.0` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.14.5` | `7.29.7` |\n| [@protobufjs/utf8](https://github.com/dcodeIO/protobuf.js) | `1.1.0` | `1.1.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.0` | `4.12.3` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.2` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.0` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.1` | `1.16.0` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.6` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.0` | `2.3.2` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar](https://github.com/isaacs/node-tar) | `6.1.11` | `6.2.1` |\n| [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` |\n\n\nUpdates `next` from 12.0.4 to 15.5.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.18\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.16\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.15\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23869\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23869\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9ff92cebcaa6ba4e7463b6fd037a8510ba9b81ec\"\u003e\u003ccode\u003e9ff92ce\u003c/code\u003e\u003c/a\u003e v15.5.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/00ebe23562bd7eb32dd78730984bfadb47138bcf\"\u003e\u003ccode\u003e00ebe23\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/62c97ab0b5825e2cbc15f6b682d8286a8dd6a038\"\u003e\u003ccode\u003e62c97ab\u003c/code\u003e\u003c/a\u003e v15.5.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/423623ae38c106273085b66946ee5bf9aab77f2c\"\u003e\u003ccode\u003e423623a\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/fa787399b38d9aa702118f9bd23a8315b9f0ecc6\"\u003e\u003ccode\u003efa78739\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36e62c6eb7813e42d409eb487f93b829f4ad77e8\"\u003e\u003ccode\u003e36e62c6\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93588\"\u003e#93588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36589b5db512b7704cdadd873cbe49b6dbcc9261\"\u003e\u003ccode\u003e36589b5\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93596\"\u003e#93596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ad6fd4e50e5aba20b60d283c42b89273a3167ccd\"\u003e\u003ccode\u003ead6fd4e\u003c/code\u003e\u003c/a\u003e v15.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/79d7dff1448483f0c8f187f98887b31019f6e494\"\u003e\u003ccode\u003e79d7dff\u003c/code\u003e\u003c/a\u003e Ignore malformed CSP nonce headers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c4f69086cc8dcbd81b1dbc321c98ea874d90d6f8\"\u003e\u003ccode\u003ec4f6908\u003c/code\u003e\u003c/a\u003e router-server: guard upgrade proxy against absolute-url SSRF (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/77\"\u003e#77\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v12.0.4...v15.5.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `apollo-server` from 3.5.0 to 3.13.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/f93284e853efd6da46d91ae40da47a2dd15b61fe\"\u003e\u003ccode\u003ef93284e\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/ea2e2c3e071afc9144af00cae7b51720b9cc8b32\"\u003e\u003ccode\u003eea2e2c3\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/fac578a32d5b6e21164fb649fc61d641d0401774\"\u003e\u003ccode\u003efac578a\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/6247d96ba90de6fa9b45995dcab72758c99aab78\"\u003e\u003ccode\u003e6247d96\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/538151b9f30dfc91036eef2f8f65fbf7922d861e\"\u003e\u003ccode\u003e538151b\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/f519e1d7de8564259eb1c8c1c7523669bd9ad815\"\u003e\u003ccode\u003ef519e1d\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/985c0795579a1d39e7b78edce1c9e2e7c8facf82\"\u003e\u003ccode\u003e985c079\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/2bf7f66db91aa2919266afc16f18a918501178ee\"\u003e\u003ccode\u003e2bf7f66\u003c/code\u003e\u003c/a\u003e chore(deps): update all non-major dependencies (main) (\u003ca href=\"https://github.com/apollographql/apollo-server/tree/HEAD/packages/apollo-server/issues/6852\"\u003e#6852\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/f6c5c9fec04c222aa15272b90d203ddc3fe64857\"\u003e\u003ccode\u003ef6c5c9f\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/e6097d614c9ac6887b359529cf27c1bd1a5de59c\"\u003e\u003ccode\u003ee6097d6\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apollographql/apollo-server/commits/apollo-server@3.13.0/packages/apollo-server\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.14.5 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@protobufjs/utf8` from 1.1.0 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dcodeIO/protobuf.js/releases\"\u003e@​protobufjs/utf8's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs-cli: v1.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-cli-v1.1.0...protobufjs-cli-v1.1.1\"\u003e1.1.1\u003c/a\u003e (2023-02-02)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecli:\u003c/strong\u003e fix relative path to Google pb files (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/1859\"\u003e#1859\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e42eea4868b11f4a07934804a56683321ed191e2\"\u003ee42eea4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/dcodeIO/protobuf.js/compare/pool-v1.1.0...utf8-v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `apollo-server-core` from 3.5.0 to 3.13.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/f93284e853efd6da46d91ae40da47a2dd15b61fe\"\u003e\u003ccode\u003ef93284e\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/4745ebed69775959212bbca7b02cff65c1f0dc64\"\u003e\u003ccode\u003e4745ebe\u003c/code\u003e\u003c/a\u003e Rename option from disableValidation to dangerouslyDisableValidation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/11f5981067f570c60a0003b51f3d634ebd8fa792\"\u003e\u003ccode\u003e11f5981\u003c/code\u003e\u003c/a\u003e Add disableValidation option to apollo-server-core\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/ea2e2c3e071afc9144af00cae7b51720b9cc8b32\"\u003e\u003ccode\u003eea2e2c3\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/1dd45b8366a6cee75e4ca321eeb5acf107e6c73e\"\u003e\u003ccode\u003e1dd45b8\u003c/code\u003e\u003c/a\u003e get CI passing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/d38b43bac88acdef4295759d7dcc3d4c348d9575\"\u003e\u003ccode\u003ed38b43b\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-j5g3-5c8r-7qfx\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/fac578a32d5b6e21164fb649fc61d641d0401774\"\u003e\u003ccode\u003efac578a\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/85540501642e9d4f9d7adcc1442885a2eddcc885\"\u003e\u003ccode\u003e8554050\u003c/code\u003e\u003c/a\u003e Update protobuf (version-3) (\u003ca href=\"https://github.com/apollographql/apollo-server/tree/HEAD/packages/apollo-server-core/issues/7412\"\u003e#7412\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/6247d96ba90de6fa9b45995dcab72758c99aab78\"\u003e\u003ccode\u003e6247d96\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/538151b9f30dfc91036eef2f8f65fbf7922d861e\"\u003e\u003ccode\u003e538151b\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apollographql/apollo-server/commits/apollo-server-core@3.13.0/packages/apollo-server-core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.0 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c4098bac2470418f8e0f6bf11fe0cb676a2b9047\"\u003e\u003ccode\u003ec4098ba\u003c/code\u003e\u003c/a\u003e 4.12.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6277fd705e51edae1c404c65f03ba2e512706945\"\u003e\u003ccode\u003e6277fd7\u003c/code\u003e\u003c/a\u003e backport(4.x): Fix imuln/muln with zero (backport of \u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ac0d4afaae91701815b9edc19789e44e7690d688\"\u003e\u003ccode\u003eac0d4af\u003c/code\u003e\u003c/a\u003e 4.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/a5f14b43ec61bc7cafc6de2e7444913b9f581b00\"\u003e\u003ccode\u003ea5f14b4\u003c/code\u003e\u003c/a\u003e Fix serious issue in \u003ccode\u003e.toString(16)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/0cd2661b9d08512263c940662586042ef8aaccc6\"\u003e\u003ccode\u003e0cd2661\u003c/code\u003e\u003c/a\u003e Remove package-lock.json added by npm\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.0...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.1 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.1...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.2.0 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.2.0...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.14.1 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.14.1...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 3.0.1 to 3.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.3...v3.0.4\"\u003ev3.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/f5e7eb024bc3fc7e2074ff80f143a4f4cbc1dbda\"\u003e\u003ccode\u003ef5e7eb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/1a78b5dd05e508d67e97764d812ac7c6d92ea88d\"\u003e\u003ccode\u003e1a78b5d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/b22a64ef94ba4f3f6ff7d1ac72a54cca128567df\"\u003e\u003ccode\u003eb22a64e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/11d9f7338f18a59b431832a3562b49baece0a432\"\u003e\u003ccode\u003e11d9f73\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.2...v3.0.3\"\u003ev3.0.3\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eObject.prototype.hasOwnProperty.call\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/7fecefe4ba8f775634aff86a698776ad95ecffb5\"\u003e\u003ccode\u003e7fecefe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e, \u003ccode\u003ecoveralls\u003c/code\u003e, \u003ccode\u003ecross-spawn\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003eformidable\u003c/code\u003e, \u003ccode\u003ein-publish\u003c/code\u003e, \u003ccode\u003epkgfiles\u003c/code\u003e, \u003ccode\u003epre-commit\u003c/code\u003e, \u003ccode\u003epuppeteer\u003c/code\u003e, \u003ccode\u003erequest\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypescript\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/8261fcb8bf5944d30ae3bd04b91b71d6a9932ef4\"\u003e\u003ccode\u003e8261fcb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/form-data/form-data/commit/b82f59093cdbadb4b7ec0922d33ae7ab048b82ff\"\u003e\u003ccode\u003eb82f590\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] pin \u003ccode\u003erequest\u003c/code\u003e which via \u003ccode\u003etough-cookie\u003c/code\u003e ^2.4 depends on \u003ccode\u003epsl\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/e5df7f24383342264bd73dee3274818a40d04065\"\u003e\u003ccode\u003ee5df7f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5a5bafee894fead10da49e1fa2b084e17f2e1034\"\u003e\u003ccode\u003e5a5bafe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.2\"\u003ev3.0.2\u003c/a\u003e - 2024-10-10\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/8fdb3bc6b5d001f8909a9fca391d1d1d97ef1d79\"\u003e\u003ccode\u003e8fdb3bc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] clean up ignores \u003ca href=\"https://github.com/form-data/form-data/commit/3217b3ded8e382e51171d5c74c6038a21cc54440\"\u003e\u003ccode\u003e3217b3d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: move util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e) \u003ca href=\"https://github.com/form-data/form-data/commit/edb555a811f6f7e4668db4831551cf41c1de1cac\"\u003e\u003ccode\u003eedb555a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/9c82fcdf0858b2764060a87803a55375ffbee6ed\"\u003e\u003ccode\u003e9c82fcd\u003c/code\u003e\u003c/a\u003e v3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e [meta] remove local commit hooks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e [Dev Deps] remove unused deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/002b9b0c4862576305292ac44f7be25ec7ccea0e\"\u003e\u003ccode\u003e002b9b0\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e [Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 0.1.7 to 0.1.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.1.13\u003c/h2\u003e\n\u003ch2\u003eImportant\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eFix backtracking (again)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImproved backtracking protection for 0.1.x, will break some previously valid paths (see previous advisory: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j\"\u003ehttps://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.11...v0.1.12\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.11...v0.1.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eError on bad input\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd error on bad input values  8f09549\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.11\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eBacktrack protection\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to parameters  29b96b4\n\u003cul\u003e\n\u003cli\u003eThis will break some edge cases but should improve performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eSupport non-lookahead regex output\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow a non-lookahead regex (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/312\"\u003e#312\u003c/a\u003e)  c4272e4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9\"\u003ehttps://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eSupport named matching groups in \u003ccode\u003eRegExp\u003c/code\u003e\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for named matching groups (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/301\"\u003e#301\u003c/a\u003e)  114f62d\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/blob/v.0.1.13/History.md\"\u003epath-to-regexp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.1.13 / 2026-03-26\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/9fd0c879f232c2464591f56dd7c7edad7f45b4e0\"\u003e\u003ccode\u003e9fd0c87\u003c/code\u003e\u003c/a\u003e 0.1.13 (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/425\"\u003e#425\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/7ccf02cee33402f06ed2125085992ee9cd3a7c45\"\u003e\u003ccode\u003e7ccf02c\u003c/code\u003e\u003c/a\u003e fix: CVE-2026-4867\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/640e694c6fd971f78268439df9cf44040855e669\"\u003e\u003ccode\u003e640e694\u003c/code\u003e\u003c/a\u003e 0.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4\"\u003e\u003ccode\u003ef01c26a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/0c7119248b7cb528a0aea3ba45ed4e2db007cba4\"\u003e\u003ccode\u003e0c71192\u003c/code\u003e\u003c/a\u003e 0.1.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/8f095497d678c2ec3495a99ab3928748731e73ee\"\u003e\u003ccode\u003e8f09549\u003c/code\u003e\u003c/a\u003e Add error on bad input values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c827fcea751b2e9ec6ca68a1b95a82e438728868\"\u003e\u003ccode\u003ec827fce\u003c/code\u003e\u003c/a\u003e 0.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f\"\u003e\u003ccode\u003e29b96b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to parameters\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/ac4c2345622a10a09c7ec229e3c29740935d67d7\"\u003e\u003ccode\u003eac4c234\u003c/code\u003e\u003c/a\u003e Update repo url (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/bdb663527106d51f149b12f74fca1018c20c8a53\"\u003e\u003ccode\u003ebdb6635\u003c/code\u003e\u003c/a\u003e 0.1.9\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v.0.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for path-to-regexp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pbkdf2` from 3.1.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md\"\u003epbkdf2's changelog\u003c/a\u003e.\u003c/...\n\n_Description has been truncated_","html_url":"https://github.com/Eprince-hub/react-graphql-frontend-backend-lessons/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Eprince-hub%2Freact-graphql-frontend-backend-lessons/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"8.12.0","new_version":"8.18.0","update_type":"minor","path":null,"pr_created_at":"2026-06-09T17:11:58.000Z","version_change":"8.12.0 → 8.18.0","issue":{"uuid":"4624033564","node_id":"PR_kwDORpA4s87keuYc","number":6,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 14 directories with 17 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-14T02:16:27.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-09T17:11:58.000Z","updated_at":"2026-06-14T02:16:29.000Z","time_to_close":378269,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":17,"packages":[{"name":"@fastify/http-proxy","old_version":"11.3.0","new_version":"11.4.4","repository_url":"https://github.com/fastify/fastify-http-proxy"},{"name":"@opentelemetry/sdk-node","old_version":"0.206.0","new_version":"0.217.0","repository_url":"https://github.com/open-telemetry/opentelemetry-js"},{"name":"fastify","old_version":"5.7.3","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"},{"name":"i18next-http-backend","old_version":"2.5.2","new_version":"3.0.5","repository_url":"https://github.com/i18next/i18next-http-backend"},{"name":"nodemailer","old_version":"7.0.11","new_version":"8.0.5","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"rollup","old_version":"4.22.5","new_version":"4.59.0","repository_url":"https://github.com/rollup/rollup"},{"name":"samlify","old_version":"2.10.0","new_version":"2.13.0","repository_url":"https://github.com/tngan/samlify"},{"name":"simple-git","old_version":"3.21.0","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"yaml","old_version":"2.4.1","new_version":"2.8.3","repository_url":"https://github.com/eemeli/yaml"},{"name":"vite","old_version":"6.4.1","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"webpack","old_version":"5.101.3","new_version":"5.104.1","repository_url":"https://github.com/webpack/webpack"},{"name":"@fastify/static","old_version":"8.1.0","new_version":"9.1.1","repository_url":"https://github.com/fastify/fastify-static"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.3.1","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"ajv","old_version":"8.12.0","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"mailparser","old_version":"3.7.5","new_version":"3.9.3","repository_url":"https://github.com/nodemailer/mailparser"},{"name":"lodash","old_version":"4.17.23","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"fast-xml-parser","old_version":"5.3.7","new_version":"5.7.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 17 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/http-proxy](https://github.com/fastify/fastify-http-proxy) | `11.3.0` | `11.4.4` |\n| [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js) | `0.206.0` | `0.217.0` |\n| [fastify](https://github.com/fastify/fastify) | `5.7.3` | `5.8.5` |\n| [i18next-http-backend](https://github.com/i18next/i18next-http-backend) | `2.5.2` | `3.0.5` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `7.0.11` | `8.0.5` |\n| [rollup](https://github.com/rollup/rollup) | `4.22.5` | `4.59.0` |\n| [samlify](https://github.com/tngan/samlify) | `2.10.0` | `2.13.0` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.21.0` | `3.36.0` |\n| [yaml](https://github.com/eemeli/yaml) | `2.4.1` | `2.8.3` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.4.1` | `6.4.2` |\n| [webpack](https://github.com/webpack/webpack) | `5.101.3` | `5.104.1` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.1.0` | `9.1.1` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.3.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.12.0` | `8.18.0` |\n| [mailparser](https://github.com/nodemailer/mailparser) | `3.7.5` | `3.9.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.3.7` | `5.7.0` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/ai directory: [ajv](https://github.com/ajv-validator/ajv).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/claude directory: [ajv](https://github.com/ajv-validator/ajv).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/firecrawl directory: [ajv](https://github.com/ajv-validator/ajv).\nBumps the npm_and_yarn group with 2 updates in the /packages/pieces/community/gmail directory: [nodemailer](https://github.com/nodemailer/nodemailer) and [mailparser](https://github.com/nodemailer/mailparser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/google-sheets directory: [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/imap directory: [mailparser](https://github.com/nodemailer/mailparser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/salesforce directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/community/zoho-mail directory: [mailparser](https://github.com/nodemailer/mailparser).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/sftp directory: [basic-ftp](https://github.com/patrickjuchli/basic-ftp).\nBumps the npm_and_yarn group with 1 update in the /packages/pieces/core/smtp directory: [nodemailer](https://github.com/nodemailer/nodemailer).\nBumps the npm_and_yarn group with 7 updates in the /packages/server/api directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@fastify/http-proxy](https://github.com/fastify/fastify-http-proxy) | `11.3.0` | `11.4.4` |\n| [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js) | `0.206.0` | `0.217.0` |\n| [fastify](https://github.com/fastify/fastify) | `5.7.3` | `5.8.5` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `7.0.11` | `8.0.5` |\n| [samlify](https://github.com/tngan/samlify) | `2.10.0` | `2.13.0` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.21.0` | `3.36.0` |\n| [@fastify/static](https://github.com/fastify/fastify-static) | `8.1.0` | `9.1.1` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/server/worker directory: [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js).\nBumps the npm_and_yarn group with 1 update in the /packages/web directory: [i18next-http-backend](https://github.com/i18next/i18next-http-backend).\n\nUpdates `@fastify/http-proxy` from 11.3.0 to 11.4.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify-http-proxy/releases\"\u003e@​fastify/http-proxy's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev11.4.4\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33805 \u003ca href=\"https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37\"\u003ehttps://github.com/fastify/fastify-reply-from/security/advisories/GHSA-gwhp-pf74-vj37\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: remove fast-proxy dependency by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/453\"\u003efastify/fastify-http-proxy#453\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/454\"\u003efastify/fastify-http-proxy#454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump pino-test from 1.1.0 to 2.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/456\"\u003efastify/fastify-http-proxy#456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 5.9.3 to 6.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/455\"\u003efastify/fastify-http-proxy#455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/457\"\u003efastify/fastify-http-proxy#457\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/459\"\u003efastify/fastify-http-proxy#459\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.3...v11.4.4\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.3...v11.4.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Only replace the prefix at the beginning of the URL. by \u003ca href=\"https://github.com/ShogunPanda\"\u003e\u003ccode\u003e@​ShogunPanda\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/452\"\u003efastify/fastify-http-proxy#452\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.2...v11.4.3\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.2...v11.4.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.10.4 to 25.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/443\"\u003efastify/fastify-http-proxy#443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade borp to v1.0.0 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/445\"\u003efastify/fastify-http-proxy#445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/446\"\u003efastify/fastify-http-proxy#446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/448\"\u003efastify/fastify-http-proxy#448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: removed stale.yml by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/449\"\u003efastify/fastify-http-proxy#449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(qs): preserve fromParameters query params by \u003ca href=\"https://github.com/rozzilla\"\u003e\u003ccode\u003e@​rozzilla\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/451\"\u003efastify/fastify-http-proxy#451\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/445\"\u003efastify/fastify-http-proxy#445\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.1...v11.4.2\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.1...v11.4.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add types and updated docs for 'preRewrite'. by \u003ca href=\"https://github.com/mn4367\"\u003e\u003ccode\u003e@​mn4367\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/442\"\u003efastify/fastify-http-proxy#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mn4367\"\u003e\u003ccode\u003e@​mn4367\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/442\"\u003efastify/fastify-http-proxy#442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.4.0...v11.4.1\"\u003ehttps://github.com/fastify/fastify-http-proxy/compare/v11.4.0...v11.4.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.4.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 22.15.34 to 24.0.8 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/424\"\u003efastify/fastify-http-proxy#424\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 5.8.3 to 5.9.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/pull/426\"\u003efastify/fastify-http-proxy#426\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/15df3dc5eca55e2e61dba1745f422690b4a55257\"\u003e\u003ccode\u003e15df3dc\u003c/code\u003e\u003c/a\u003e Bumped v11.4.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/87ded36a2a67b3530a4c04f836ba4f26b26b12ae\"\u003e\u003ccode\u003e87ded36\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/459\"\u003e#459\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/4011c5d6a3da2b33e8fea5234f09cbd447dfa8f0\"\u003e\u003ccode\u003e4011c5d\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/457\"\u003e#457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/7d287c244a6ec8b222bad4e8fff289c26d0b1606\"\u003e\u003ccode\u003e7d287c2\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump typescript from 5.9.3 to 6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/455\"\u003e#455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/801beea98c3a61b168c64deef4ce694fdafd8804\"\u003e\u003ccode\u003e801beea\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump pino-test from 1.1.0 to 2.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/456\"\u003e#456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/b05568e6b7db701c95171c3a0194516cbb0fea13\"\u003e\u003ccode\u003eb05568e\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/454\"\u003e#454\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/1d675fd2add0e523ea1a97c6f8506ce769366cdc\"\u003e\u003ccode\u003e1d675fd\u003c/code\u003e\u003c/a\u003e chore: remove fast-proxy dependency (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/453\"\u003e#453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/16e2044b7c4b59e6069712510da3a3f4f6bab636\"\u003e\u003ccode\u003e16e2044\u003c/code\u003e\u003c/a\u003e Bumped v11.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/be4a26865b1a588fb016523b35db4baeb16cfe0a\"\u003e\u003ccode\u003ebe4a268\u003c/code\u003e\u003c/a\u003e fix: Only replace the prefix at the beginning of the URL. (\u003ca href=\"https://redirect.github.com/fastify/fastify-http-proxy/issues/452\"\u003e#452\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify-http-proxy/commit/f5719401e8693716be0001c9e8f777675b965cc5\"\u003e\u003ccode\u003ef571940\u003c/code\u003e\u003c/a\u003e v11.4.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify-http-proxy/compare/v11.3.0...v11.4.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@opentelemetry/sdk-node` from 0.206.0 to 0.217.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/releases\"\u003e@​opentelemetry/sdk-node's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eexperimental/v0.217.0\u003c/h2\u003e\n\u003ch2\u003e0.217.0\u003c/h2\u003e\n\u003ch3\u003e:rocket: Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(otlp-transformer): replace protobufjs trace serialization with custom implementation \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6625\"\u003e#6625\u003c/a\u003e \u003ca href=\"https://github.com/pichlermarc\"\u003e\u003ccode\u003e@​pichlermarc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(configuration): auto-generate TypeScript types from OTel declarative config JSON schema (stable v1.0.0) using \u003ccode\u003ejson-schema-to-typescript\u003c/code\u003e and \u003ccode\u003eajv\u003c/code\u003e \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6533\"\u003e#6533\u003c/a\u003e \u003ca href=\"https://github.com/MikeGoldsmith\"\u003e\u003ccode\u003e@​MikeGoldsmith\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(configuration, sdk-node): \u003ccode\u003estartNodeSDK()\u003c/code\u003e code path now uses \u003ccode\u003elog_level\u003c/code\u003e configuration to setup a DiagConsoleLogger \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6668\"\u003e#6668\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eNote that allowed values for \u003ccode\u003elog_level\u003c/code\u003e in a configuration YAML file are \u003cem\u003enot\u003c/em\u003e the same set as for \u003ccode\u003eOTEL_LOG_LEVEL\u003c/code\u003e. Use \u003ccode\u003elog_level: trace\u003c/code\u003e to see \u003cem\u003eall\u003c/em\u003e logs (equivalent of \u003ccode\u003eOTEL_LOG_LEVEL=ALL\u003c/code\u003e). Use \u003ccode\u003elog_level: fatal\u003c/code\u003e to effectively disable the SDK's internal diagnostic logger (equivalent of \u003ccode\u003eOTEL_LOG_LEVEL=NONE\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eIf \u003ccode\u003elog_level\u003c/code\u003e is not specified, a diagnostic console logger at \u0026quot;info\u0026quot; level will be setup.\u003c/li\u003e\n\u003cli\u003eAn invalid YAML config file will now result in a noop OTel SDK.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e:bug: Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix(configuration): do not validate \u003ccode\u003eOTEL_CONFIG_FILE\u003c/code\u003e value before using it for file config \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6643\"\u003e#6643\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): improve how 'additionalProperties' in JSON schema is translated to TS types \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6650\"\u003e#6650\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): remove stripMinItems and preprocessNullArrays from validation/parsing \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6657\"\u003e#6657\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): improve handling of enums in generated types \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6659\"\u003e#6659\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(configuration): improve the technique for removing '| null' on types the JSON Schema \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6662\"\u003e#6662\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(sampler-jaeger-remote): add missing axios dep \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6656\"\u003e#6656\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(exporter-prometheus): handle malformed URLs in Prometheus exporter request handler \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6674\"\u003e#6674\u003c/a\u003e \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eexperimental/v0.216.0\u003c/h2\u003e\n\u003ch2\u003e0.216.0\u003c/h2\u003e\n\u003ch3\u003e:rocket: Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(sdk-node): wire attribute_keys from declarative configuration to ViewOptions.attributesProcessors \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6427\"\u003e#6427\u003c/a\u003e \u003ca href=\"https://github.com/ravitheja4531-cell\"\u003e\u003ccode\u003e@​ravitheja4531-cell\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(sdk-node): set TracerProvider in startNodeSDK() \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6607\"\u003e#6607\u003c/a\u003e \u003ca href=\"https://github.com/maryliag\"\u003e\u003ccode\u003e@​maryliag\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e:bug: Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix(instrumentation-xml-http-request): avoid unwrapping \u003ccode\u003eXMLHttpRequest\u003c/code\u003e API when disabling \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6611\"\u003e#6611\u003c/a\u003e \u003ca href=\"https://github.com/david-luna\"\u003e\u003ccode\u003e@​david-luna\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(instrumentation-fetch): tolerate non-writable \u003ccode\u003eglobalThis.fetch\u003c/code\u003e and fix premature \u003ccode\u003e_isEnabled\u003c/code\u003e / \u003ccode\u003e_isFetchPatched\u003c/code\u003e flips in \u003ccode\u003eenable()\u003c/code\u003e \u003ca href=\"https://github.com/brunorodmoreira\"\u003e\u003ccode\u003e@​brunorodmoreira\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(instrumentation-xhr): resolve relative URLs before matching \u003ccode\u003eignoreUrls\u003c/code\u003e \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6551\"\u003e#6551\u003c/a\u003e \u003ca href=\"https://github.com/Maximiliano-Zeballos\"\u003e\u003ccode\u003e@​Maximiliano-Zeballos\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(sdk-node): fix setting of ViewOption#name from ConfigurationModel \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6620\"\u003e#6620\u003c/a\u003e \u003ca href=\"https://github.com/trentm\"\u003e\u003ccode\u003e@​trentm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(web-common): add limit for timeout \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6601\"\u003e#6601\u003c/a\u003e \u003ca href=\"https://github.com/maryliag\"\u003e\u003ccode\u003e@​maryliag\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(otlp-transformer): pin protobufjs@8.0.1 as protobufjs@8.0.3 is broken for browser use \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6646\"\u003e#6646\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e:house: Internal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etest(otlp-transformer): add metrics transform benchmark \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6628\"\u003e#6628\u003c/a\u003e \u003ca href=\"https://github.com/pichlermarc\"\u003e\u003ccode\u003e@​pichlermarc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(opentelemetry-exporter-prometheus): do not call enforcePrometheusNamingConvention() multiple times per metric \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/pull/6636\"\u003e#6636\u003c/a\u003e \u003ca href=\"https://github.com/cjihrig\"\u003e\u003ccode\u003e@​cjihrig\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eexperimental/v0.215.0\u003c/h2\u003e\n\u003ch2\u003e0.215.0\u003c/h2\u003e\n\u003ch3\u003e:boom: Breaking Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/74cde1b674508ccc0ed2601ac43a80ff2d35114c\"\u003e\u003ccode\u003e74cde1b\u003c/code\u003e\u003c/a\u003e chore: prepare next release (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6675\"\u003e#6675\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/e8f439adcbec23261d26fcc205f4d2a6d74f16c7\"\u003e\u003ccode\u003ee8f439a\u003c/code\u003e\u003c/a\u003e fix: handle malformed URLs in Prometheus exporter request handler (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6674\"\u003e#6674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/ab3a2e280e589a43d705278be5e8c8308b1b4081\"\u003e\u003ccode\u003eab3a2e2\u003c/code\u003e\u003c/a\u003e feat(sdk-node, configuration): diag log handling updates for startNodeSDK(), ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/d5b7d1e5c6cd3c9547137d0cc6a5185b7b5a8155\"\u003e\u003ccode\u003ed5b7d1e\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency axios to v1.15.2 [security] (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6670\"\u003e#6670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/c16361877b77828d324733a4c8bed6d2ed10c884\"\u003e\u003ccode\u003ec163618\u003c/code\u003e\u003c/a\u003e chore(deps): update github/codeql-action digest to e46ed2c (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6661\"\u003e#6661\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/ec2bfbe0b2afb9d29725140b2d0350e47e23250d\"\u003e\u003ccode\u003eec2bfbe\u003c/code\u003e\u003c/a\u003e chore(configuration): move config generation scripts into the configuration p...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/acc9ecd99591c054e9f3b9d9e36cbd4333bb1411\"\u003e\u003ccode\u003eacc9ecd\u003c/code\u003e\u003c/a\u003e chore(configuration): cosmetic changes to generated types.ts (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6663\"\u003e#6663\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/8f008ece4ee20ad7ef55f673c208010ddb59f751\"\u003e\u003ccode\u003e8f008ec\u003c/code\u003e\u003c/a\u003e chore: Move inactive members to emeritus (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6649\"\u003e#6649\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/435431e4705fd1fb45eec009a3f831b91e6673cd\"\u003e\u003ccode\u003e435431e\u003c/code\u003e\u003c/a\u003e fix(configuration): improve the technique for removing '| null' on types due ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/commit/42220244e99c5ace5c2ac7365d232d3b9d1038b2\"\u003e\u003ccode\u003e4222024\u003c/code\u003e\u003c/a\u003e fix(configuration): improve handling of enums in generated types (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-js/issues/6659\"\u003e#6659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/open-telemetry/opentelemetry-js/compare/experimental/v0.206.0...experimental/v0.217.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.7.3 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.3\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-3635 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(readme): add \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e to plugin team by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6565\"\u003efastify/fastify#6565\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated Plugins-Guide.md; Changed \u0026quot;fastify\u0026quot; to \u0026quot;instance\u0026quot; during plugin registration to showcase that it's added as a child by \u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: use fastify.test in test case by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6568\"\u003efastify/fastify#6568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use fastify.example in documentation by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6567\"\u003efastify/fastify#6567\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add common performance degradation guidance by \u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(server): fix camelCase anchor links in TOC by \u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(link-checker): fix root-relative links resolution by \u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update syntax markdown, absolute paths and links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6569\"\u003efastify/fastify#6569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify content-type parser/schema mismatch is outside threat model by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6537\"\u003efastify/fastify#6537\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix incorrect code examples in Reply and Request reference by \u003ca href=\"https://github.com/mahmoodhamdi\"\u003e\u003ccode\u003e@​mahmoodhamdi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6582\"\u003efastify/fastify#6582\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: replace redirected npm.im http-errors link by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6588\"\u003efastify/fastify#6588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: Allow port to be null in request type definition by \u003ca href=\"https://github.com/TristanBarlow\"\u003e\u003ccode\u003e@​TristanBarlow\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6589\"\u003efastify/fastify#6589\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6593\"\u003efastify/fastify#6593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(lock-threads): use shared lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6592\"\u003efastify/fastify#6592\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3983cce8124714242099e8756a7a9a80a0ba0aea\"\u003e\u003ccode\u003e3983cce\u003c/code\u003e\u003c/a\u003e Bumped v5.8.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3ce3ae6752dbed672759856081af9cb1e2733105\"\u003e\u003ccode\u003e3ce3ae6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/b06a196b694c0c7aed53976cd77456f1ad7d4c9f\"\u003e\u003ccode\u003eb06a196\u003c/code\u003e\u003c/a\u003e docs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6610\"\u003e#6610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/909c5d5329536b0acc004da7649b3da8af9273b2\"\u003e\u003ccode\u003e909c5d5\u003c/code\u003e\u003c/a\u003e chore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6630\"\u003e#6630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/4db21a36ddb588acaebf5a4472ccb3b0d5fc9db0\"\u003e\u003ccode\u003e4db21a3\u003c/code\u003e\u003c/a\u003e chore: Bump borp from 0.21.0 to 1.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6633\"\u003e#6633\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/0f4e544c8acd7c42df347936e613a73cecc4f3fe\"\u003e\u003ccode\u003e0f4e544\u003c/code\u003e\u003c/a\u003e chore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6632\"\u003e#6632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/33a2fcd39de584713495bf4b3bd864137746f224\"\u003e\u003ccode\u003e33a2fcd\u003c/code\u003e\u003c/a\u003e chore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6629\"\u003e#6629\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/fd35d829a8cd496a3c1170c0c1c021130e3ca0e8\"\u003e\u003ccode\u003efd35d82\u003c/code\u003e\u003c/a\u003e ci: reduce cron schedules from daily/weekly to monthly (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6623\"\u003e#6623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/8dee9be05ebf683cd212aeff1d294f6ea1ec405c\"\u003e\u003ccode\u003e8dee9be\u003c/code\u003e\u003c/a\u003e fix: restore trustProxy function for number and string types, add null check ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/d457aeda8611777389c7e4713a288eb7ddb9a389\"\u003e\u003ccode\u003ed457aed\u003c/code\u003e\u003c/a\u003e chore: upgrade to typescript v6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6605\"\u003e#6605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify/compare/v5.7.3...v5.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `i18next-http-backend` from 2.5.2 to 3.0.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/i18next/i18next-http-backend/blob/master/CHANGELOG.md\"\u003ei18next-http-backend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e3.0.5\u003c/h3\u003e\n\u003cp\u003eSecurity release — all issues found via an internal audit. See published advisory \u003ca href=\"https://github.com/i18next/i18next-http-backend/security/advisories/GHSA-q89c-q3h5-w34g\"\u003eGHSA-q89c-q3h5-w34g\u003c/a\u003e.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esecurity: refuse to build request URLs when \u003ccode\u003elng\u003c/code\u003e or \u003ccode\u003ens\u003c/code\u003e values contain path-traversal, URL-structure (\u003ccode\u003e?\u003c/code\u003e, \u003ccode\u003e#\u003c/code\u003e, \u003ccode\u003e%\u003c/code\u003e, \u003ccode\u003e@\u003c/code\u003e, whitespace), path separators, control characters, prototype keys, or exceed 128 chars. Prevents path traversal / SSRF / URL injection via attacker-controlled language-code values. \u003ccode\u003eisSafeUrlSegment\u003c/code\u003e is permissive for legitimate i18next language codes (any BCP-47-like shape, underscores, hyphens, dots, \u003ccode\u003e+\u003c/code\u003e-joined multi-language requests) (\u003ca href=\"https://github.com/i18next/i18next-http-backend/security/advisories/GHSA-q89c-q3h5-w34g\"\u003eGHSA-q89c-q3h5-w34g\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esecurity: per-instance \u003ccode\u003eomitFetchOptions\u003c/code\u003e — the fetch-options-stripping fallback is now scoped to a single backend instance via \u003ccode\u003eoptions._omitFetchOptions\u003c/code\u003e instead of a module-level boolean. One instance hitting a \u0026quot;not implemented\u0026quot; fetch error no longer permanently strips \u003ccode\u003erequestOptions\u003c/code\u003e (including \u003ccode\u003ecredentials\u003c/code\u003e, \u003ccode\u003emode\u003c/code\u003e, \u003ccode\u003ecache\u003c/code\u003e) from every other backend instance in the same process\u003c/li\u003e\n\u003cli\u003esecurity: strip CR/LF/NUL and other C0/C1 control characters from \u003ccode\u003elng\u003c/code\u003e/\u003ccode\u003ens\u003c/code\u003e / URL values before they appear in error-callback strings (CWE-117 log forging)\u003c/li\u003e\n\u003cli\u003esecurity: redact \u003ccode\u003euser:password\u003c/code\u003e credentials from URLs before including them in error-callback strings — prevents leaking basic-auth credentials embedded in \u003ccode\u003eloadPath\u003c/code\u003e / \u003ccode\u003eaddPath\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003esecurity: iterate own enumerable keys only (\u003ccode\u003eObject.keys\u003c/code\u003e + prototype-key guard) in \u003ccode\u003eaddQueryString\u003c/code\u003e and in the \u003ccode\u003ecustomHeaders\u003c/code\u003e loop in XHR mode — prevents prototype-pollution amplification into the URL and request headers\u003c/li\u003e\n\u003cli\u003echore: ignore \u003ccode\u003e.env*\u003c/code\u003e and \u003ccode\u003e*.pem\u003c/code\u003e/\u003ccode\u003e*.key\u003c/code\u003e files in \u003ccode\u003e.gitignore\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euse own interpolation function for loadPath and addPath instead of relying on i18next's interpolator \u003ca href=\"https://redirect.github.com/i18next/i18next/issues/2420\"\u003ei18next#2420\u003c/a\u003e — this means only \u003ccode\u003e{{lng}}\u003c/code\u003e and \u003ccode\u003e{{ns}}\u003c/code\u003e placeholders are supported; custom interpolation prefix/suffix from i18next config no longer applies to backend paths\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize fetchApi selector\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etry to get rid of top-level await\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.0.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix for Deno 2 and removal of unnecessary .cjs file\u003c/li\u003e\n\u003cli\u003efor esm build environments not supporting top-level await, you should import the \u003ccode\u003ei18next-http-backend/cjs\u003c/code\u003e export or stay at v2.6.2 or v2.7.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize fetchApi selector [backported]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esame as 2.6.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.7.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeprecated, same as v3.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove network error detection across browsers \u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/pull/152\"\u003e152\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eoptimize \u0026quot;Failed to fetch\u0026quot; retry case \u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/issues/147\"\u003e147\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.6.0\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/5757fa3283bff31bd75e75598c3bcb44179bd892\"\u003e\u003ccode\u003e5757fa3\u003c/code\u003e\u003c/a\u003e 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4cee84f229c637b9c182366d3156f726d407a621\"\u003e\u003ccode\u003e4cee84f\u003c/code\u003e\u003c/a\u003e security: hardening for 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4cbc48741128d9b1f6cceb43edabfbec84c92615\"\u003e\u003ccode\u003e4cbc487\u003c/code\u003e\u003c/a\u003e Bump next from 16.2.1 to 16.2.3 in /example/next (\u003ca href=\"https://redirect.github.com/i18next/i18next-http-backend/issues/180\"\u003e#180\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/0d7dcbb09989d358b3af9a67658469ae8ed361dc\"\u003e\u003ccode\u003e0d7dcbb\u003c/code\u003e\u003c/a\u003e make last change more clear\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/c740e013ab5ff4ea3a71f9e0842a302bdf4147ae\"\u003e\u003ccode\u003ec740e01\u003c/code\u003e\u003c/a\u003e year\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/e1dc72b3fb016932959d2bf796d94985baca7050\"\u003e\u003ccode\u003ee1dc72b\u003c/code\u003e\u003c/a\u003e changelog fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/4dbb4851ff53b0058d8f0a254779b45c839e6c24\"\u003e\u003ccode\u003e4dbb485\u003c/code\u003e\u003c/a\u003e 3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/5f33a0c2d72f8f9c1e0add30b9b75a0c2edeb7b6\"\u003e\u003ccode\u003e5f33a0c\u003c/code\u003e\u003c/a\u003e use own interpolation function for loadPath and addPath instead of relying on...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/681c09d12ebfafef09351b784d2e7b250328879f\"\u003e\u003ccode\u003e681c09d\u003c/code\u003e\u003c/a\u003e update ci actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/i18next/i18next-http-backend/commit/e63ff163717ba02c589e27fa81cc881add892fbd\"\u003e\u003ccode\u003ee63ff16\u003c/code\u003e\u003c/a\u003e adjust deno test\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/i18next/i18next-http-backend/compare/v2.5.2...v3.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nodemailer` from 7.0.11 to 8.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/releases\"\u003enodemailer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.4...v8.0.5\"\u003e8.0.5\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edecode SMTP server responses as UTF-8 at line boundary (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e95876b1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esanitize CRLF in transport name option to prevent SMTP command injection (GHSA-vvjj-xcjg-gr5g) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e0a43876\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4\"\u003e8.0.4\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esanitize envelope size to prevent SMTP command injection (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e2d7b971\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.2...v8.0.3\"\u003e8.0.3\u003c/a\u003e (2026-03-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up addressparser and fix group name fallback producing undefined (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9d55877f8ed15a6aefd7ba76cbb6b6a6cdbcc4fd\"\u003e9d55877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix cookie bugs, remove dead code, and improve hot-path efficiency (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003ee8c8b92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor smtp-connection for clarity and add Node.js 6 syntax compat test (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c5b48ea61c28eabf347972f4198a12cdab226ff7\"\u003ec5b48ea\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove familySupportCache that broke DNS resolution tests (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003ec803d90\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.2\"\u003e8.0.2\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emerge fragmented display names with unquoted commas in addressparser (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/fe27f7fd57f7587d897274438da2f628ad0ad7d9\"\u003efe27f7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.0...v8.0.1\"\u003e8.0.1\u003c/a\u003e (2026-02-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/7f8dde41438c66b8311e888fa5f8c518fcaba6f1\"\u003e7f8dde4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/381f628d55e62bb3131bd2a452fa1ce00bc48aea\"\u003e381f628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Gmail Workspace service configuration (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1787\"\u003e#1787\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/dc97ede417b3030b311771541b1f17f5ca76bcbf\"\u003edc97ede\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.13...v8.0.0\"\u003e8.0.0\u003c/a\u003e (2026-02-04)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md\"\u003enodemailer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.4...v8.0.5\"\u003e8.0.5\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edecode SMTP server responses as UTF-8 at line boundary (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e95876b1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esanitize CRLF in transport name option to prevent SMTP command injection (GHSA-vvjj-xcjg-gr5g) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e0a43876\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4\"\u003e8.0.4\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esanitize envelope size to prevent SMTP command injection (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e2d7b971\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.2...v8.0.3\"\u003e8.0.3\u003c/a\u003e (2026-03-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up addressparser and fix group name fallback producing undefined (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9d55877f8ed15a6aefd7ba76cbb6b6a6cdbcc4fd\"\u003e9d55877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix cookie bugs, remove dead code, and improve hot-path efficiency (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003ee8c8b92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor smtp-connection for clarity and add Node.js 6 syntax compat test (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c5b48ea61c28eabf347972f4198a12cdab226ff7\"\u003ec5b48ea\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove familySupportCache that broke DNS resolution tests (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003ec803d90\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.2\"\u003e8.0.2\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emerge fragmented display names with unquoted commas in addressparser (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/fe27f7fd57f7587d897274438da2f628ad0ad7d9\"\u003efe27f7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.0...v8.0.1\"\u003e8.0.1\u003c/a\u003e (2026-02-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/7f8dde41438c66b8311e888fa5f8c518fcaba6f1\"\u003e7f8dde4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/381f628d55e62bb3131bd2a452fa1ce00bc48aea\"\u003e381f628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Gmail Workspace service configuration (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1787\"\u003e#1787\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/dc97ede417b3030b311771541b1f17f5ca76bcbf\"\u003edc97ede\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.13...v8.0.0\"\u003e8.0.0\u003c/a\u003e (2026-02-04)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eError code 'NoAuth' renamed to 'ENOAUTH'\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/202cfb3e14010223204e9ba9f7430176be624f0f\"\u003e\u003ccode\u003e202cfb3\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.5 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1809\"\u003e#1809\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/b634abf05959edcc7207cdaba2c6541f92994cbb\"\u003e\u003ccode\u003eb634abf\u003c/code\u003e\u003c/a\u003e docs: add CLAUDE.md with project conventions and release process\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e\u003ccode\u003e95876b1\u003c/code\u003e\u003c/a\u003e fix: decode SMTP server responses as UTF-8 at line boundary\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e\u003ccode\u003e0a43876\u003c/code\u003e\u003c/a\u003e fix: sanitize CRLF in transport name option to prevent SMTP command injection...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/08e59e64d0f8595fa535f07061787e0946372657\"\u003e\u003ccode\u003e08e59e6\u003c/code\u003e\u003c/a\u003e chore: update dev dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d319753c34d2f0ced24d8eb1d7d866d965f59f4\"\u003e\u003ccode\u003e2d31975\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.4 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1806\"\u003e#1806\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e\u003ccode\u003e2d7b971\u003c/code\u003e\u003c/a\u003e fix: sanitize envelope size to prevent SMTP command injection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/4e702e97650aaff442a7bc040957ba9c53c614b8\"\u003e\u003ccode\u003e4e702e9\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.3 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1804\"\u003e#1804\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003e\u003ccode\u003ec803d90\u003c/code\u003e\u003c/a\u003e fix: remove familySupportCache that broke DNS resolution tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003e\u003ccode\u003ee8c8b92\u003c/code\u003e\u003c/a\u003e fix: fix cookie bugs, remove dead code, and improve hot-path efficiency\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.11...v8.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rollup` from 4.22.5 to 4.59.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/releases\"\u003erollup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.59.0\u003c/h2\u003e\n\u003ch2\u003e4.59.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow when the generated bundle contains paths that would leave the output directory (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6276\"\u003e#6276\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6275\"\u003e#6275\u003c/a\u003e: Validate bundle stays within output dir (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.58.0\u003c/h2\u003e\n\u003ch2\u003e4.58.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-20\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAlso support \u003ccode\u003e__NO_SIDE_EFFECTS__\u003c/code\u003e annotation before variable declarations declaring function expressions (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6272\"\u003e#6272\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6256\"\u003e#6256\u003c/a\u003e: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (\u003ca href=\"https://github.com/njg7194\"\u003e\u003ccode\u003e@​njg7194\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6259\"\u003e#6259\u003c/a\u003e: docs: Correct typo and improve sentence structure in docs for \u003ccode\u003eoutput.experimentalMinChunkSize\u003c/code\u003e (\u003ca href=\"https://github.com/millerick\"\u003e\u003ccode\u003e@​millerick\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6260\"\u003e#6260\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v47 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6261\"\u003e#6261\u003c/a\u003e: fix(deps): lock file maintenance minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6262\"\u003e#6262\u003c/a\u003e: Avoid unnecessary cloning of the code string (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6263\"\u003e#6263\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6265\"\u003e#6265\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6267\"\u003e#6267\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6268\"\u003e#6268\u003c/a\u003e: chore(deps): update dependency eslint-plugin-unicorn to v63 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6269\"\u003e#6269\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6270\"\u003e#6270\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6272\"\u003e#6272\u003c/a\u003e: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.57.1\u003c/h2\u003e\n\u003ch2\u003e4.57.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-01-30\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix heap corruption issue in Windows (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6251\"\u003e#6251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure exports of a dynamic import are fully included when called from a try...catch (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6254\"\u003e#6254\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6251\"\u003e#6251\u003c/a\u003e: fix: Isolate and cache \u003ccode\u003eprocess.report.getReport()\u003c/code\u003e calls in a child process for robust environment detection (\u003ca href=\"https://github.com/alan-agius4\"\u003e\u003ccode\u003e@​alan-agius4\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/blob/master/CHANGELOG.md\"\u003erollup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.59.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow when the generated bundle contains paths that would leave the output directory (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6276\"\u003e#6276\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6275\"\u003e#6275\u003c/a\u003e: Validate bundle stays within output dir (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.58.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-20\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAlso support \u003ccode\u003e__NO_SIDE_EFFECTS__\u003c/code\u003e annotation before variable declarations declaring function expressions (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6272\"\u003e#6272\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6256\"\u003e#6256\u003c/a\u003e: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (\u003ca href=\"https://github.com/njg7194\"\u003e\u003ccode\u003e@​njg7194\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6259\"\u003e#6259\u003c/a\u003e: docs: Correct typo and improve sentence structure in docs for \u003ccode\u003eoutput.experimentalMinChunkSize\u003c/code\u003e (\u003ca href=\"https://github.com/millerick\"\u003e\u003ccode\u003e@​millerick\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6260\"\u003e#6260\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v47 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6261\"\u003e#6261\u003c/a\u003e: fix(deps): lock file maintenance minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6262\"\u003e#6262\u003c/a\u003e: Avoid unnecessary cloning of the code string (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6263\"\u003e#6263\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6265\"\u003e#6265\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6267\"\u003e#6267\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6268\"\u003e#6268\u003c/a\u003e: chore(deps): update dependency eslint-plugin-unicorn to v63 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6269\"\u003e#6269\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6270\"\u003e#6270\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6272\"\u003e#6272\u003c/a\u003e: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.57.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-01-30\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix heap corruption issue in Windows (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6251\"\u003e#6251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure exports of a dynamic import are fully included when called from a try...catch (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6254\"\u003e#6254\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6251\"\u003e#6251\u003c/a\u003e: fix: Isolate and cache \u003ccode\u003eprocess.report.getReport()\u003c/code\u003e calls in a child process for robust environment detection (\u003ca href=\"https://github.com/alan-agius4\"\u003e\u003ccode\u003e@​alan-agius4\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6252\"\u003e#6252\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6253\"\u003e#6253\u003c/a\u003e: chore(deps): lock file maintenance minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6254\"\u003e#6254\u003c/a\u003e: Fully include dynamic imports in a try-catch (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/ae846957f109690a866cc3e4c073613c338d3476\"\u003e\u003ccode\u003eae84695\u003c/code\u003e\u003c/a\u003e 4.59.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/b39616e9175b3d9fc3977c99153174c490805a93\"\u003e\u003ccode\u003eb39616e\u003c/code\u003e\u003c/a\u003e Update audit-resolve\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/c60770d7aaf750e512c1b2774989ea4596e660b2\"\u003e\u003ccode\u003ec60770d\u003c/code\u003e\u003c/a\u003e Validate bundle stays within output dir (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6275\"\u003e#6275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/33f39c1f205ea2eadaf4b589e493453e2baa3662\"\u003e\u003ccode\u003e33f39c1\u003c/code\u003e\u003c/a\u003e 4.58.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/b61c40803b717854c1c28937e8098e5ad3c7b8ca\"\u003e\u003ccode\u003eb61c408\u003c/code\u003e\u003c/a\u003e forward NO_SIDE_EFFECTS annotations to function expressions in variable decla...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/7f00689ec90e2cafb11c26eefbcac62343c936f6\"\u003e\u003ccode\u003e7f00689\u003c/code\u003e\u003c/a\u003e Extend agent instructions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/e7b2b85af0901244ecc141b9d792c6db6b527ea4\"\u003e\u003ccode\u003ee7b2b85\u003c/code\u003e\u003c/a\u003e chore(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6270\"\u003e#6270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/2aa5da9baf82211b8207d268c8751630cb766970\"\u003e\u003ccode\u003e2aa5da9\u003c/code\u003e\u003c/a\u003e fix(deps): update minor/patch updates (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6267\"\u003e#6267\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/4319837c5448d0c10d89e9ded118888deec2eeec\"\u003e\u003ccode\u003e4319837\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6269\"\u003e#6269\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/c3b6b4bdc4f2ed978fa233132a526957e6513233\"\u003e\u003ccode\u003ec3b6b4b\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency eslint-plugin-unicorn to v63 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6268\"\u003e#6268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rollup/rollup/compare/v4.22.5...v4.59.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for rollup since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `samlify` from 2.10.0 to 2.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tngan/samlify/releases\"\u003esamlify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e from 0.8.11 to 0.8.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/603\"\u003etngan/samlify#603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e from 0.8.12 to 0.8.13 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/605\"\u003etngan/samlify#605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump postcss from 8.5.6 to 8.5.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/606\"\u003etngan/samlify#606\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: reject promises with Error instances, not raw strings (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/581\"\u003e#581\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/607\"\u003etngan/samlify#607\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support simpleSign binding for logout request/response (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/584\"\u003e#584\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/608\"\u003etngan/samlify#608\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: correct the parseResult example in saml-response (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/518\"\u003e#518\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/609\"\u003etngan/samlify#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify that wantMessageSigned and signatureConfig are SP options (\u003ca href=\"https://redirect.github.com/tngan/samlify/issues/516\"\u003e#516\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/610\"\u003etngan/samlify#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRFC-0001: introduce .skills/ and mandatory SAML 2.0 spec citation workflow by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/611\"\u003etngan/samlify#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: per-request relayState for login + logout (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/163\"\u003e#163\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/612\"\u003etngan/samlify#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esec: 2026-04 audit — patch vite, fix XXE bypass, reject unknown sig algs by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/613\"\u003etngan/samlify#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: omit AuthnRequest attributes whose value is null/undefined (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/455\"\u003e#455\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/614\"\u003etngan/samlify#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pass SessionIndex through createLogoutRequest (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/470\"\u003e#470\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/615\"\u003etngan/samlify#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: throw a clear error when redirect binding has no SSO/SLO endpoint (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/308\"\u003e#308\u003c/a\u003e \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/405\"\u003e#405\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/617\"\u003etngan/samlify#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: surface SP/IdP signing flags in ERR_METADATA_CONFLICT_REQUEST_SIGNED_FLAG (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/453\"\u003e#453\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/616\"\u003etngan/samlify#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: default signatureConfig for SP when wantMessageSigned is true (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/454\"\u003e#454\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/619\"\u003etngan/samlify#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: per-request ForceAuthn for createLoginRequest (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/359\"\u003e#359\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/618\"\u003etngan/samlify#618\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support tagPrefix.protocol and tagPrefix.assertion on IdP (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/388\"\u003e#388\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/620\"\u003etngan/samlify#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: invoke customTagReplacement even without explicit template (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/549\"\u003e#549\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/621\"\u003etngan/samlify#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support elementsOrder option on IdP metadata (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/429\"\u003e#429\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/622\"\u003etngan/samlify#622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: support RSASSA-PSS signature algorithms (closes \u003ca href=\"https://redirect.github.com/tngan/samlify/issues/624\"\u003e#624\u003c/a\u003e) by \u003ca href=\"https://github.com/tngan\"\u003e\u003ccode\u003e@​tngan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tngan/samlify/pull/625\"\u003etngan/sa...\n\n_Description has been truncated_","html_url":"https://github.com/jeremiah9980/activepieces/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/jeremiah9980%2Factivepieces/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"8.17.1","new_version":"8.20.0","update_type":"minor","path":null,"pr_created_at":"2026-06-09T01:02:33.000Z","version_change":"8.17.1 → 8.20.0","issue":{"uuid":"4617834555","node_id":"PR_kwDOR0-1ec7kKPBF","number":7,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 12 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-09T01:02:33.000Z","updated_at":"2026-06-09T01:03:40.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":12,"packages":[{"name":"drizzle-orm","old_version":"0.45.1","new_version":"0.45.2","repository_url":"https://github.com/drizzle-team/drizzle-orm"},{"name":"fastify","old_version":"5.7.2","new_version":"5.8.5","repository_url":"https://github.com/fastify/fastify"},{"name":"uuid","old_version":"13.0.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"yaml","old_version":"2.8.2","new_version":"2.9.0","repository_url":"https://github.com/eemeli/yaml"},{"name":"vite","old_version":"7.3.1","new_version":"7.3.2","repository_url":"https://github.com/vitejs/vite"},{"name":"vitest","old_version":"3.2.4","new_version":"3.2.6","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"ajv","old_version":"8.17.1","new_version":"8.20.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"fast-uri","old_version":"3.1.0","new_version":"3.1.2","repository_url":"https://github.com/fastify/fast-uri"},{"name":"picomatch","old_version":"4.0.3","new_version":"4.0.4","repository_url":"https://github.com/micromatch/picomatch"},{"name":"react-router","old_version":"7.13.0","new_version":"7.17.0","repository_url":"https://github.com/remix-run/react-router"},{"name":"rollup","old_version":"4.56.0","new_version":"4.61.1","repository_url":"https://github.com/rollup/rollup"},{"name":"ws","old_version":"8.19.0","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 12 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [drizzle-orm](https://github.com/drizzle-team/drizzle-orm) | `0.45.1` | `0.45.2` |\n| [fastify](https://github.com/fastify/fastify) | `5.7.2` | `5.8.5` |\n| [uuid](https://github.com/uuidjs/uuid) | `13.0.0` | `14.0.0` |\n| [yaml](https://github.com/eemeli/yaml) | `2.8.2` | `2.9.0` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `7.3.1` | `7.3.2` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `3.2.4` | `3.2.6` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.17.1` | `8.20.0` |\n| [fast-uri](https://github.com/fastify/fast-uri) | `3.1.0` | `3.1.2` |\n| [picomatch](https://github.com/micromatch/picomatch) | `4.0.3` | `4.0.4` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `7.13.0` | `7.17.0` |\n| [rollup](https://github.com/rollup/rollup) | `4.56.0` | `4.61.1` |\n| [ws](https://github.com/websockets/ws) | `8.19.0` | `8.21.0` |\n\n\nUpdates `drizzle-orm` from 0.45.1 to 0.45.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/drizzle-team/drizzle-orm/releases\"\u003edrizzle-orm's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.45.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003esql.identifier()\u003c/code\u003e, \u003ccode\u003esql.as()\u003c/code\u003e escaping issues. Previously all the values passed to this functions were not properly escaped\ncausing a possible SQL Injection (CWE-89) vulnerability\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/EthanKim88\"\u003e\u003ccode\u003e@​EthanKim88\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/0x90sh\"\u003e\u003ccode\u003e@​0x90sh\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/wgoodall01\"\u003e\u003ccode\u003e@​wgoodall01\u003c/code\u003e\u003c/a\u003e for reaching out to us with a reproduction and suggested fix\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/273c78071d4841b497f5144734b38294df7ec64b\"\u003e\u003ccode\u003e273c780\u003c/code\u003e\u003c/a\u003e + 0.45.2 (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5534\"\u003e#5534\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/4aa6ecfee4b4728dadf6f77f071a149878a3c6c0\"\u003e\u003ccode\u003e4aa6ecf\u003c/code\u003e\u003c/a\u003e Kit updates (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5490\"\u003e#5490\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/drizzle-team/drizzle-orm/commit/e8e6edfef5ca69c6188d320388ad440265911057\"\u003e\u003ccode\u003ee8e6edf\u003c/code\u003e\u003c/a\u003e feat(drizzle-kit): support d1 via binding (\u003ca href=\"https://redirect.github.com/drizzle-team/drizzle-orm/issues/5302\"\u003e#5302\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/drizzle-team/drizzle-orm/compare/0.45.1...0.45.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.7.2 to 5.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.5\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-33806 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-247c-9743-5963\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: Fix port parsing by \u003ca href=\"https://github.com/jsumners\"\u003e\u003ccode\u003e@​jsumners\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6603\"\u003efastify/fastify#6603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade to typescript v6.0.2 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6605\"\u003efastify/fastify#6605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore trustProxy function for number and string types, add null check for socketAddr by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6613\"\u003efastify/fastify#6613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reduce cron scheduled workflows from daily/weekly to monthly by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6623\"\u003efastify/fastify#6623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6629\"\u003efastify/fastify#6629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6632\"\u003efastify/fastify#6632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump borp from 0.21.0 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6633\"\u003efastify/fastify#6633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6630\"\u003efastify/fastify#6630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e by \u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SonoTommy\"\u003e\u003ccode\u003e@​SonoTommy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6610\"\u003efastify/fastify#6610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.4...v5.8.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.4\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.3...v5.8.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.3\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eThis fixes CVE CVE-2026-3635 \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-444r-cwp2-x5xf\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(readme): add \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e to plugin team by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6565\"\u003efastify/fastify#6565\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated Plugins-Guide.md; Changed \u0026quot;fastify\u0026quot; to \u0026quot;instance\u0026quot; during plugin registration to showcase that it's added as a child by \u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: use fastify.test in test case by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6568\"\u003efastify/fastify#6568\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use fastify.example in documentation by \u003ca href=\"https://github.com/climba03003\"\u003e\u003ccode\u003e@​climba03003\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6567\"\u003efastify/fastify#6567\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add common performance degradation guidance by \u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(server): fix camelCase anchor links in TOC by \u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(link-checker): fix root-relative links resolution by \u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update syntax markdown, absolute paths and links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6569\"\u003efastify/fastify#6569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify content-type parser/schema mismatch is outside threat model by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6537\"\u003efastify/fastify#6537\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix incorrect code examples in Reply and Request reference by \u003ca href=\"https://github.com/mahmoodhamdi\"\u003e\u003ccode\u003e@​mahmoodhamdi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6582\"\u003efastify/fastify#6582\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: replace redirected npm.im http-errors link by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6588\"\u003efastify/fastify#6588\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: Allow port to be null in request type definition by \u003ca href=\"https://github.com/TristanBarlow\"\u003e\u003ccode\u003e@​TristanBarlow\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6589\"\u003efastify/fastify#6589\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update links by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6593\"\u003efastify/fastify#6593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(lock-threads): use shared lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6592\"\u003efastify/fastify#6592\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kyrylchenko\"\u003e\u003ccode\u003e@​kyrylchenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6566\"\u003efastify/fastify#6566\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maxpetrusenko\"\u003e\u003ccode\u003e@​maxpetrusenko\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6520\"\u003efastify/fastify#6520\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Deepvamja\"\u003e\u003ccode\u003e@​Deepvamja\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6530\"\u003efastify/fastify#6530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/barba-rossa\"\u003e\u003ccode\u003e@​barba-rossa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6535\"\u003efastify/fastify#6535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3983cce8124714242099e8756a7a9a80a0ba0aea\"\u003e\u003ccode\u003e3983cce\u003c/code\u003e\u003c/a\u003e Bumped v5.8.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3ce3ae6752dbed672759856081af9cb1e2733105\"\u003e\u003ccode\u003e3ce3ae6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/b06a196b694c0c7aed53976cd77456f1ad7d4c9f\"\u003e\u003ccode\u003eb06a196\u003c/code\u003e\u003c/a\u003e docs(ecosystem): add \u003ccode\u003e@​pompelmi/fastify-plugin\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6610\"\u003e#6610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/909c5d5329536b0acc004da7649b3da8af9273b2\"\u003e\u003ccode\u003e909c5d5\u003c/code\u003e\u003c/a\u003e chore: Bump actions/dependency-review-action from 4.8.3 to 4.9.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6630\"\u003e#6630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/4db21a36ddb588acaebf5a4472ccb3b0d5fc9db0\"\u003e\u003ccode\u003e4db21a3\u003c/code\u003e\u003c/a\u003e chore: Bump borp from 0.21.0 to 1.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6633\"\u003e#6633\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/0f4e544c8acd7c42df347936e613a73cecc4f3fe\"\u003e\u003ccode\u003e0f4e544\u003c/code\u003e\u003c/a\u003e chore: Bump markdownlint-cli2 from 0.21.0 to 0.22.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6632\"\u003e#6632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/33a2fcd39de584713495bf4b3bd864137746f224\"\u003e\u003ccode\u003e33a2fcd\u003c/code\u003e\u003c/a\u003e chore: Bump pnpm/action-setup from 4.2.0 to 5.0.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6629\"\u003e#6629\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/fd35d829a8cd496a3c1170c0c1c021130e3ca0e8\"\u003e\u003ccode\u003efd35d82\u003c/code\u003e\u003c/a\u003e ci: reduce cron schedules from daily/weekly to monthly (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6623\"\u003e#6623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/8dee9be05ebf683cd212aeff1d294f6ea1ec405c\"\u003e\u003ccode\u003e8dee9be\u003c/code\u003e\u003c/a\u003e fix: restore trustProxy function for number and string types, add null check ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/d457aeda8611777389c7e4713a288eb7ddb9a389\"\u003e\u003ccode\u003ed457aed\u003c/code\u003e\u003c/a\u003e chore: upgrade to typescript v6.0.2 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6605\"\u003e#6605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify/compare/v5.7.2...v5.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 13.0.0 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `yaml` from 2.8.2 to 2.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eemeli/yaml/releases\"\u003eyaml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.9.0\u003c/h2\u003e\n\u003cp\u003eThe changes here are really only patches, but I'm releasing this as a minor version to note a small change to the documentation of \u003ccode\u003eparseDocument()\u003c/code\u003e and \u003ccode\u003eparseAllDocuments()\u003c/code\u003e: I've removed the claim that they'll \u0026quot;never throw\u0026quot;.\u003c/p\u003e\n\u003cp\u003eIt remains the case that practically all non-malicious inputs will be handled without emitting an error, but there is a decent chance that code paths remain where e.g. a RangeError due to call stack exhaustion can be triggered by malicious inputs. Up to now, I've considered these as security vulnerabilities, and in fact it's the only category of error for which \u003ccode\u003eyaml\u003c/code\u003e CVEs have been issued so far.\u003c/p\u003e\n\u003cp\u003eStarting from this release, I'll be considering such errors as bugs, but not vulnerabilities. I do welcome people and/or LLMs looking for them, but please report them as normal issues rather than suspected security vulnerabilities. This also applies to previously undiscovered bugs in earlier releases.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: Avoid calling \u003ccode\u003eArray.prototype.push.apply()\u003c/code\u003e with large source array\u003c/li\u003e\n\u003cli\u003efix(lexer): Avoid recursive calls that may exhaust the call stack\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.8.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDisable alias resolution with \u003ccode\u003emaxAliasCount:0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle invalid unicode escapes (e1a1a77)\u003c/li\u003e\n\u003cli\u003eApply \u003ccode\u003eminFractionDigits\u003c/code\u003e only to decimal strings (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/676\"\u003e#676\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.8.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003etrailingComma\u003c/code\u003e ToString option for multiline flow formatting (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCatch stack overflow during node composition (1e84ebb)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/ddb21b04cb889722cec8f89dc1b67f19d62d7f7d\"\u003e\u003ccode\u003eddb21b0\u003c/code\u003e\u003c/a\u003e 2.9.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/167365befdae1f03d53d47a8c6533140a9d48a75\"\u003e\u003ccode\u003e167365b\u003c/code\u003e\u003c/a\u003e docs: Clarify that not all errors can be avoided\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/6eca2a7087548f86c4edb6a7cf2cdfe548759f06\"\u003e\u003ccode\u003e6eca2a7\u003c/code\u003e\u003c/a\u003e fix: Avoid calling Array.prototype.push.apply() with large source array\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/0543cd57fd61ea15a58e9f0ec2064b8b408177d8\"\u003e\u003ccode\u003e0543cd5\u003c/code\u003e\u003c/a\u003e fix(lexer): Avoid recursive calls that may exhaust the call stack\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/ccdf7439587544f64223429498a1d9ec514eaac1\"\u003e\u003ccode\u003eccdf743\u003c/code\u003e\u003c/a\u003e 2.8.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/f625789dbd971c936ff66fe5c49e368062ae7b41\"\u003e\u003ccode\u003ef625789\u003c/code\u003e\u003c/a\u003e fix: Disable alias resolution with maxAliasCount:0 (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/e1a1a7735ff2e9717b87af36795bcd280f85f55d\"\u003e\u003ccode\u003ee1a1a77\u003c/code\u003e\u003c/a\u003e fix: Handle invalid unicode escapes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/a163ea009c57ab9f1054ca39b24b6ef4c1e9fdbe\"\u003e\u003ccode\u003ea163ea0\u003c/code\u003e\u003c/a\u003e style: Satify Prettier\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/b2a5a6c615673056917aaa04d657802945e81425\"\u003e\u003ccode\u003eb2a5a6c\u003c/code\u003e\u003c/a\u003e fix: Apply minFractionDigits only to decimal strings (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/676\"\u003e#676\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eemeli/yaml/commit/93c951b3478b4bb061d7b5227fd64f46d3f9df7f\"\u003e\u003ccode\u003e93c951b\u003c/code\u003e\u003c/a\u003e chore: Bump JSR version to v2.8.3 (\u003ca href=\"https://redirect.github.com/eemeli/yaml/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eemeli/yaml/compare/v2.8.2...v2.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 7.3.1 to 7.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v7.3.1...v7.3.2\"\u003e7.3.2\u003c/a\u003e (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e09d8c90\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebackport \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22162\"\u003e#22162\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e19db0f2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echeck \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22160\"\u003e#22160\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003ef8103cc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cc383e07b66d4c5a9768fcb570e0af812cb8d999\"\u003e\u003ccode\u003ecc383e0\u003c/code\u003e\u003c/a\u003e release: v7.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7\"\u003e\u003ccode\u003e09d8c90\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6\"\u003e\u003ccode\u003ef8103cc\u003c/code\u003e\u003c/a\u003e fix: check \u003ccode\u003eserver.fs\u003c/code\u003e after stripping query as well (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22160\"\u003e#22160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1\"\u003e\u003ccode\u003e19db0f2\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e, apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22162\"\u003e#22162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vitejs/vite/commits/v7.3.2/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 3.2.4 to 3.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.6\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePin last supported vite-node version  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/16f120d05\"\u003e\u003c!-- raw HTML omitted --\u003e(16f12)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.5...v3.2.6\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev3.2.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Add \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e [backport to v3]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10445\"\u003evitest-dev/vitest#10445\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/af88b1f5d\"\u003e\u003c!-- raw HTML omitted --\u003e(af88b)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v3]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10456\"\u003evitest-dev/vitest#10456\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/385a1aefd\"\u003e\u003c!-- raw HTML omitted --\u003e(385a1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.4...v3.2.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/b6d56f8171ae814ee7571df63a35a0da5203dbaa\"\u003e\u003ccode\u003eb6d56f8\u003c/code\u003e\u003c/a\u003e chore: release v3.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/16f120d0585677f6a32bcb3dd01fa61c140e2588\"\u003e\u003ccode\u003e16f120d\u003c/code\u003e\u003c/a\u003e fix: pin last supported vite-node version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/2cbad0a923c48c6144266df3cd25f93547cb5221\"\u003e\u003ccode\u003e2cbad0a\u003c/code\u003e\u003c/a\u003e chore: release v3.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/385a1aefd4c2bfa5e7d58bf7c6834c929969f2c7\"\u003e\u003ccode\u003e385a1ae\u003c/code\u003e\u003c/a\u003e fix(browser): disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/af88b1f5d82844a4761ea9a977156c98e2b14ca8\"\u003e\u003ccode\u003eaf88b1f\u003c/code\u003e\u003c/a\u003e feat(api): add \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e [backport to v3]...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v3.2.6/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for vitest since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 8.17.1 to 8.20.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ajv-validator/ajv/releases\"\u003eajv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.20.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add support for node 22/24, drop node 16/21 by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2580\"\u003eajv-validator/ajv#2580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: add ES2022.RegExp for RegExpIndicesArray by \u003ca href=\"https://github.com/SignpostMarv\"\u003e\u003ccode\u003e@​SignpostMarv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2604\"\u003eajv-validator/ajv#2604\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.19.0...v8.20.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.19.0...v8.20.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix prototype pollution via format keyword using $data ref by \u003ca href=\"https://github.com/epoberezkin\"\u003e\u003ccode\u003e@​epoberezkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2607\"\u003eajv-validator/ajv#2607\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.18.0...v8.19.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.18.0...v8.19.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow tree-shaking by adding \u003ccode\u003e\u0026quot;sideEffects\u0026quot;: false\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e by \u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2487\"\u003eajv-validator/ajv#2487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: small grammatical error in managing-schemas.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: typos in schema-language.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2507\"\u003eajv-validator/ajv#2507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(pattern): use configured RegExp engine with $data keyword to mitigate ReDoS attacks (CVE-2025-69873) by \u003ca href=\"https://github.com/epoberezkin\"\u003e\u003ccode\u003e@​epoberezkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2586\"\u003eajv-validator/ajv#2586\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/0fba0b8e649909613cfce0999b149cd08f4a4987\"\u003e\u003ccode\u003e0fba0b8\u003c/code\u003e\u003c/a\u003e 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/9caf8d64409b05e2c670b3ff09cf7ca07937342e\"\u003e\u003ccode\u003e9caf8d6\u003c/code\u003e\u003c/a\u003e fix: add ES2022.RegExp for RegExpIndicesArray; fixes \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2603\"\u003eajv-validator/ajv#2603\u003c/a\u003e (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/206535071f776f57737394c8896d4b2dc2bfb9a3\"\u003e\u003ccode\u003e2065350\u003c/code\u003e\u003c/a\u003e fix: add support for node 22/24, drop node 16/21 (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2580\"\u003e#2580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/154b58d690c6596e09ca676e12720ab8234ee3d2\"\u003e\u003ccode\u003e154b58d\u003c/code\u003e\u003c/a\u003e 8.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e8d2bdc501b3ba6f03922db5e595770d4763d9da\"\u003e\u003ccode\u003ee8d2bdc\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2607\"\u003e#2607\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/142ce84b807c4fe66e619c22480a28d0e4bd50fa\"\u003e\u003ccode\u003e142ce84\u003c/code\u003e\u003c/a\u003e 8.18.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/720a23fa453ffae8340e92c9b0fe886c54cfe0d5\"\u003e\u003ccode\u003e720a23f\u003c/code\u003e\u003c/a\u003e fix(pattern): use configured RegExp engine with $data keyword to mitigate ReD...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/82735a15826a30cc51e97a1bbfb59b3d388e4b98\"\u003e\u003ccode\u003e82735a1\u003c/code\u003e\u003c/a\u003e fix: typos in schema-language.md (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2507\"\u003e#2507\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b17ec32cd97542e90ae27231d8a8bce88b9e53b6\"\u003e\u003ccode\u003eb17ec32\u003c/code\u003e\u003c/a\u003e fix: small grammatical error in managing-schemas.md (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2508\"\u003e#2508\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/69568d08564303e2c32a2de61feb833b41075f96\"\u003e\u003ccode\u003e69568d0\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-uri` from 3.1.0 to 3.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fast-uri/releases\"\u003efast-uri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.2\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc\"\u003ehttps://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHandle malformed fragment decoding as a parse error by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/171\"\u003efastify/fast-uri#171\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2\"\u003ehttps://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6\"\u003ehttps://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump tsd from 0.32.0 to 0.33.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/148\"\u003efastify/fast-uri#148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/149\"\u003efastify/fast-uri#149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(.npmrc): ignore scripts by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/150\"\u003efastify/fast-uri#150\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): remove \u003ccode\u003e@​fastify/pre-commit\u003c/code\u003e by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/151\"\u003efastify/fast-uri#151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/152\"\u003efastify/fast-uri#152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): add concurrency config by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/153\"\u003efastify/fast-uri#153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/154\"\u003efastify/fast-uri#154\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/156\"\u003efastify/fast-uri#156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/159\"\u003efastify/fast-uri#159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/161\"\u003efastify/fast-uri#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: remove unused github files by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/162\"\u003efastify/fast-uri#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update readme by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/164\"\u003efastify/fast-uri#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-manager.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/165\"\u003efastify/fast-uri#165\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/166\"\u003efastify/fast-uri#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/167\"\u003efastify/fast-uri#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/169\"\u003efastify/fast-uri#169\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/162\"\u003efastify/fast-uri#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.1\"\u003ehttps://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/919dd8ea7689fcc220d0d9b71307f5095e723ef9\"\u003e\u003ccode\u003e919dd8e\u003c/code\u003e\u003c/a\u003e Bumped v3.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/c65ba573714af6b8e19e481d9444c27bc4355d07\"\u003e\u003ccode\u003ec65ba57\u003c/code\u003e\u003c/a\u003e fixup: linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/6c86c17c3d76fb93aa3700ec6c0fa00faeb97293\"\u003e\u003ccode\u003e6c86c17\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/a95158ad308df4d92bbde4eba699ce5165e9f796\"\u003e\u003ccode\u003ea95158a\u003c/code\u003e\u003c/a\u003e Handle malformed fragment decoding without throwing (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/171\"\u003e#171\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/cea547c91c6aae610041b17b75792ca4aa035a6d\"\u003e\u003ccode\u003ecea547c\u003c/code\u003e\u003c/a\u003e Bumped v3.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/876ce79b662c3e5015e4e7dffe6f37752ad34f35\"\u003e\u003ccode\u003e876ce79\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/dcdf690b71a7bb3a19887ada65a9ab160d83bcc0\"\u003e\u003ccode\u003edcdf690\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/169\"\u003e#169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/c860e6589b1ac346f66e114b4eadb9613768108c\"\u003e\u003ccode\u003ec860e65\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/167\"\u003e#167\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/9b4c6dc82fde0ca44e674403ece9185d85bb6d5f\"\u003e\u003ccode\u003e9b4c6dc\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/166\"\u003e#166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/85d09a9f7aa76b32c2bb005a90a71e144c361d24\"\u003e\u003ccode\u003e85d09a9\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-mana...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 4.0.3 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.0.4\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\"\u003ehttps://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e5474fc1a4d7991870058170407dda8a42be5334\"\u003e\u003ccode\u003ee5474fc\u003c/code\u003e\u003c/a\u003e Publish 4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903\"\u003e\u003ccode\u003e4516eb5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d\"\u003e\u003ccode\u003e5eceecd\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/0db7dd70651ca7c8265601c0442a996ed32e3238\"\u003e\u003ccode\u003e0db7dd7\u003c/code\u003e\u003c/a\u003e Run benchmark again against latest minimatch version (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/161\"\u003e#161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/95003777eb1c60dec09495a8231fa2ba4054d76a\"\u003e\u003ccode\u003e9500377\u003c/code\u003e\u003c/a\u003e docs: clarify what brace expansion syntax is and isn't supported (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/2661f23eca86c8b4a2b14815b9b2b3b74bd5a171\"\u003e\u003ccode\u003e2661f23\u003c/code\u003e\u003c/a\u003e fix typo in globstars.js test name (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/138\"\u003e#138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/1798b07e9df59500b9cf567294d44d559032f4c7\"\u003e\u003ccode\u003e1798b07\u003c/code\u003e\u003c/a\u003e docs: fix \u003ccode\u003emakeRe\u003c/code\u003e example (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/9d76bc57a03b7f57cc4ca516c8071daf632bafd8\"\u003e\u003ccode\u003e9d76bc5\u003c/code\u003e\u003c/a\u003e chore: undocument removed options (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e4d718bbfb47e4f030ab2612b5b04a9297fe272d\"\u003e\u003ccode\u003ee4d718b\u003c/code\u003e\u003c/a\u003e Remove unused time-require (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/38dffeb16221cc8eb8981524fb6895dd2aaaba76\"\u003e\u003ccode\u003e38dffeb\u003c/code\u003e\u003c/a\u003e chore(deps): pin dependencies (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/158\"\u003e#158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-router` from 7.13.0 to 7.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/releases\"\u003ereact-router's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.17.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7170\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7170\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.16.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7160\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7160\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.15.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7151\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7151\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.15.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7150\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7150\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.14.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7142\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7142\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.14.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7141\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7141\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.14.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7140\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7140\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.13.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7132\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7132\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.13.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7131\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7131\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/blob/main/packages/react-router/CHANGELOG.md\"\u003ereact-router's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.17.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eShip a subset of the official documentation inside the \u003ccode\u003ereact-router\u003c/code\u003e package (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15121\"\u003e#15121\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eMarkdown docs are now available in \u003ccode\u003enode_modules/react-router/docs\u003c/code\u003e, letting AI coding agents and the React Router agent skills read official docs locally\u003c/li\u003e\n\u003cli\u003eExcludes auto-generated API docs (\u003ccode\u003eapi/\u003c/code\u003e), \u003ccode\u003ecommunity/\u003c/code\u003e content, and tutorials (\u003ccode\u003etutorials/\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.16.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStabilize \u003ccode\u003efuture.unstable_trailingSlashAwareDataRequests\u003c/code\u003e as \u003ccode\u003efuture.v8_trailingSlashAwareDataRequests\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15098\"\u003e#15098\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDisable manifest path when lazy route dicovery is disabled (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15068\"\u003e#15068\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix browser URL creation to use the configured history window instead of the global window. (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15066\"\u003e#15066\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePass the history/router window through to \u003ccode\u003ecreateBrowserURLImpl\u003c/code\u003e so custom window contexts keep the correct URL origin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix \u003ccode\u003euseNavigation()\u003c/code\u003e return type to preserve discriminated union across navigation states (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15095\"\u003e#15095\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eWiden \u003ccode\u003eMetaDescriptor\u003c/code\u003e \u003ccode\u003escript:ld+json\u003c/code\u003e type from \u003ccode\u003eLdJsonObject\u003c/code\u003e to \u003ccode\u003eLdJsonObject | LdJsonObject[]\u003c/code\u003e to permit multiple JSON-LD schemas in a single \u003ccode\u003e\u0026lt;script type=\u0026quot;application/ld+json\u0026quot;\u0026gt;\u003c/code\u003e tag emitted by \u003ccode\u003e\u0026lt;Meta /\u0026gt;\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15082\"\u003e#15082\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.15.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate router to operate on fetcher Maps in an immutable manner to avoid delayed React renders from potentially reading an updated but not yet committed Map. This could result in brief flickers in some fetcher-driven optimistic UI scenarios. (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15028\"\u003e#15028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eserverLoader()\u003c/code\u003e returning stale SSR data when a client navigation aborts pending hydration before the hydration \u003ccode\u003eclientLoader\u003c/code\u003e resolves (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15022\"\u003e#15022\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eRouterProvider\u003c/code\u003e \u003ccode\u003eonError\u003c/code\u003e callback not being called for synchronous initial loader errors in SPA mode (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15039\"\u003e#15039\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/14942\"\u003e#14942\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMemoize \u003ccode\u003euseFetchers\u003c/code\u003e to return a stable identity and only change if fetchers changed (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15028\"\u003e#15028\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInternal refactor to consolidate mutation request detection through shared utility (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15033\"\u003e#15033\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eUnstable Changes\u003c/h3\u003e\n\u003cp\u003e⚠️ \u003cem\u003e\u003ca href=\"https://reactrouter.com/community/api-development-strategy#unstable-flags\"\u003eUnstable features\u003c/a\u003e are not recommended for production use\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a new \u003ccode\u003eunstable_useRouterState()\u003c/code\u003e hook that consolidates access to active and pending router states (RFC: \u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/12358\"\u003e#12358\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15017\"\u003e#15017\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eData/Framework/RSC only — throws when used without a data router\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThis should allow you to consolidate usages of the following hooks which will likely be deprecated and removed in a future major version\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003euseLocation\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseSearchParams\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseParams\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseMatches\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseNavigationType\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003euseNavigation\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/195a0d03c1417127ccee73853058c8521beb4fce\"\u003e\u003ccode\u003e195a0d0\u003c/code\u003e\u003c/a\u003e Release v7.17.0 (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15145\"\u003e#15145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/963affeb924f2256bd20c0c5c87e4c4b4fcbd188\"\u003e\u003ccode\u003e963affe\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/97ef91d6f97e883d2d830fd1aef35ed3ae55e3a1\"\u003e\u003ccode\u003e97ef91d\u003c/code\u003e\u003c/a\u003e chore: format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/c509c160d4258961ca0156ec083e35f3cf2bf97e\"\u003e\u003ccode\u003ec509c16\u003c/code\u003e\u003c/a\u003e Publish React Router docs in package (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15121\"\u003e#15121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/508d667460a3efd4b937cb67ca79494ea78960c4\"\u003e\u003ccode\u003e508d667\u003c/code\u003e\u003c/a\u003e docs: fix documentation accuracy issues (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15128\"\u003e#15128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/4099277ed68056bf480a4e0988b5a3bc685538cd\"\u003e\u003ccode\u003e4099277\u003c/code\u003e\u003c/a\u003e chore: format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/582035467f34645521a2b272c3ec52906a495da4\"\u003e\u003ccode\u003e5820354\u003c/code\u003e\u003c/a\u003e chore: format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/8984d23f86ca7ae5655711744b77816090bda4e6\"\u003e\u003ccode\u003e8984d23\u003c/code\u003e\u003c/a\u003e Release v7.16.0 (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15105\"\u003e#15105\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/d71025d9b86854180c995cb36fd3d28f58c459bf\"\u003e\u003ccode\u003ed71025d\u003c/code\u003e\u003c/a\u003e Stabilize trailing slash aware data requests (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15098\"\u003e#15098\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/6e21b638e1e692eaf19a8ff98ec05d28d5b23c70\"\u003e\u003ccode\u003e6e21b63\u003c/code\u003e\u003c/a\u003e fix: keep useNavigation() return type a discriminated union (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15095\"\u003e#15095\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/remix-run/react-router/commits/react-router@7.17.0/packages/react-router\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `rollup` from 4.56.0 to 4.61.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/releases\"\u003erollup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.61.1\u003c/h2\u003e\n\u003ch2\u003e4.61.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-06-04\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid extraneous newlines when adding headers via plugins (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6403\"\u003e#6403\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a rare issue where starting Rollup would hang on Windows (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6404\"\u003e#6404\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6402\"\u003e#6402\u003c/a\u003e: Improve documentation for manualPureFunctions (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6403\"\u003e#6403\u003c/a\u003e: Does not add an extra leading line feed for addons (\u003ca href=\"https://github.com/TrickyPi\"\u003e\u003ccode\u003e@​TrickyPi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6404\"\u003e#6404\u003c/a\u003e: fix: set report.excludeNetwork=true before getReport() to avoid blocking PTR lookups (\u003ca href=\"https://github.com/jdz321\"\u003e\u003ccode\u003e@​jdz321\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.61.0\u003c/h2\u003e\n\u003ch2\u003e4.61.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-06-01\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSort entry modules to make chunk hashes deterministic (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6391\"\u003e#6391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6376\"\u003e#6376\u003c/a\u003e: Eliminate AWS credential exposure on fork PRs in REPL artefact workflow (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6378\"\u003e#6378\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6379\"\u003e#6379\u003c/a\u003e: chore(deps): update dependency lint-staged to v17 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6380\"\u003e#6380\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6381\"\u003e#6381\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6382\"\u003e#6382\u003c/a\u003e: chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to ^20.19.41 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6386\"\u003e#6386\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6387\"\u003e#6387\u003c/a\u003e: chore(deps): update aws-actions/configure-aws-credentials action to v6 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6388\"\u003e#6388\u003c/a\u003e: fix(deps): update swc monorepo (major) (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6389\"\u003e#6389\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6391\"\u003e#6391\u003c/a\u003e: Sort entry modules to make chunk hash names deterministic (\u003ca href=\"https://github.com/TrickyPi\"\u003e\u003ccode\u003e@​TrickyPi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6394\"\u003e#6394\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6395\"\u003e#6395\u003c/a\u003e: chore(deps): update react monorepo to v19 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6396\"\u003e#6396\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v57 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6397\"\u003e#6397\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6400\"\u003e#6400\u003c/a\u003e: docs: fix broken links (\u003ca href=\"https://github.com/jiyujie2006\"\u003e\u003ccode\u003e@​jiyujie2006\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.60.4\u003c/h2\u003e\n\u003ch2\u003e4.60.4\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-05-14\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/blob/master/CHANGELOG.md\"\u003erollup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.61.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-06-04\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid extraneous newlines when adding headers via plugins (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6403\"\u003e#6403\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a rare issue where starting Rollup would hang on Windows (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6404\"\u003e#6404\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6402\"\u003e#6402\u003c/a\u003e: Improve documentation for manualPureFunctions (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6403\"\u003e#6403\u003c/a\u003e: Does not add an extra leading line feed for addons (\u003ca href=\"https://github.com/TrickyPi\"\u003e\u003ccode\u003e@​TrickyPi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6404\"\u003e#6404\u003c/a\u003e: fix: set report.excludeNetwork=true before getReport() to avoid blocking PTR lookups (\u003ca href=\"https://github.com/jdz321\"\u003e\u003ccode\u003e@​jdz321\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.61.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-06-01\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSort entry modules to make chunk hashes deterministic (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6391\"\u003e#6391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6376\"\u003e#6376\u003c/a\u003e: Eliminate AWS credential exposure on fork PRs in REPL artefact workflow (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6378\"\u003e#6378\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6379\"\u003e#6379\u003c/a\u003e: chore(deps): update dependency lint-staged to v17 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6380\"\u003e#6380\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6381\"\u003e#6381\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6382\"\u003e#6382\u003c/a\u003e: chore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to ^20.19.41 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6386\"\u003e#6386\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6387\"\u003e#6387\u003c/a\u003e: chore(deps): update aws-actions/configure-aws-credentials action to v6 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6388\"\u003e#6388\u003c/a\u003e: fix(deps): update swc monorepo (major) (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6389\"\u003e#6389\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6391\"\u003e#6391\u003c/a\u003e: Sort entry modules to make chunk hash names deterministic (\u003ca href=\"https://github.com/TrickyPi\"\u003e\u003ccode\u003e@​TrickyPi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6394\"\u003e#6394\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6395\"\u003e#6395\u003c/a\u003e: chore(deps): update react monorepo to v19 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6396\"\u003e#6396\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v57 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6397\"\u003e#6397\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6400\"\u003e#6400\u003c/a\u003e: docs: fix broken links (\u003ca href=\"https://github.com/jiyujie2006\"\u003e\u003ccode\u003e@​jiyujie2006\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.60.4\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-05-14\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImprove stability of chunk hashes (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6362\"\u003e#6362\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/...\n\n_Description has been truncated_\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nBump backend and frontend dependencies to address recent security advisories and keep tooling current. Notable updates include `fastify` security fixes, safer SQL identifier escaping in `drizzle-orm`, and `uuid` v14 (Node 20+).\n\n- **Dependencies**\n  - Security: `fastify@5.8.5`, `fast-uri@3.1.2`, `picomatch@4.0.4`, `vite@7.3.2`.\n  - Backend: `drizzle-orm@0.45.2` (fixes identifier escaping), `uuid@14.0.0`, `yaml@2.9.0`, `ws@8.21.0`.\n  - Frontend: `react-router-dom@7.17.0` (and `react-router@7.17.0`).\n  - Tooling: `vitest@3.2.6`, `rollup@4.61.1`.\n\n- **Migration**\n  - Ensure Node 20+ in all environments due to `uuid@14` expecting global `crypto`.\n\n\u003csup\u003eWritten for commit fe1ed5f601f56ae36b7a11043f7af703d8e76d6c. Summary will update on new commits.\u003c/sup\u003e\n\n\u003ca href=\"https://cubic.dev/pr/Prekzursil/ralph-orchestrator/pull/7?utm_source=github\" target=\"_blank\" rel=\"noopener noreferrer\" data-no-image-dialog=\"true\"\u003e\u003cpicture\u003e\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-light.svg\"\u003e\u003cimg alt=\"Review in cubic\" src=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003c/picture\u003e\u003c/a\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n","html_url":"https://github.com/Prekzursil/ralph-orchestrator/pull/7","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Prekzursil%2Fralph-orchestrator/issues/7","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7/packages"}},{"old_version":"8.17.1","new_version":"8.18.0","update_type":"minor","path":null,"pr_created_at":"2026-06-08T23:42:18.000Z","version_change":"8.17.1 → 8.18.0","issue":{"uuid":"4617440918","node_id":"PR_kwDOP1uBys7kI8Na","number":10,"state":"open","title":"Bump the npm_and_yarn group across 2 directories with 13 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-08T23:42:18.000Z","updated_at":"2026-06-08T23:43:08.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":13,"packages":[{"name":"@react-router/node","old_version":"7.9.1","new_version":"7.9.4","repository_url":"https://github.com/remix-run/react-router"},{"name":"ajv","old_version":"8.17.1","new_version":"8.18.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"react-router","old_version":"7.9.1","new_version":"7.15.0","repository_url":"https://github.com/remix-run/react-router"},{"name":"smol-toml","old_version":"1.4.1","new_version":"1.6.1","repository_url":"https://github.com/squirrelchat/smol-toml"},{"name":"uuid","old_version":"11.1.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"playwright","old_version":"1.53.2","new_version":"1.55.1","repository_url":"https://github.com/microsoft/playwright"},{"name":"storybook","old_version":"9.1.1","new_version":"9.1.19","repository_url":"https://github.com/storybookjs/storybook"},{"name":"vite","old_version":"6.3.6","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"vitest","old_version":"3.2.4","new_version":"3.2.6","repository_url":"https://github.com/vitest-dev/vitest"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 9 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@react-router/node](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node) | `7.9.1` | `7.9.4` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.17.1` | `8.18.0` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `7.9.1` | `7.15.0` |\n| [smol-toml](https://github.com/squirrelchat/smol-toml) | `1.4.1` | `1.6.1` |\n| [uuid](https://github.com/uuidjs/uuid) | `11.1.0` | `14.0.0` |\n| [playwright](https://github.com/microsoft/playwright) | `1.53.2` | `1.55.1` |\n| [storybook](https://github.com/storybookjs/storybook/tree/HEAD/code/core) | `9.1.1` | `9.1.19` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.3.6` | `6.4.2` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `3.2.4` | `3.2.6` |\n\nBumps the npm_and_yarn group with 8 updates in the /ui directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@react-router/node](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node) | `7.5.0` | `7.9.4` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.17.1` | `8.18.0` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `7.5.2` | `7.15.0` |\n| [smol-toml](https://github.com/squirrelchat/smol-toml) | `1.3.1` | `1.6.1` |\n| [uuid](https://github.com/uuidjs/uuid) | `11.1.0` | `14.0.0` |\n| [playwright](https://github.com/microsoft/playwright) | `1.51.1` | `1.55.1` |\n| [storybook](https://github.com/storybookjs/storybook/tree/HEAD/code/core) | `8.6.12` | `8.6.17` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.2.7` | `6.4.2` |\n\n\nUpdates `@react-router/node` from 7.9.1 to 7.9.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/releases\"\u003e@​react-router/node's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.9.4\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v794\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v794\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.9.3\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v793\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v793\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.9.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v792\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v792\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/blob/main/packages/react-router-node/CHANGELOG.md\"\u003e@​react-router/node's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e7.9.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eValidate format of incoming session ids in \u003ccode\u003ecreateFileSessionStorage\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/14426\"\u003e#14426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ereact-router@7.9.4\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.9.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ereact-router@7.9.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.9.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ereact-router@7.9.2\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/e650acfa72280373471b329931f024d9445f2925\"\u003e\u003ccode\u003ee650acf\u003c/code\u003e\u003c/a\u003e chore: Update version for release (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node/issues/14431\"\u003e#14431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/7a2271e916e50427d726ac976b188c9e1aebc48c\"\u003e\u003ccode\u003e7a2271e\u003c/code\u003e\u003c/a\u003e chore: Update version for release (pre) (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node/issues/14427\"\u003e#14427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/6ff0bb35db54535b3436375784fd40225a3664c2\"\u003e\u003ccode\u003e6ff0bb3\u003c/code\u003e\u003c/a\u003e Add some validation for session IDs (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node/issues/14426\"\u003e#14426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/4ec4999206e18244e44d7f9fab65a0a2f56c969f\"\u003e\u003ccode\u003e4ec4999\u003c/code\u003e\u003c/a\u003e chore: format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/12a6719354315b0e6847475bd802098ccfe7d56a\"\u003e\u003ccode\u003e12a6719\u003c/code\u003e\u003c/a\u003e chore: Update version for release (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node/issues/14395\"\u003e#14395\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/b6c49ecb0a6a057fbdba0ecdf7e6e6fbc56911e4\"\u003e\u003ccode\u003eb6c49ec\u003c/code\u003e\u003c/a\u003e chore: Update version for release (pre) (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node/issues/14394\"\u003e#14394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/eebd2e8e133c2ff3ada78706ffd2f2a9e6bae9dc\"\u003e\u003ccode\u003eeebd2e8\u003c/code\u003e\u003c/a\u003e chore: format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/8d7ed4dd8a06384f560bcf57a0fa0b1dc4736916\"\u003e\u003ccode\u003e8d7ed4d\u003c/code\u003e\u003c/a\u003e chore: Update version for release (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node/issues/14386\"\u003e#14386\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/a3696320b6e6cd82aef43665b40113b3edc9cfe7\"\u003e\u003ccode\u003ea369632\u003c/code\u003e\u003c/a\u003e chore: Update version for release (pre) (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node/issues/14384\"\u003e#14384\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/f2298c3b4fb22f8b22e23ec73b2285ca3a27e5dd\"\u003e\u003ccode\u003ef2298c3\u003c/code\u003e\u003c/a\u003e chore: Update version for release (pre) (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node/issues/14375\"\u003e#14375\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/remix-run/react-router/commits/@react-router/node@7.9.4/packages/react-router-node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 8.17.1 to 8.18.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ajv-validator/ajv/releases\"\u003eajv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow tree-shaking by adding \u003ccode\u003e\u0026quot;sideEffects\u0026quot;: false\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e by \u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null by \u003ca href=\"https://github.com/jasoniangreen\"\u003e\u003ccode\u003e@​jasoniangreen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2487\"\u003eajv-validator/ajv#2487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: small grammatical error in managing-schemas.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: typos in schema-language.md by \u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2507\"\u003eajv-validator/ajv#2507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(pattern): use configured RegExp engine with $data keyword to mitigate ReDoS attacks (CVE-2025-69873) by \u003ca href=\"https://github.com/epoberezkin\"\u003e\u003ccode\u003e@​epoberezkin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2586\"\u003eajv-validator/ajv#2586\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/josdejong\"\u003e\u003ccode\u003e@​josdejong\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2480\"\u003eajv-validator/ajv#2480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/monteiro-renato\"\u003e\u003ccode\u003e@​monteiro-renato\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/pull/2508\"\u003eajv-validator/ajv#2508\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\"\u003ehttps://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/142ce84b807c4fe66e619c22480a28d0e4bd50fa\"\u003e\u003ccode\u003e142ce84\u003c/code\u003e\u003c/a\u003e 8.18.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/720a23fa453ffae8340e92c9b0fe886c54cfe0d5\"\u003e\u003ccode\u003e720a23f\u003c/code\u003e\u003c/a\u003e fix(pattern): use configured RegExp engine with $data keyword to mitigate ReD...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/82735a15826a30cc51e97a1bbfb59b3d388e4b98\"\u003e\u003ccode\u003e82735a1\u003c/code\u003e\u003c/a\u003e fix: typos in schema-language.md (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2507\"\u003e#2507\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b17ec32cd97542e90ae27231d8a8bce88b9e53b6\"\u003e\u003ccode\u003eb17ec32\u003c/code\u003e\u003c/a\u003e fix: small grammatical error in managing-schemas.md (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2508\"\u003e#2508\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/69568d08564303e2c32a2de61feb833b41075f96\"\u003e\u003ccode\u003e69568d0\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2482\"\u003e#2482\u003c/a\u003e Infinity and NaN serialise to null (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2487\"\u003e#2487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/f06766f33ed7291f84c19f22a1286a34475fbdaf\"\u003e\u003ccode\u003ef06766f\u003c/code\u003e\u003c/a\u003e feat: allow tree-shaking by adding ``\u0026quot;sideEffects\u0026quot;: false\u003ccode\u003eto\u003c/code\u003epackage.json` ...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-router` from 7.9.1 to 7.15.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/releases\"\u003ereact-router's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.15.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7150\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7150\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.14.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7142\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7142\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.14.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7141\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7141\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.14.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7140\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7140\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.13.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7132\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7132\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.13.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7131\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7131\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.13.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7130\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7130\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.12.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7120\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7120\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.11.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7110\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7110\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.10.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7101\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7101\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.10.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7100\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7100\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.9.6\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v796\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v796\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.9.5\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v795\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v795\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.9.4\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v794\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v794\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.9.3\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v793\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v793\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.9.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v792\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v792\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/blob/main/packages/react-router/CHANGELOG.md\"\u003ereact-router's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.15.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eStabilize \u003ccode\u003eunstable_defaultShouldRevalidate\u003c/code\u003e as \u003ccode\u003edefaultShouldRevalidate\u003c/code\u003e on \u003ccode\u003e\u0026lt;Link\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;Form\u0026gt;\u003c/code\u003e, \u003ccode\u003euseLinkClickHandler\u003c/code\u003e, \u003ccode\u003euseSubmit\u003c/code\u003e, \u003ccode\u003efetcher.submit\u003c/code\u003e, and \u003ccode\u003esetSearchParams\u003c/code\u003e (\u003ca href=\"https://github.com/remix-run/react-router/commit/a993f09\"\u003ea993f09\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eStabilize the instrumentation APIs. \u003ccode\u003eunstable_instrumentations\u003c/code\u003e is now \u003ccode\u003einstrumentations\u003c/code\u003e and \u003ccode\u003eunstable_pattern\u003c/code\u003e is now \u003ccode\u003epattern\u003c/code\u003e (\u003ca href=\"https://github.com/remix-run/react-router/commit/a993f09\"\u003ea993f09\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eunstable_ServerInstrumentation\u003c/code\u003e, \u003ccode\u003eunstable_ClientInstrumentation\u003c/code\u003e, \u003ccode\u003eunstable_InstrumentRequestHandlerFunction\u003c/code\u003e, \u003ccode\u003eunstable_InstrumentRouterFunction\u003c/code\u003e, \u003ccode\u003eunstable_InstrumentRouteFunction\u003c/code\u003e, and \u003ccode\u003eunstable_InstrumentationHandlerResult\u003c/code\u003e types have had their \u003ccode\u003eunstable_\u003c/code\u003e prefixes removed\u003c/li\u003e\n\u003cli\u003e⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eStabilize \u003ccode\u003eunstable_mask\u003c/code\u003e as \u003ccode\u003emask\u003c/code\u003e on \u003ccode\u003e\u0026lt;Link\u0026gt;\u003c/code\u003e, \u003ccode\u003euseLinkClickHandler\u003c/code\u003e, and \u003ccode\u003euseNavigate\u003c/code\u003e, and rename the corresponding \u003ccode\u003eLocation.unstable_mask\u003c/code\u003e field to \u003ccode\u003eLocation.mask\u003c/code\u003e (\u003ca href=\"https://github.com/remix-run/react-router/commit/a993f09\"\u003ea993f09\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eStabilize the \u003ccode\u003eunstable_normalizePath\u003c/code\u003e option on \u003ccode\u003estaticHandler.query\u003c/code\u003e and \u003ccode\u003estaticHandler.queryRoute\u003c/code\u003e as \u003ccode\u003enormalizePath\u003c/code\u003e (\u003ca href=\"https://github.com/remix-run/react-router/commit/a993f09\"\u003ea993f09\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eStabilize \u003ccode\u003efuture.unstable_passThroughRequests\u003c/code\u003e as \u003ccode\u003efuture.v8_passThroughRequests\u003c/code\u003e (\u003ca href=\"https://github.com/remix-run/react-router/commit/a993f09\"\u003ea993f09\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove \u003ccode\u003eunstable_subResourceIntegrity\u003c/code\u003e from the runtime \u003ccode\u003eFutureConfig\u003c/code\u003e type; the flag is now controlled by the top-level \u003ccode\u003esubResourceIntegrity\u003c/code\u003e option in \u003ccode\u003ereact-router.config.ts\u003c/code\u003e (\u003ca href=\"https://github.com/remix-run/react-router/commit/a993f09\"\u003ea993f09\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eStabilize \u003ccode\u003eunstable_url\u003c/code\u003e as \u003ccode\u003eurl\u003c/code\u003e on \u003ccode\u003eloader\u003c/code\u003e, \u003ccode\u003eaction\u003c/code\u003e, and \u003ccode\u003emiddleware\u003c/code\u003e function args (\u003ca href=\"https://github.com/remix-run/react-router/commit/a993f09\"\u003ea993f09\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eStabilize \u003ccode\u003eunstable_useTransitions\u003c/code\u003e as \u003ccode\u003euseTransitions\u003c/code\u003e on \u003ccode\u003e\u0026lt;BrowserRouter\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;HashRouter\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;HistoryRouter\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;MemoryRouter\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;Router\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;RouterProvider\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;HydratedRouter\u0026gt;\u003c/code\u003e, and \u003ccode\u003euseLinkClickHandler\u003c/code\u003e (\u003ca href=\"https://github.com/remix-run/react-router/commit/a993f09\"\u003ea993f09\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e⚠️ This is a breaking change if you have already opted into the unstable version - you will need to update your code accordingly\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003enonce\u003c/code\u003e to \u003ccode\u003e\u0026lt;Scripts\u0026gt;\u003c/code\u003e \u003ccode\u003e\u0026lt;link rel=\u0026quot;modulepreload\u0026quot;\u0026gt;\u003c/code\u003e elements (if provided) (\u003ca href=\"https://github.com/remix-run/react-router/commit/af5d49b\"\u003eaf5d49b\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix a bug with \u003ccode\u003eunstable_defaultShouldRevalidate={false}\u003c/code\u003e where parent routes that did not export a \u003ccode\u003eshouldRevalidate\u003c/code\u003e function could be incorrectly included in the single fetch call for new child route data (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/15012\"\u003e#15012\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove server-side route matching performance by pre-computing flattened/cached route branches (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/14967\"\u003e#14967\u003c/a\u003e) (\u003ca href=\"https://github.com/remix-run/react-router/commit/af5d49b\"\u003eaf5d49b\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePerformance benchmarks showed roughly a 10-15% improvement in server-side request handling performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eMark \u003ccode\u003emask\u003c/code\u003e as an optional field in \u003ccode\u003eLocation\u003c/code\u003e for easier mocking in unit tests (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/14999\"\u003e#14999\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCache flattened/ranked route branches to optimize server-side route matching (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/14967\"\u003e#14967\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprove route matching performance in Framework/Data Mode (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/14971\"\u003e#14971\u003c/a\u003e) (\u003ca href=\"https://github.com/remix-run/react-router/commit/af5d49b\"\u003eaf5d49b\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAvoiding unnecessary calls to \u003ccode\u003ematchRoutes\u003c/code\u003e in data router scenarios\n\u003cul\u003e\n\u003cli\u003eThis includes adding back the optimization that was removed in \u003ccode\u003e7.6.0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/13562\"\u003e#13562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eThe issues that prompted the revert have been addressed by using the available router \u003ccode\u003ematches\u003c/code\u003e but always updating \u003ccode\u003ematch.route\u003c/code\u003e to the latest route in the \u003ccode\u003emanifest\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eLeverage pre-computed pre-computing flattened/cached route branches during client side route matching\u003c/li\u003e\n\u003cli\u003ePerformance benchmarks showed roughly a 15-30% improvement in server-side request handling performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.14.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/97c8de79c38f107acd15f74d8295c7bf75894a5d\"\u003e\u003ccode\u003e97c8de7\u003c/code\u003e\u003c/a\u003e Release v7.15.0 (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15018\"\u003e#15018\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/af5d49b71c15fa502cb0918482597284e8cb39c4\"\u003e\u003ccode\u003eaf5d49b\u003c/code\u003e\u003c/a\u003e Update change files again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/a993f09533fa15bbf01ce734c8c7c116564cf4b7\"\u003e\u003ccode\u003ea993f09\u003c/code\u003e\u003c/a\u003e Update change files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/362635b8fdf020afdf697823ca71ba4c01b40e0d\"\u003e\u003ccode\u003e362635b\u003c/code\u003e\u003c/a\u003e Move chnageset to change file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/e756132b5bcae52b65c504bdac8cec406c746e62\"\u003e\u003ccode\u003ee756132\u003c/code\u003e\u003c/a\u003e chore: format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/49295b5c220b567cff9934ddf0199877663b552c\"\u003e\u003ccode\u003e49295b5\u003c/code\u003e\u003c/a\u003e Stabilize APIs (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14999\"\u003e#14999\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/5f61543c31c442271162b31ee9fe1499e170c68c\"\u003e\u003ccode\u003e5f61543\u003c/code\u003e\u003c/a\u003e Client-side route matching optimizations (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14971\"\u003e#14971\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/67518cb61054f1b3eede95dde95480aca962626d\"\u003e\u003ccode\u003e67518cb\u003c/code\u003e\u003c/a\u003e Remove unnecessary hasShouldRevalidate condition for opting out (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15012\"\u003e#15012\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/6f18edde6b5eac5f7028bfde885bbb8031025480\"\u003e\u003ccode\u003e6f18edd\u003c/code\u003e\u003c/a\u003e Add nonce to scripts \u003ccode\u003emodulepreload\u003c/code\u003e (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15002\"\u003e#15002\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/10a968671d94a1147d78e766cffae33c6d151162\"\u003e\u003ccode\u003e10a9686\u003c/code\u003e\u003c/a\u003e Migrate changeset to change file\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/remix-run/react-router/commits/react-router@7.15.0/packages/react-router\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for react-router since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `smol-toml` from 1.4.1 to 1.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/squirrelchat/smol-toml/releases\"\u003esmol-toml's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.6.1\u003c/h2\u003e\n\u003cp\u003eThis release addresses a minor security vulnerability where an attacker-controlled TOML document can exploit an unrestricted recustion and cause a stack overflow error with a document that contains thousands of sucessive commented lines. Security advisory: \u003ca href=\"https://github.com/advisories/GHSA-v3rj-xjv7-4jmq\"\u003eGHSA-v3rj-xjv7-4jmq\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.6.0\u003c/h2\u003e\n\u003cp\u003eAs of this version, smol-toml now supports the newly released TOML 1.1.0 specification!\u003c/p\u003e\n\u003ch2\u003eHighlights\u003c/h2\u003e\n\u003ch3\u003eMultiline inline tables\u003c/h3\u003e\n\u003cp\u003eTOML 1.1.0 now allows inline tables to have newlines, as well as trailing commas.\u003c/p\u003e\n\u003cpre lang=\"toml\"\u003e\u003ccode\u003edatabase = {\r\n  driver = \u0026quot;postgresql\u0026quot;,\r\n  server = {\r\n    host = \u0026quot;127.0.0.1\u0026quot;,\r\n    port = 3307,\r\n  },\r\n}\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eOmitting seconds in datetime and time\u003c/h3\u003e\n\u003cp\u003eTOML 1.1.0 renders the seconds component of time elements optional.\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003edatetime-tz = 1979-05-27 07:32Z\r\ndatetime = 2001-09-21 10:17\r\ntime = 13:37\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eNew string escapes\u003c/h3\u003e\n\u003cp\u003eStrings now support 2 additional escape sequences:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e\\xHH\u003c/code\u003e for code points between 0 and 255\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e\\e\u003c/code\u003e for the escape character (\u003ccode\u003eU+001B\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: toml 1.1 support by \u003ca href=\"https://github.com/cyyynthia\"\u003e\u003ccode\u003e@​cyyynthia\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/squirrelchat/smol-toml/pull/49\"\u003esquirrelchat/smol-toml#49\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/squirrelchat/smol-toml/compare/v1.5.2...v1.6.0\"\u003ehttps://github.com/squirrelchat/smol-toml/compare/v1.5.2...v1.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.2\u003c/h2\u003e\n\u003cp\u003eHot fix for v1.5.1... 🙃\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: properly stringify arrays of tables by \u003ca href=\"https://github.com/cyyynthia\"\u003e\u003ccode\u003e@​cyyynthia\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/squirrelchat/smol-toml/compare/v1.5.1...v1.5.2\"\u003ehttps://github.com/squirrelchat/smol-toml/compare/v1.5.1...v1.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.1\u003c/h2\u003e\n\u003cp\u003eSmol fix that makes newlines actually consistent when stringifying objects to TOML.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/072b64fd0094b1d7d3bb1a124d282828069a7aa0\"\u003e\u003ccode\u003e072b64f\u003c/code\u003e\u003c/a\u003e chore: version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/19a5dc74cb49f9fe809dd73c2b8934b4192b8393\"\u003e\u003ccode\u003e19a5dc7\u003c/code\u003e\u003c/a\u003e chore: upgrade dependencies and actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/f286f87778200504061a428b24d5e27ef5e1f360\"\u003e\u003ccode\u003ef286f87\u003c/code\u003e\u003c/a\u003e fix: don't use recursion in skipVoid\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/399c54527643c97bbd58931f452325ab32456180\"\u003e\u003ccode\u003e399c545\u003c/code\u003e\u003c/a\u003e chore: version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/06521caba8be8a7d67a7a9ed7f105134c2dce8b1\"\u003e\u003ccode\u003e06521ca\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/squirrelchat/smol-toml/issues/49\"\u003e#49\u003c/a\u003e from squirrelchat/toml-110\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/f3a68a76a4be2e4a0e9ed9add167b15591262ade\"\u003e\u003ccode\u003ef3a68a7\u003c/code\u003e\u003c/a\u003e fix: properly test \\e escape\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/9743a8645acef45711f87c0996a20051f262dbbd\"\u003e\u003ccode\u003e9743a86\u003c/code\u003e\u003c/a\u003e fix: properly run toml-test v2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/1ec5303d56b8735a2ddf15a07f2cba1c1b4aa2e2\"\u003e\u003ccode\u003e1ec5303\u003c/code\u003e\u003c/a\u003e docs: toml 1.1.0 in the readme\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/8bc0e2bc709e4c54b87db2ce534b4411e2217b63\"\u003e\u003ccode\u003e8bc0e2b\u003c/code\u003e\u003c/a\u003e chore: upgrade dependencies, actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/squirrelchat/smol-toml/commit/24618dbac52bd2ff7145b2206f24a1ef14791885\"\u003e\u003ccode\u003e24618db\u003c/code\u003e\u003c/a\u003e feat: allow omitting seconds in datetime and time values\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/squirrelchat/smol-toml/compare/v1.4.1...v1.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for smol-toml since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 11.1.0 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `playwright` from 1.53.2 to 1.55.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/microsoft/playwright/releases\"\u003eplaywright's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.55.1\u003c/h2\u003e\n\u003ch3\u003eHighlights\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37479\"\u003emicrosoft/playwright#37479\u003c/a\u003e - [Bug]: Upgrade Chromium to 140.0.7339.186.\n\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37147\"\u003emicrosoft/playwright#37147\u003c/a\u003e - [Regression]: Internal error: step id not found.\n\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37146\"\u003emicrosoft/playwright#37146\u003c/a\u003e - [Regression]: HTML reporter displays a broken chip link when there are no projects.\n\u003ca href=\"https://redirect.github.com/microsoft/playwright/pull/37137\"\u003emicrosoft/playwright#37137\u003c/a\u003e - Revert \u0026quot;fix(a11y): track inert elements as hidden\u0026quot;.\n\u003ca href=\"https://redirect.github.com/microsoft/playwright/pull/37532\"\u003emicrosoft/playwright#37532\u003c/a\u003e - chore: do not use -k option\u003c/p\u003e\n\u003ch2\u003eBrowser Versions\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChromium 140.0.7339.186\u003c/li\u003e\n\u003cli\u003eMozilla Firefox 141.0\u003c/li\u003e\n\u003cli\u003eWebKit 26.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis version was also tested against the following stable channels:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eGoogle Chrome 139\u003c/li\u003e\n\u003cli\u003eMicrosoft Edge 139\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.55.0\u003c/h2\u003e\n\u003ch2\u003eNew APIs\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew Property \u003ca href=\"https://playwright.dev/docs/api/class-teststepinfo#test-step-info-title-path\"\u003etestStepInfo.titlePath\u003c/a\u003e Returns the full title path starting from the test file, including test and step titles.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eCodegen\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAutomatic \u003ccode\u003etoBeVisible()\u003c/code\u003e assertions: Codegen can now generate automatic \u003ccode\u003etoBeVisible()\u003c/code\u003e assertions for common UI interactions. This feature can be enabled in the Codegen settings UI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e⚠️ Dropped support for Chromium extension manifest v2.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMiscellaneous\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Debian 13 \u0026quot;Trixie\u0026quot;.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBrowser Versions\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChromium 140.0.7339.16\u003c/li\u003e\n\u003cli\u003eMozilla Firefox 141.0\u003c/li\u003e\n\u003cli\u003eWebKit 26.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis version was also tested against the following stable channels:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eGoogle Chrome 139\u003c/li\u003e\n\u003cli\u003eMicrosoft Edge 139\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.54.2\u003c/h2\u003e\n\u003ch3\u003eHighlights\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/36714\"\u003emicrosoft/playwright#36714\u003c/a\u003e - [Regression]: Codegen is not able to launch in Administrator Terminal on Windows (ProtocolError: Protocol error)\n\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/36828\"\u003emicrosoft/playwright#36828\u003c/a\u003e - [Regression]: Playwright Codegen keeps spamming with selected option\n\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/36810\"\u003emicrosoft/playwright#36810\u003c/a\u003e - [Regression]: Starting Codegen with target language doesn't work anymore\u003c/p\u003e\n\u003ch2\u003eBrowser Versions\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/ae51df7a35888f663553ab4e9c45d6cb6335397f\"\u003e\u003ccode\u003eae51df7\u003c/code\u003e\u003c/a\u003e chore: mark v1.55.1 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37530\"\u003e#37530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/86dde294ce7fc9dd62d2f7ce5afd0c79cff50140\"\u003e\u003ccode\u003e86dde29\u003c/code\u003e\u003c/a\u003e feat(chromium): roll to r1193 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37529\"\u003e#37529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/86328bc9f43da2fe2b9aba2822c79f8b4c0c7f72\"\u003e\u003ccode\u003e86328bc\u003c/code\u003e\u003c/a\u003e chore: do not use -k option (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37532\"\u003e#37532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/63799ba68340fde11445d4f48c12515c28dcc92a\"\u003e\u003ccode\u003e63799ba\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37214\"\u003e#37214\u003c/a\u003e): docs: fix method names in release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/21e29a42ab090d7848a3c3255f05335ba0db424d\"\u003e\u003ccode\u003e21e29a4\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37153\"\u003e#37153\u003c/a\u003e): fix(html): don't display a chip with empty content with ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/ba62e6ab0d25f7415ffdf121e4e186aadb213be5\"\u003e\u003ccode\u003eba62e6a\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37149\"\u003e#37149\u003c/a\u003e): fix(test): attaching in boxed fixture\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/25bb073f2697c98995871d40828604b0836c29b7\"\u003e\u003ccode\u003e25bb073\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37137\"\u003e#37137\u003c/a\u003e): Revert \u0026quot;fix(a11y): track inert elements as hidden (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/36947\"\u003e#36947\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/f992162f04ae0b0b5a0f4b6114b894215be98995\"\u003e\u003ccode\u003ef992162\u003c/code\u003e\u003c/a\u003e chore: mark v1.55.0 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37121\"\u003e#37121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/4a92ea00253106c8bd4234b8d5be2e205d049012\"\u003e\u003ccode\u003e4a92ea0\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37113\"\u003e#37113\u003c/a\u003e): docs: add release-notes for v1.55\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/aa05507bbabc170abf7775bf0d3ddd2438dc384a\"\u003e\u003ccode\u003eaa05507\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37114\"\u003e#37114\u003c/a\u003e): test: move browser._launchServer in child process\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/playwright/compare/v1.53.2...v1.55.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `storybook` from 9.1.1 to 9.1.19\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/releases\"\u003estorybook's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.1.19\u003c/h2\u003e\n\u003ch2\u003e9.1.19\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHarden websocket connection\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.1.18\u003c/h2\u003e\n\u003ch2\u003e9.1.18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo-op release. No changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/blob/v9.1.19/CHANGELOG.md\"\u003estorybook's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e9.1.19\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHarden websocket connection\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.1.18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo-op release. No changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.1.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCLI: Fix Nextjs project creation in empty directories - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32828\"\u003e#32828\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yannbf\"\u003e\u003ccode\u003e@​yannbf\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Add \u003ccode\u003eexperimental_devServer\u003c/code\u003e preset - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32862\"\u003e#32862\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yannbf\"\u003e\u003ccode\u003e@​yannbf\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Fix preview-first-load event - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32859\"\u003e#32859\u003c/a\u003e, thanks \u003ca href=\"https://github.com/shilman\"\u003e\u003ccode\u003e@​shilman\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCore: Add \u003ccode\u003epreview-first-load\u003c/code\u003e telemetry - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32770\"\u003e#32770\u003c/a\u003e, thanks \u003ca href=\"https://github.com/shilman\"\u003e\u003ccode\u003e@​shilman\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eDependencies: Update \u003ccode\u003evite-plugin-storybook-nextjs\u003c/code\u003e - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32821\"\u003e#32821\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ndelangen\"\u003e\u003ccode\u003e@​ndelangen\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.1.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNextJS: Add NextJS 16 support - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32791\"\u003e#32791\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yannbf\"\u003e\u003ccode\u003e@​yannbf\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/ndelangen\"\u003e\u003ccode\u003e@​ndelangen\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eAddon-Vitest: Support Vitest 4 - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32819\"\u003e#32819\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yannbf\"\u003e\u003ccode\u003e@​yannbf\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/ndelangen\"\u003e\u003ccode\u003e@​ndelangen\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCSF: Fix \u003ccode\u003eplay-fn\u003c/code\u003e tag for methods - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32695\"\u003e#32695\u003c/a\u003e, thanks \u003ca href=\"https://github.com/shilman\"\u003e\u003ccode\u003e@​shilman\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.1.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNextjs: Fix config access for Vite - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32759\"\u003e#32759\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMaintenance: Hotfix for missing nextjs dts files, thanks \u003ca href=\"https://github.com/ndelangen\"\u003e\u003ccode\u003e@​ndelangen\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.1.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAutomigration: Improve the viewport/backgrounds automigration - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32619\"\u003e#32619\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eMocking: Fix \u003ccode\u003esb.mock\u003c/code\u003e usage in Storybook's deployed in subpaths - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32678\"\u003e#32678\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eNextJS-Vite: Automatically fix bad PostCSS configuration - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32691\"\u003e#32691\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ndelangen\"\u003e\u003ccode\u003e@​ndelangen\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact Native Web: Fix REACT_NATIVE_AND_RNW should detect vite builder - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32718\"\u003e#32718\u003c/a\u003e, thanks \u003ca href=\"https://github.com/dannyhw\"\u003e\u003ccode\u003e@​dannyhw\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add metadata for react routers - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32615\"\u003e#32615\u003c/a\u003e, thanks \u003ca href=\"https://github.com/shilman\"\u003e\u003ccode\u003e@​shilman\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.1.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAutomigrations: Add automigration for viewport and backgrounds - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/31614\"\u003e#31614\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Log userAgent in onboarding - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32566\"\u003e#32566\u003c/a\u003e, thanks \u003ca href=\"https://github.com/shilman\"\u003e\u003ccode\u003e@​shilman\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAngular: Enable experimental zoneless detection on Angular v21 - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32580\"\u003e#32580\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yannbf\"\u003e\u003ccode\u003e@​yannbf\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eSvelte: Ignore inherited \u003ccode\u003eHTMLAttributes\u003c/code\u003e docgen when using utility types - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/32173\"\u003e#32173\u003c/a\u003e, thanks \u003ca href=\"https://github.com/steciuk\"\u003e\u003ccode\u003e@​steciuk\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/20887f19d26d1f6e74712eeec4812f325031420b\"\u003e\u003ccode\u003e20887f1\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;9.1.18\u0026quot; to \u0026quot;9.1.19\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/66b2d8e30b1c235c198b8de0696755a13a72ceae\"\u003e\u003ccode\u003e66b2d8e\u003c/code\u003e\u003c/a\u003e Fix test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/31f16c4cd46f9435e1558204cdccb6bf6b880c7f\"\u003e\u003ccode\u003e31f16c4\u003c/code\u003e\u003c/a\u003e fix linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/62dd25b508d3b8cd771cfadcac9a9f41881c0e11\"\u003e\u003ccode\u003e62dd25b\u003c/code\u003e\u003c/a\u003e Core: Require token for websocket connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/bbe61e351b4b45cd17c7d8005e48e4cab60a0315\"\u003e\u003ccode\u003ebbe61e3\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;9.1.17\u0026quot; to \u0026quot;9.1.18\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/d0d5a3d645df3493ad935e321d1ef101679cfc2e\"\u003e\u003ccode\u003ed0d5a3d\u003c/code\u003e\u003c/a\u003e Bump version from 9.1.16 to 9.1.17 MANUALLY\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/a06c25727a7f7433a8c4bc05a422d47703bf6d6b\"\u003e\u003ccode\u003ea06c257\u003c/code\u003e\u003c/a\u003e filter env vars from .env files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/a54a04cef3ea631f2dacf3631f7f78e4453cd096\"\u003e\u003ccode\u003ea54a04c\u003c/code\u003e\u003c/a\u003e Bump version from \u0026quot;9.1.15\u0026quot; to \u0026quot;9.1.16\u0026quot; [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/ebd7ff59675c519bd50d81d005a69c921d943dbe\"\u003e\u003ccode\u003eebd7ff5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/storybookjs/storybook/tree/HEAD/code/core/issues/32859\"\u003e#32859\u003c/a\u003e from storybookjs/shilman/first-load-new-user\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/storybookjs/storybook/commit/da2da6e60cc28e89189268be88d3d39bc763050b\"\u003e\u003ccode\u003eda2da6e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://github.com/storybookjs/storybook/tree/HEAD/code/core/issues/32862\"\u003e#32862\u003c/a\u003e from storybookjs/yann/patch-dev-server-preset\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/storybookjs/storybook/commits/v9.1.19/code/core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for storybook since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 6.3.6 to 6.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.4.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.4.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.1/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.4.0\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.0/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.3.7\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.3.7/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.2 (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003efe28e47\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22163\"\u003e#22163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b\"\u003eca4da5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.1 (2025-10-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969\"\u003e#20969\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8\"\u003e1114b5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20968\"\u003e#20968\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20969\"\u003e#20969\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.4.0 (2025-10-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow passing down resolved config to vite's createServer (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932\"\u003e#20932\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a\"\u003eca6455e\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20932\"\u003e#20932\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.7 (2025-10-14)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940\"\u003e#20940\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff\"\u003ec59a222\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20940\"\u003e#20940\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/6b3fad02abd550bd7b79934ff92c58dbd7f33045\"\u003e\u003ccode\u003e6b3fad0\u003c/code\u003e\u003c/a\u003e release: v6.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b\"\u003e\u003ccode\u003eca4da5d\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003e\u003ccode\u003efe28e47\u003c/code\u003e\u003c/a\u003e fix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/5487f4f641f70c47ea05fd101a4319897df048b3\"\u003e\u003ccode\u003e5487f4f\u003c/code\u003e\u003c/a\u003e release: v6.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8\"\u003e\u003ccode\u003e1114b5d\u003c/code\u003e\u003c/a\u003e fix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969\"\u003e#20969\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f12697c0f64b9a37196b9ab218a0911829d5b103\"\u003e\u003ccode\u003ef12697c\u003c/code\u003e\u003c/a\u003e release: v6.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a\"\u003e\u003ccode\u003eca6455e\u003c/code\u003e\u003c/a\u003e feat: allow passing down resolved config to vite's createServer (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932\"\u003e#20932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/0e173d83681daa31be10fa8a62d56b1ec84690af\"\u003e\u003ccode\u003e0e173d8\u003c/code\u003e\u003c/a\u003e release: v6.3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff\"\u003e\u003ccode\u003ec59a222\u003c/code\u003e\u003c/a\u003e fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940\"\u003e#20940\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vitejs/vite/commits/v6.4.2/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vitest` from 3.2.4 to 3.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitest-dev/vitest/releases\"\u003evitest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.6\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePin last supported vite-node version  -  by \u003ca href=\"https://github.com/sheremet-va\"\u003e\u003ccode\u003e@​sheremet-va\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/16f120d05\"\u003e\u003c!-- raw HTML omitted --\u003e(16f12)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.5...v3.2.6\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev3.2.5\u003c/h2\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi\u003c/strong\u003e: Add \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e [backport to v3]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10445\"\u003evitest-dev/vitest#10445\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/af88b1f5d\"\u003e\u003c!-- raw HTML omitted --\u003e(af88b)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebrowser\u003c/strong\u003e: Disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [backport to v3]  -  by \u003ca href=\"https://github.com/hi-ogawa\"\u003e\u003ccode\u003e@​hi-ogawa\u003c/code\u003e\u003c/a\u003e and \u003cstrong\u003eCodex\u003c/strong\u003e in \u003ca href=\"https://redirect.github.com/vitest-dev/vitest/issues/10456\"\u003evitest-dev/vitest#10456\u003c/a\u003e \u003ca href=\"https://github.com/vitest-dev/vitest/commit/385a1aefd\"\u003e\u003c!-- raw HTML omitted --\u003e(385a1)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/vitest-dev/vitest/compare/v3.2.4...v3.2.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/b6d56f8171ae814ee7571df63a35a0da5203dbaa\"\u003e\u003ccode\u003eb6d56f8\u003c/code\u003e\u003c/a\u003e chore: release v3.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/16f120d0585677f6a32bcb3dd01fa61c140e2588\"\u003e\u003ccode\u003e16f120d\u003c/code\u003e\u003c/a\u003e fix: pin last supported vite-node version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/2cbad0a923c48c6144266df3cd25f93547cb5221\"\u003e\u003ccode\u003e2cbad0a\u003c/code\u003e\u003c/a\u003e chore: release v3.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/385a1aefd4c2bfa5e7d58bf7c6834c929969f2c7\"\u003e\u003ccode\u003e385a1ae\u003c/code\u003e\u003c/a\u003e fix(browser): disable client \u003ccode\u003ecdp\u003c/code\u003e API when \u003ccode\u003eallowWrite/allowExec: false\u003c/code\u003e [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitest-dev/vitest/commit/af88b1f5d82844a4761ea9a977156c98e2b14ca8\"\u003e\u003ccode\u003eaf88b1f\u003c/code\u003e\u003c/a\u003e feat(api): add \u003ccode\u003eallowWrite\u003c/code\u003e and \u003ccode\u003eallowExec\u003c/code\u003e options to \u003ccode\u003eapi\u003c/code\u003e [backport to v3]...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vitest-dev/vitest/commits/v3.2.6/packages/vitest\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for vitest since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-uri` from 3.0.6 to 3.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fast-uri/releases\"\u003efast-uri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.2\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc\"\u003ehttps://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHandle malformed fragment decoding as a parse error by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/171\"\u003efastify/fast-uri#171\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2\"\u003ehttps://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6\"\u003ehttps://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump tsd from 0.32.0 to 0.33.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/148\"\u003efastify/fast-uri#148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/149\"\u003efastify/fast-uri#149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(.npmrc): ignore scripts by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/150\"\u003efastify/fast-uri#150\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): remove \u003ccode\u003e@​fastify/pre-commit\u003c/code\u003e by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/151\"\u003efastify/fast-uri#151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/152\"\u003efastify/fast-uri#152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): add concurrency config by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/153\"\u003efastify/fast-uri#153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/154\"\u003efastify/fast-uri#154\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/156\"\u003efastify/fast-uri#156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/159\"\u003efastify/fast-uri#159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/161\"\u003efastify/fast-uri#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: remove unused github files by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/162\"\u003efastify/fast-uri#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update readme by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/164\"\u003efastify/fast-uri#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-manager.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/165\"\u003efastify/fast-uri#165\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/166\"\u003efastify/fast-uri#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/167\"\u003efastify/fast-uri#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/169\"\u003efastify/fast-uri#169\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/162\"\u003efastify/fast-uri#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.1\"\u003ehttps://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: remove master branch support by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/126\"\u003efastify/fast-uri#126\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(test) remove .gitkeep by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/128\"\u003efastify/fast-uri#128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): set job permissions by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/129\"\u003efastify/fast-uri#129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: set permissions at workflow level by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/131\"\u003efastify/fast-uri#131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: set workflow permissions to read-only by default by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/132\"\u003efastify/fast-uri#132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): restore job level permissions by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/133...\n\n_Description has been truncated_\n\n\u003c!-- Macroscope's pull request summary starts here --\u003e\n\u003c!-- Macroscope will only edit the content between these invisible markers, and the markers themselves will not be visible in the GitHub rendered markdown. --\u003e\n\u003c!-- If you delete either of the start / end markers from your PR's description, Macroscope will append its summary at the bottom of the description. --\u003e\n\u003e [!NOTE]\n\u003e ### Bump npm dependencies across UI and client packages\n\u003e - Updates `uuid` from v11 to v14, `react-router` from 7.9.1 to 7.15.0, `vite` from 6.3.6 to 6.4.2, and `storybook` from 9.1.1 to 8.6.17 in [ui/package.json](https://github.com/EmilynnJ/tensorzero/pull/10/files#diff-193b27d62e4fbda3d563009fed5ec6761a05f73558d94b39fab63ae948c679ea)\n\u003e - Updates `uuid` from v11 to v14 and `vitest` from 3.2.4 to 3.2.6 in [clients/openai-node/package.json](https://github.com/EmilynnJ/tensorzero/pull/10/files#diff-e7668efae45019cc9e9fc89c0126620404a287cd258a83b16b7c69262aa432f8)\n\u003e - Updates `vitest` to 3.2.6 in [internal/tensorzero-node/package.json](https://github.com/EmilynnJ/tensorzero/pull/10/files#diff-cea63d658e41abc37377244b4916418378269f3e1dd4e9117e5e77f4e01de914)\n\u003e - Risk: `uuid` v14 and `storybook` v8 are major version bumps that may include breaking API changes\n\u003e\n\u003e \u003c!-- Macroscope's review summary starts here --\u003e\n\u003e\n\u003e \u003csup\u003e\u003ca href=\"https://app.macroscope.com\"\u003eMacroscope\u003c/a\u003e summarized f2f0fd0.\u003c/sup\u003e\n\u003e \u003c!-- Macroscope's review summary ends here --\u003e\n\u003e\n\u003c!-- macroscope-ui-refresh --\u003e\n\u003c!-- Macroscope's pull request summary ends here --\u003e\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpgrade dependencies across the repo (root, `ui`, and node clients) to pull in security fixes and performance improvements, notably `react-router@7.15.0`, `vite@6.4.2`, `playwright@1.55.1`, and `uuid@14.0.0`.\n\n- **Dependencies**\n  - `react-router` → `7.15.0` and `@react-router/node` → `7.9.4` (route matching perf improvements; stabilizes previously `unstable_*` APIs)\n  - `vite` → `6.4.2` (security fixes in dev server and sourcemap handler)\n  - `playwright` → `1.55.1` (browser updates and bug fixes)\n  - `vitest` → `3.2.6` (pins supported `vite-node`)\n  - `ajv` → `8.18.0` (ReDoS mitigation)\n  - `smol-toml` → `1.6.1` (security fix; TOML 1.1 support)\n  - `uuid` → `14.0.0` (Node 20+ required; `crypto` expected to be global)\n  - Storybook bumped to latest patches (root: `9.1.19`; `ui`: `8.6.17`)\n  - Updated `clients/openai-node` and `internal/tensorzero-node` to `vitest@3.2.6` and `uuid@14.0.0`\n\n- **Migration**\n  - Ensure Node 20+ in local and CI due to `uuid@14`.\n  - If you’ve used React Router `unstable_*` APIs, rename to their stable equivalents (e.g., `unstable_mask` → `mask`, `unstable_defaultShouldRevalidate` → `defaultShouldRevalidate`).\n  - Reinstall and verify: `pnpm i` then run builds/tests; for UI E2E, run `pnpm playwright install`.\n\n\u003csup\u003eWritten for commit f2f0fd0bbe17096f4f5fed95f78c13fd873b25a2. Summary will update on new commits.\u003c/sup\u003e\n\n\u003ca href=\"https://cubic.dev/pr/EmilynnJ/tensorzero/pull/10?utm_source=github\" target=\"_blank\" rel=\"noopener noreferrer\" data-no-image-dialog=\"true\"\u003e\u003cpicture\u003e\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-light.svg\"\u003e\u003cimg alt=\"Review in cubic\" src=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003c/picture\u003e\u003c/a\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n","html_url":"https://github.com/EmilynnJ/tensorzero/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/EmilynnJ%2Ftensorzero/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"}},{"old_version":"6.12.6","new_version":"6.15.0","update_type":"minor","path":"/examples/mcp/mcp-servers/web-search","pr_created_at":"2026-06-08T18:34:58.000Z","version_change":"6.12.6 → 6.15.0","issue":{"uuid":"4615597992","node_id":"PR_kwDONtRNPM7kCwMY","number":59,"state":"closed","title":"ci(deps): bump ajv from 6.12.6 to 6.15.0 in /examples/mcp/mcp-servers/web-search","user":"dependabot[bot]","labels":["released","dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-08T18:40:16.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-08T18:34:58.000Z","updated_at":"2026-06-11T14:20:07.000Z","time_to_close":318,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"ci(deps)","packages":[{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"}],"path":"/examples/mcp/mcp-servers/web-search","ecosystem":"npm"},"body":"Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.12.6 to 6.15.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ajv\u0026package-manager=npm_and_yarn\u0026previous-version=6.12.6\u0026new-version=6.15.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/inference-gateway/typescript-sdk/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/inference-gateway/typescript-sdk/pull/59","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/inference-gateway%2Ftypescript-sdk/issues/59","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/59/packages"}}]}